@@ -32,6 +32,8 @@ extension ChallengeNameTypeBridge on ChallengeNameType {
32
32
AuthSignInStep .continueSignInWithTotpSetup,
33
33
ChallengeNameType .softwareTokenMfa =>
34
34
AuthSignInStep .confirmSignInWithTotpMfaCode,
35
+ // TODO(khatruong2009): confirm ChallengeNameType.emailMfa is added to SDK
36
+ ChallengeNameType .emailMfa => AuthSignInStep .confirmSignInWithEmailMfaCode,
35
37
ChallengeNameType .adminNoSrpAuth ||
36
38
ChallengeNameType .passwordVerifier ||
37
39
ChallengeNameType .devicePasswordVerifier ||
@@ -795,6 +797,7 @@ extension MfaSettings on CognitoIdentityProviderClient {
795
797
required String accessToken,
796
798
MfaPreference ? sms,
797
799
MfaPreference ? totp,
800
+ MfaPreference ? email,
798
801
}) async {
799
802
final UserMfaPreference (
800
803
enabled: currentEnabled,
@@ -811,6 +814,7 @@ extension MfaSettings on CognitoIdentityProviderClient {
811
814
final explicitlyDisabled = switch (mfaType) {
812
815
MfaType .sms => sms == MfaPreference .disabled,
813
816
MfaType .totp => totp == MfaPreference .disabled,
817
+ MfaType .email => email == MfaPreference .disabled,
814
818
};
815
819
if (explicitlyDisabled) {
816
820
return false ;
@@ -819,39 +823,50 @@ extension MfaSettings on CognitoIdentityProviderClient {
819
823
final requestingEnabled = switch (mfaType) {
820
824
MfaType .sms => enabledValues.contains (sms),
821
825
MfaType .totp => enabledValues.contains (totp),
826
+ MfaType .email => enabledValues.contains (email),
822
827
};
823
828
return currentlyEnabled || requestingEnabled;
824
829
}
825
830
826
- final preferred = switch ((currentPreference, sms: sms, totp: totp)) {
831
+ final preferred = switch ((currentPreference, sms: sms, totp: totp, email : email )) {
827
832
// Prevent an invalid choice.
828
- (_, sms: MfaPreference .preferred, totp: MfaPreference .preferred) =>
833
+ (_, sms: MfaPreference .preferred, totp: MfaPreference .preferred, email : MfaPreference .preferred ) =>
829
834
throw const InvalidParameterException (
830
- 'Cannot assign both SMS and TOTP as preferred' ,
835
+ 'Cannot assign multiple MFA methods as preferred' ,
831
836
),
832
837
833
838
// Setting one or the other as preferred overrides previous value.
834
- (_, sms: MfaPreference .preferred, totp: != MfaPreference .preferred) =>
839
+ (_, sms: MfaPreference .preferred, totp: != MfaPreference .preferred, email : != MfaPreference .preferred ) =>
835
840
MfaType .sms,
836
- (_, sms: != MfaPreference .preferred, totp: MfaPreference .preferred) =>
841
+ (_, sms: != MfaPreference .preferred, totp: MfaPreference .preferred, email : != MfaPreference .preferred ) =>
837
842
MfaType .totp,
843
+ (_, sms: != MfaPreference .preferred, totp: != MfaPreference .preferred, email: MfaPreference .preferred) =>
844
+ MfaType .email,
838
845
839
846
// Setting one or the other as disabled or not preferred removes current
840
847
// preference if it matches.
841
848
(
842
849
MfaType .sms,
843
850
sms: MfaPreference .notPreferred || MfaPreference .disabled,
844
851
totp: _,
852
+ email: _,
845
853
) ||
846
854
(
847
855
MfaType .totp,
848
856
sms: _,
849
857
totp: MfaPreference .notPreferred || MfaPreference .disabled,
858
+ email: _,
859
+ ) ||
860
+ (
861
+ MfaType .email,
862
+ sms: _,
863
+ totp: _,
864
+ email: MfaPreference .notPreferred || MfaPreference .disabled,
850
865
) =>
851
866
null ,
852
867
853
868
// Ignore preference changes which do not affect the current preference.
854
- (final currentPreference, sms: _, totp: _) => currentPreference,
869
+ (final currentPreference, sms: _, totp: _, email : _ ) => currentPreference,
855
870
};
856
871
final smsMfaSettings = SmsMfaSettingsType (
857
872
enabled: isEnabled (MfaType .sms),
@@ -861,6 +876,11 @@ extension MfaSettings on CognitoIdentityProviderClient {
861
876
enabled: isEnabled (MfaType .totp),
862
877
preferredMfa: preferred == MfaType .totp,
863
878
);
879
+ // TODO(khatruong2009): confirm EmailMfaSettingsType is added to SDK
880
+ final emailMfaSettings = EmailMfaSettingsType (
881
+ enabled: isEnabled (MfaType .email),
882
+ preferredMfa: preferred == MfaType .email,
883
+ );
864
884
await setUserMfaPreference (
865
885
SetUserMfaPreferenceRequest (
866
886
accessToken: accessToken,
@@ -876,6 +896,7 @@ extension on String {
876
896
MfaType get mfaType => switch (this ) {
877
897
'SOFTWARE_TOKEN_MFA' => MfaType .totp,
878
898
'SMS_MFA' => MfaType .sms,
899
+ 'EMAIL_MFA' => MfaType .email,
879
900
final invalidType => throw StateError ('Invalid MFA type: $invalidType ' ),
880
901
};
881
902
}
0 commit comments