chore: refactor setMfaSettings method to handle multiple mfa preferred scenarios

khatruong2009 · khatruong2009 · commit e69d96bb657c · 2024-09-24T19:30:59.000-07:00
diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/sdk_bridge.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/sdk_bridge.dart
@@ -794,123 +794,92 @@ extension MfaSettings on CognitoIdentityProviderClient {
 
   /// Sets the MFA settings for the user.
   Future<void> setMfaSettings({
-    required String accessToken,
-    MfaPreference? sms,
-    MfaPreference? totp,
-    MfaPreference? email,
-  }) async {
-    final UserMfaPreference(
-      enabled: currentEnabled,
-      preferred: currentPreference
-    ) = await _getRawUserSettings(
-      accessToken: accessToken,
-    );
-    const enabledValues = [
-      MfaPreference.enabled,
-      MfaPreference.notPreferred,
-      MfaPreference.preferred,
-    ];
-    bool isEnabled(MfaType mfaType) {
-      final explicitlyDisabled = switch (mfaType) {
-        MfaType.sms => sms == MfaPreference.disabled,
-        MfaType.totp => totp == MfaPreference.disabled,
-        MfaType.email => email == MfaPreference.disabled,
-      };
-      if (explicitlyDisabled) {
-        return false;
-      }
-      final currentlyEnabled = currentEnabled.contains(mfaType);
-      final requestingEnabled = switch (mfaType) {
-        MfaType.sms => enabledValues.contains(sms),
-        MfaType.totp => enabledValues.contains(totp),
-        MfaType.email => enabledValues.contains(email),
-      };
-      return currentlyEnabled || requestingEnabled;
+  required String accessToken,
+  MfaPreference? sms,
+  MfaPreference? totp,
+  MfaPreference? email,
+}) async {
+  final UserMfaPreference(
+    enabled: currentEnabled,
+    preferred: currentPreference
+  ) = await _getRawUserSettings(
+    accessToken: accessToken,
+  );
+
+  const enabledValues = [
+    MfaPreference.enabled,
+    MfaPreference.notPreferred,
+    MfaPreference.preferred,
+  ];
+
+  bool isEnabled(MfaType mfaType) {
+    final explicitlyDisabled = switch (mfaType) {
+      MfaType.sms => sms == MfaPreference.disabled,
+      MfaType.totp => totp == MfaPreference.disabled,
+      MfaType.email => email == MfaPreference.disabled,
+    };
+    if (explicitlyDisabled) {
+      return false;
     }
+    final currentlyEnabled = currentEnabled.contains(mfaType);
+    final requestingEnabled = switch (mfaType) {
+      MfaType.sms => enabledValues.contains(sms),
+      MfaType.totp => enabledValues.contains(totp),
+      MfaType.email => enabledValues.contains(email),
+    };
+    return currentlyEnabled || requestingEnabled;
+  }
 
-    final preferred =
-        switch ((currentPreference, sms: sms, totp: totp, email: email)) {
-      // Prevent an invalid choice.
-      (
-        _,
-        sms: MfaPreference.preferred,
-        totp: MfaPreference.preferred,
-        email: MfaPreference.preferred
-      ) =>
-        throw const InvalidParameterException(
-          'Cannot assign multiple MFA methods as preferred',
-        ),
+  // Count the number of MFA methods set to preferred
+  final preferredMethods = [
+    if (sms == MfaPreference.preferred) MfaType.sms,
+    if (totp == MfaPreference.preferred) MfaType.totp,
+    if (email == MfaPreference.preferred) MfaType.email,
+  ];
 
-      // Setting one or the other as preferred overrides previous value.
-      (
-        _,
-        sms: MfaPreference.preferred,
-        totp: != MfaPreference.preferred,
-        email: != MfaPreference.preferred
-      ) =>
-        MfaType.sms,
-      (
-        _,
-        sms: != MfaPreference.preferred,
-        totp: MfaPreference.preferred,
-        email: != MfaPreference.preferred
-      ) =>
-        MfaType.totp,
-      (
-        _,
-        sms: != MfaPreference.preferred,
-        totp: != MfaPreference.preferred,
-        email: MfaPreference.preferred
-      ) =>
-        MfaType.email,
-
-      // Setting one or the other as disabled or not preferred removes current
-      // preference if it matches.
-      (
-        MfaType.sms,
-        sms: MfaPreference.notPreferred || MfaPreference.disabled,
-        totp: _,
-        email: _,
-      ) ||
-      (
-        MfaType.totp,
-        sms: _,
-        totp: MfaPreference.notPreferred || MfaPreference.disabled,
-        email: _,
-      ) ||
-      (
-        MfaType.email,
-        sms: _,
-        totp: _,
-        email: MfaPreference.notPreferred || MfaPreference.disabled,
-      ) =>
-        null,
-
-      // Ignore preference changes which do not affect the current preference.
-      (final currentPreference, sms: _, totp: _, email: _) => currentPreference,
+  if (preferredMethods.length > 1) {
+    throw const InvalidParameterException(
+      'Cannot assign multiple MFA methods as preferred',
+    );
+  }
+
+  MfaType? preferred;
+  if (preferredMethods.isNotEmpty) {
+    preferred = preferredMethods.first;
+  } else {
+    // Check if the current preference needs to be removed
+    final isCurrentPreferenceDisabled = switch (currentPreference) {
+      MfaType.sms => sms == MfaPreference.disabled || sms == MfaPreference.notPreferred,
+      MfaType.totp => totp == MfaPreference.disabled || totp == MfaPreference.notPreferred,
+      MfaType.email => email == MfaPreference.disabled || email == MfaPreference.notPreferred,
+      _ => false,
     };
-    final smsMfaSettings = SmsMfaSettingsType(
-      enabled: isEnabled(MfaType.sms),
-      preferredMfa: preferred == MfaType.sms,
-    );
-    final softwareTokenSettings = SoftwareTokenMfaSettingsType(
-      enabled: isEnabled(MfaType.totp),
-      preferredMfa: preferred == MfaType.totp,
-    );
-    // TODO(khatruong2009): confirm EmailMfaSettingsType is added to SDK
-    final emailMfaSettings = EmailMfaSettingsType(
-      enabled: isEnabled(MfaType.email),
-      preferredMfa: preferred == MfaType.email,
-    );
-    await setUserMfaPreference(
-      SetUserMfaPreferenceRequest(
-        accessToken: accessToken,
-        smsMfaSettings: smsMfaSettings,
-        softwareTokenMfaSettings: softwareTokenSettings,
-        emailMfaSettings: emailMfaSettings,
-      ),
-    ).result;
+    preferred = isCurrentPreferenceDisabled ? null : currentPreference;
   }
+
+  final smsMfaSettings = SmsMfaSettingsType(
+    enabled: isEnabled(MfaType.sms),
+    preferredMfa: preferred == MfaType.sms,
+  );
+  final softwareTokenSettings = SoftwareTokenMfaSettingsType(
+    enabled: isEnabled(MfaType.totp),
+    preferredMfa: preferred == MfaType.totp,
+  );
+  final emailMfaSettings = EmailMfaSettingsType(
+    enabled: isEnabled(MfaType.email),
+    preferredMfa: preferred == MfaType.email,
+  );
+
+  await setUserMfaPreference(
+    SetUserMfaPreferenceRequest(
+      accessToken: accessToken,
+      smsMfaSettings: smsMfaSettings,
+      softwareTokenMfaSettings: softwareTokenSettings,
+      emailMfaSettings: emailMfaSettings,
+    ),
+  ).result;
+}
+
 }
 
 extension on String {
