From aa0163715c34368296f3f165311355c8c03e4856 Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 11:53:53 -0700
Subject: [PATCH 01/18] chore: addressed comments regarding removing split up
context between platforms, changing headers, removing unnecessary fragments
---
.../auth/common/device_features/common.mdx | 8 -----
.../lib-v1/auth/common/sms/flows.mdx | 2 +-
.../10_fetchAuthSession.mdx | 2 --
.../getting_started/70_configureBackend.mdx | 8 -----
.../flutter/signin_web_ui/10_cli_setup.mdx | 2 +-
.../access_credentials/common.mdx | 2 --
.../auth/native_common/signout/common.mdx | 36 +++----------------
7 files changed, 6 insertions(+), 54 deletions(-)
diff --git a/src/fragments/lib-v1/auth/common/device_features/common.mdx b/src/fragments/lib-v1/auth/common/device_features/common.mdx
index be89a7351b8..7cecf6a0179 100644
--- a/src/fragments/lib-v1/auth/common/device_features/common.mdx
+++ b/src/fragments/lib-v1/auth/common/device_features/common.mdx
@@ -1,21 +1,13 @@
-
-
-The [device tracking and remembering](https://aws.amazon.com/blogs/mobile/tracking-and-remembering-devices-using-amazon-cognito-your-user-pools/) features are currently not available within the library when using the federated OAuth flow with Cognito User Pools or Hosted UI.
-
-
-
Remembering a device is useful in conjunction with Multi-Factor Authentication (MFA). If MFA is enabled for an Amazon Cognito user pool, end users have to type in a security code received via e-mail or SMS each time they want to sign in. This increases security but comes at the expense of the user's experience.
Remembering a device allows the second factor requirement to be automatically met when the user signs in on that device, thereby reducing friction in the user experience.
## Configure Auth Category
-
Device remembering functionality does not work if you use one of the web UI
sign in methods.
-
To enable remembered device functionality, open the Cognito User Pool console. To do this, **go to your project directory** and **issue the command**:
diff --git a/src/fragments/lib-v1/auth/common/sms/flows.mdx b/src/fragments/lib-v1/auth/common/sms/flows.mdx
index d91a800a4c5..5d8ec4582c6 100644
--- a/src/fragments/lib-v1/auth/common/sms/flows.mdx
+++ b/src/fragments/lib-v1/auth/common/sms/flows.mdx
@@ -108,7 +108,7 @@ import all4 from "/src/fragments/lib-v1/auth/common/sms/update_verification.mdx"
-### SMS MFA
+### MFA
import all5 from "/src/fragments/lib-v1/auth/common/sms/update_mfa.mdx";
diff --git a/src/fragments/lib-v1/auth/flutter/access_credentials/10_fetchAuthSession.mdx b/src/fragments/lib-v1/auth/flutter/access_credentials/10_fetchAuthSession.mdx
index 34434da6f25..882afe49c7c 100644
--- a/src/fragments/lib-v1/auth/flutter/access_credentials/10_fetchAuthSession.mdx
+++ b/src/fragments/lib-v1/auth/flutter/access_credentials/10_fetchAuthSession.mdx
@@ -1,5 +1,3 @@
-However, if you need to access them in relation to working with an API outside Amplify or want access to AWS specific identifying information (e.g. IdentityId), you can access these implementation details by calling fetchAuthSession on the Cognito Auth Plugin. This will return a `CognitoAuthSession`, which has additional attributes compared to `AuthSession`, which is typically returned by fetchAuthSession. See the example below:
-
```dart
Future fetchAuthSession() async {
try {
diff --git a/src/fragments/lib-v1/auth/flutter/getting_started/70_configureBackend.mdx b/src/fragments/lib-v1/auth/flutter/getting_started/70_configureBackend.mdx
index cf7c8988832..c2c99e7707f 100644
--- a/src/fragments/lib-v1/auth/flutter/getting_started/70_configureBackend.mdx
+++ b/src/fragments/lib-v1/auth/flutter/getting_started/70_configureBackend.mdx
@@ -28,14 +28,6 @@ To push your changes to the cloud, **execute the command**:
amplify push
```
-import ios3 from '/src/fragments/lib/auth/ios/getting_started/12_amplifyConfig.mdx';
-
-
-
-import android4 from '/src/fragments/lib/auth/android/getting_started/12_amplifyConfig.mdx';
-
-
-
import flutter5 from '/src/fragments/lib/auth/flutter/getting_started/12_amplifyConfig.mdx';
diff --git a/src/fragments/lib-v1/auth/flutter/signin_web_ui/10_cli_setup.mdx b/src/fragments/lib-v1/auth/flutter/signin_web_ui/10_cli_setup.mdx
index 7611f0f2d31..d82b75a9ac0 100644
--- a/src/fragments/lib-v1/auth/flutter/signin_web_ui/10_cli_setup.mdx
+++ b/src/fragments/lib-v1/auth/flutter/signin_web_ui/10_cli_setup.mdx
@@ -20,7 +20,7 @@ In terminal, navigate to your project, run `amplify add auth` (or if you've alre
? Enter your redirect signout URI:
`myapp://`
? Do you want to add another redirect signout URI
- `No`
+ `Yes`
? Enter your redirect signout URI:
`http://localhost:3000/`
? Do you want to add another redirect signout URI
diff --git a/src/fragments/lib-v1/auth/native_common/access_credentials/common.mdx b/src/fragments/lib-v1/auth/native_common/access_credentials/common.mdx
index 8182803b1e9..dd5f85a26df 100644
--- a/src/fragments/lib-v1/auth/native_common/access_credentials/common.mdx
+++ b/src/fragments/lib-v1/auth/native_common/access_credentials/common.mdx
@@ -2,9 +2,7 @@ An intentional decision with Amplify Auth was to avoid any public methods exposi
With Auth, you simply sign in and it handles everything else needed to keep the credentials up to date and vend them to the other categories.
-
However, if you need to access them in relation to working with an API outside Amplify or want access to AWS specific identifying information (e.g. IdentityId), you can access these implementation details by casting the result of fetchAuthSession as follows:
-
import android0 from '/src/fragments/lib-v1/auth/android/access_credentials/10_fetchAuthSession.mdx';
diff --git a/src/fragments/lib-v1/auth/native_common/signout/common.mdx b/src/fragments/lib-v1/auth/native_common/signout/common.mdx
index f20aa7668f5..6c64e468271 100644
--- a/src/fragments/lib-v1/auth/native_common/signout/common.mdx
+++ b/src/fragments/lib-v1/auth/native_common/signout/common.mdx
@@ -1,10 +1,4 @@
-
Invoke the `signOut` api to sign out a user from the Auth category. You can only have one user signed in at a given time.
-
-
-
-Invoke the `signOut` api to sign out a user from the Auth category. You can only have one user signed in at a given time. Calling signOut without any options will delete the local cache and keychain of the user and revoke the token if enabled on Amazon Cognito User Pools. If you would like to sign out of all devices, invoke the signOut api with advanced options.
-
import android0 from '/src/fragments/lib-v1/auth/android/signout/10_local_signout.mdx';
@@ -18,35 +12,15 @@ import flutter2 from '/src/fragments/lib-v1/auth/flutter/signout/10_local_signou
-
Calling signOut without any options will just delete the local cache and keychain of the user. If you would like to sign out of all devices, invoke the signOut api with advanced options.
[Amazon Cognito now supports token revocation](https://aws.amazon.com/about-aws/whats-new/2021/06/amazon-cognito-now-supports-targeted-sign-out-through-refresh-token-revocation/) and the latest Amplify version will revoke Amazon Cognito tokens if the application is online. This means that the Cognito refresh token cannot be used anymore to generate new Access and Id Tokens.
-Access and Id Tokens are short-lived (60 minutes by default but can be set from 5 minutes to 1 day). After revocation, these tokens cannot be used with Cognito User Pools anymore. However, they are still valid when used with other services like AppSync or API Gateway.
-
-For limiting subsequent calls to these other services after invalidating tokens, we recommend lowering token expiration time for your app client in the Cognito User Pools console. If you are using the Amplify CLI this can be accessed by running `amplify console auth`.
-
-Token revocation is enabled automatically on new Amazon Cognito User Pools, however existing User Pools must enable this feature, [using the Cognito Console or AWS CLI](https://docs.aws.amazon.com/cognito/latest/developerguide/token-revocation.html).
-
-
-
-## Token Revocation
-
-[Amazon Cognito now supports token revocation](https://aws.amazon.com/about-aws/whats-new/2021/06/amazon-cognito-now-supports-targeted-sign-out-through-refresh-token-revocation/). This means that the Cognito refresh token cannot be used anymore to generate new Access and Id Tokens.
-
-Access and Id Tokens are short-lived (60 minutes by default but can be set from 5 minutes to 1 day). After revocation, these tokens cannot be used with Cognito User Pools anymore. However, they are still valid when used with other services like AppSync or API Gateway.
-
-For limiting subsequent calls to these other services after invalidating tokens, we recommend lowering token expiration time for your app client in the Cognito User Pools console. If you are using the Amplify CLI this can be accessed by running `amplify console auth`.
-
-Token revocation is enabled automatically on new Amazon Cognito User Pools, however existing User Pools must enable this feature, [using the Cognito Console or AWS CLI](https://docs.aws.amazon.com/cognito/latest/developerguide/token-revocation.html).
-
+Access and Id Tokens are short-lived (60 minutes by default but can be set from 5 minutes to 1 day). After revocation, these tokens cannot be used with Cognito user pool anymore. However, they are still valid when used with other services like AppSync or API Gateway.
-
-## Global Sign Out
+For limiting subsequent calls to these other services after invalidating tokens, we recommend lowering token expiration time for your app client in the Cognito user pool console. If you are using the Amplify CLI this can be accessed by running `amplify console auth`.
-Calling signout with `globalSignOut = true` will invalidate all the Cognito User Pool tokens of the signed in user. If the user is signed into a device, they won't be authorized to perform a task that requires a valid token when a global signout is called from some other device. They need to sign in again to get valid tokens.
-
+Token revocation is enabled automatically on new Amazon Cognito user pools, however existing user pools must enable this feature, [using the Cognito Console or AWS CLI](https://docs.aws.amazon.com/cognito/latest/developerguide/token-revocation.html).
import android3 from '/src/fragments/lib-v1/auth/android/signout/20_global_signout.mdx';
@@ -60,11 +34,9 @@ import flutter5 from '/src/fragments/lib-v1/auth/flutter/signout/20_global_signo
-
-Calling signout with `globalSignOut = true` will invalidate all the Cognito User Pool tokens of the signed in user. If the user is signed into a device, they won't be authorized to perform a task that requires a valid token when a global signout is called from some other device. They need to sign in again to get valid tokens.
+Calling signout with `globalSignOut = true` will invalidate all the Cognito user pool tokens of the signed in user. If the user is signed into a device, they won't be authorized to perform a task that requires a valid token when a global signout is called from some other device. They need to sign in again to get valid tokens.
Global signout functionality does not work if you use one of the web UI sign
in methods.
-
From f3645461c986b24eac2040e7688520e5a7c4e9dd Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 12:11:06 -0700
Subject: [PATCH 02/18] chore: remove customize authorization modes page from
gen1 prev
---
src/directory/directory.mjs | 3 --
.../customize-authorization-modes/index.mdx | 53 -------------------
.../customize-authz-modes/index.mdx | 1 +
3 files changed, 1 insertion(+), 56 deletions(-)
delete mode 100644 src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/customize-authorization-modes/index.mdx
diff --git a/src/directory/directory.mjs b/src/directory/directory.mjs
index 1cba4a93edf..d2c9274d31f 100644
--- a/src/directory/directory.mjs
+++ b/src/directory/directory.mjs
@@ -2233,9 +2233,6 @@ export const directory = {
{
path: 'src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/api-graphql-concepts/index.mdx'
},
- {
- path: 'src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/customize-authorization-modes/index.mdx'
- },
{
path: 'src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/customize-authz-modes/index.mdx'
},
diff --git a/src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/customize-authorization-modes/index.mdx b/src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/customize-authorization-modes/index.mdx
deleted file mode 100644
index da491867f15..00000000000
--- a/src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/customize-authorization-modes/index.mdx
+++ /dev/null
@@ -1,53 +0,0 @@
-import { getCustomStaticPath } from '@/utils/getCustomStaticPath';
-
-export const meta = {
- title: 'Configure authorization modes',
- description:
- "Learn more about how to configure authorization modes in Amplify's API category",
- platforms: ['flutter']
-};
-
-export const getStaticPaths = async () => {
- return getCustomStaticPath(meta.platforms);
-};
-
-export function getStaticProps(context) {
- return {
- props: {
- platform: context.params.platform,
- meta
- }
- };
-}
-
-import flutter_maintenance from '/src/fragments/lib-v1/flutter-maintenance.mdx';
-
-
-
-import ios0 from '/src/fragments/lib/graphqlapi/native_common/authz/common.mdx';
-
-
-
-import android1 from '/src/fragments/lib/graphqlapi/native_common/authz/common.mdx';
-
-
-
-import js2 from '/src/fragments/lib/graphqlapi/js/authz.mdx';
-
-
-
-import reactnative0 from '/src/fragments/lib/graphqlapi/js/authz.mdx';
-
-
-
-import flutter3 from '/src/fragments/lib-v1/graphqlapi/native_common/authz/common.mdx';
-
-
diff --git a/src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/customize-authz-modes/index.mdx b/src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/customize-authz-modes/index.mdx
index b395a0f5ca6..145cdc29265 100644
--- a/src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/customize-authz-modes/index.mdx
+++ b/src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/customize-authz-modes/index.mdx
@@ -8,6 +8,7 @@ export const meta = {
'react-native',
'swift',
'android',
+ 'flutter',
'angular',
'nextjs',
'react',
From df2221db597fe50349f846676111cfea109fd1b6 Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 12:15:32 -0700
Subject: [PATCH 03/18] chore: change advanced workflows title back to the
original
---
.../build-a-backend/graphqlapi/advanced-workflows/index.mdx | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/advanced-workflows/index.mdx b/src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/advanced-workflows/index.mdx
index 0c42691fa7f..a630ae0f945 100644
--- a/src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/advanced-workflows/index.mdx
+++ b/src/pages/gen1/[platform]/prev/build-a-backend/graphqlapi/advanced-workflows/index.mdx
@@ -1,7 +1,7 @@
import { getCustomStaticPath } from '@/utils/getCustomStaticPath';
export const meta = {
- title: 'Advanced Workflows',
+ title: 'Advanced workflows',
description: "Learn more about advanced workflows in Amplify's API category",
platforms: [
'flutter',
From dd9b56887957ab753a8568592e37f9a3b71e90a8 Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 12:32:11 -0700
Subject: [PATCH 04/18] chore: remove unnecessary inline filters between
platforms
---
src/fragments/lib-v1/graphqlapi/existing-resources.mdx | 9 ---------
1 file changed, 9 deletions(-)
diff --git a/src/fragments/lib-v1/graphqlapi/existing-resources.mdx b/src/fragments/lib-v1/graphqlapi/existing-resources.mdx
index ec626f0a5d4..6b0ac176068 100644
--- a/src/fragments/lib-v1/graphqlapi/existing-resources.mdx
+++ b/src/fragments/lib-v1/graphqlapi/existing-resources.mdx
@@ -18,18 +18,9 @@ Existing AWS AppSync resources can be used with the Amplify Libraries by referen
}
```
-
- **API NAME**: Friendly name for the API (e.g., _api_)
- **endpoint**: The HTTPS endpoint of the AWS AppSync API (e.g. `https://aaaaaaaaaaaaaaaaaaaaaaaaaa.appsync-api.us-east-1.amazonaws.com/graphql`). [Custom domain names](https://docs.aws.amazon.com/appsync/latest/devguide/custom-domain-name.html) can also be supplied here (e.g. `https://api.yourdomain.com/graphql`). Custom domain names can have any format, but must end with `/graphql` (see https://graphql.org/learn/serving-over-http/#uris-routes).
- **region**: AWS Region where the resources are provisioned (e.g. _us-east-1_)
- **authorizationType**: Authorization mode for accessing the API. This can be one of: `AMAZON_COGNITO_USER_POOLS`, `AWS_IAM`, `OPENID_CONNECT`, or `API_KEY`. Each mode requires additional configuration parameters. See [Configure authorization modes](/gen1/[platform]/prev/build-a-backend/graphqlapi/customize-authz-modes) for details.
-
-
-
-- **API NAME**: Friendly name for the API (e.g., _api_)
- - **endpoint**: The HTTPS endpoint of the AWS AppSync API (e.g. `https://aaaaaaaaaaaaaaaaaaaaaaaaaa.appsync-api.us-east-1.amazonaws.com/graphql`). [Custom domain names](https://docs.aws.amazon.com/appsync/latest/devguide/custom-domain-name.html) can also be supplied here (e.g. `https://api.yourdomain.com/graphql`). Custom domain names can have any format, but must end with `/graphql` (see https://graphql.org/learn/serving-over-http/#uris-routes).
- - **region**: AWS Region where the resources are provisioned (e.g. _us-east-1_)
- - **authorizationType**: Authorization mode for accessing the API. This can be one of: `AMAZON_COGNITO_USER_POOLS`, `AWS_IAM`, `OPENID_CONNECT`, or `API_KEY`. Each mode requires additional configuration parameters. See [Configure authorization modes](/gen1/[platform]/prev/build-a-backend/graphqlapi/customize-authorization-modes) for details.
-
Note that before you can add an AWS resource to your application, the application must have the Amplify libraries installed. If you need to perform this step, see [Install Amplify Libraries](/gen1/[platform]/prev/start/project-setup/create-application/#n2-install-amplify-libraries).
From d2e2f11b4600a997c26bf790d07962d7e3be82a7 Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 12:35:09 -0700
Subject: [PATCH 05/18] chore: update references in prev to lib-v1 i
---
src/fragments/lib-v1/graphqlapi/flutter/authz.mdx | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/fragments/lib-v1/graphqlapi/flutter/authz.mdx b/src/fragments/lib-v1/graphqlapi/flutter/authz.mdx
index f7e505dc2ba..4643acd1a8a 100644
--- a/src/fragments/lib-v1/graphqlapi/flutter/authz.mdx
+++ b/src/fragments/lib-v1/graphqlapi/flutter/authz.mdx
@@ -38,7 +38,7 @@ and under the `awsAPIPlugin`
```
-import flutter0 from "/src/fragments/lib/graphqlapi/flutter/authz/10_userpool.mdx";
+import flutter0 from "/src/fragments/lib-v1/graphqlapi/flutter/authz/10_userpool.mdx";
@@ -78,7 +78,7 @@ and under the `awsAPIPlugin`
#### OIDC
-import flutter1 from "/src/fragments/lib/graphqlapi/flutter/authz/20_oidc.mdx";
+import flutter1 from "/src/fragments/lib-v1/graphqlapi/flutter/authz/20_oidc.mdx";
@@ -108,7 +108,7 @@ The `friendly_name` illustrated here is created from Amplify CLI prompt. There a
"authorizationType": "API_KEY",
"apiKey": "[API_KEY]"
},
- "[FRIENDLY-NAME-API-WITH-IAM": {
+ "[FRIENDLY-NAME-API-WITH-IAM"]: {
"endpointType": "GraphQL",
"endpoint": "[GRAPHQL-ENDPOINT]",
"region": "[REGION]",
@@ -134,6 +134,6 @@ The `friendly_name` illustrated here is created from Amplify CLI prompt. There a
The `GRAPHQL-ENDPOINT` from AWS AppSync will look similar to `https://xyz.appsync-api.us-west-2.amazonaws.com/graphql`.
-import flutter2 from "/src/fragments/lib/graphqlapi/flutter/authz/30_multi.mdx";
+import flutter2 from "/src/fragments/lib-v1/graphqlapi/flutter/authz/30_multi.mdx";
From a6a2da404d904c523b2b78fdfd6cd8e43b5abd60 Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 12:45:23 -0700
Subject: [PATCH 06/18] chore: remove unnecessary inline filters and header
changes from advanced workflows v1
---
.../advanced-workflows/common.mdx | 18 +-----------------
1 file changed, 1 insertion(+), 17 deletions(-)
diff --git a/src/fragments/lib-v1/graphqlapi/native_common/advanced-workflows/common.mdx b/src/fragments/lib-v1/graphqlapi/native_common/advanced-workflows/common.mdx
index 34bec1704bf..ebb73108dd8 100644
--- a/src/fragments/lib-v1/graphqlapi/native_common/advanced-workflows/common.mdx
+++ b/src/fragments/lib-v1/graphqlapi/native_common/advanced-workflows/common.mdx
@@ -138,15 +138,9 @@ import flutter5 from '/src/fragments/lib-v1/graphqlapi/flutter/advanced-workflow
-## Combining multiple GraphQL operations in a single request
+## Combining Multiple Operations
-
When you want to perform more than one operation in a single request, you can place them within the same document. For example, to retrieve a Post and a Todo
-
-
-
-GraphQL allows you to run multiple GraphQL operations (queries/mutations) as part of a single network request from the client code. To perform multiple operations in a single request, you can place them within the same GraphQL document. For example, to retrieve a Post and a Todo:
-
import ios6 from '/src/fragments/lib-v1/graphqlapi/ios/advanced-workflows/40_multiple.mdx';
@@ -160,25 +154,15 @@ import flutter7 from '/src/fragments/lib-v1/graphqlapi/flutter/advanced-workflow
-
-
-
-Combining multiple GraphQL requests on the client-side is different than server-side transaction support. To run multiple transactions as a batch operation refer to the [Batch Put Custom Resolver](/gen1/[platform]/build-a-backend/graphqlapi/best-practice/batch-put-custom-resolver/) example.
-
-
-
-
## Adding Headers to Outgoing Requests
By default, the API plugin includes appropriate authorization headers on your outgoing requests. However, you may have an advanced use case where you wish to send additional request headers to AppSync.
-
If your API does not require any authorization or if you would like manipulate the request yourself, please refer to the [Set authorization mode to NONE](/gen1/[platform]/build-a-backend/graphqlapi/customize-authz-modes/#none)
-
import ios8 from '/src/fragments/lib-v1/graphqlapi/ios/advanced-workflows/50_interceptor.mdx';
From 5aef8e566200a5cbed6371a2612d51f9134e9b1c Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 12:49:39 -0700
Subject: [PATCH 07/18] chore: correct macOS format
---
.../analytics/flutter/getting-started/30_initAnalytics.mdx | 2 +-
.../analytics/flutter/getting-started/30_initAnalytics.mdx | 2 +-
src/fragments/lib/flutter.mdx | 2 +-
.../lib/geo/ios/device_tracking/10_tracking_options.mdx | 4 ++--
.../lib/project-setup/flutter/platform-setup/macos.mdx | 2 +-
.../add-aws-services/analytics/set-up-analytics/index.mdx | 2 +-
6 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/src/fragments/lib-v1/analytics/flutter/getting-started/30_initAnalytics.mdx b/src/fragments/lib-v1/analytics/flutter/getting-started/30_initAnalytics.mdx
index 282b63bbd91..62b1ed03765 100644
--- a/src/fragments/lib-v1/analytics/flutter/getting-started/30_initAnalytics.mdx
+++ b/src/fragments/lib-v1/analytics/flutter/getting-started/30_initAnalytics.mdx
@@ -18,7 +18,7 @@ Future _configureAmplify() async {
-When running your app on MacOS you will need to enable keychain sharing in Xcode, as described in the [Project setup guide](/gen1/[platform]/prev/start/project-setup/platform-setup/#enable-keychain).
+When running your app on macOS you will need to enable keychain sharing in Xcode, as described in the [Project setup guide](/gen1/[platform]/prev/start/project-setup/platform-setup/#enable-keychain).
diff --git a/src/fragments/lib/analytics/flutter/getting-started/30_initAnalytics.mdx b/src/fragments/lib/analytics/flutter/getting-started/30_initAnalytics.mdx
index 42ff7438720..5b4dfc96134 100644
--- a/src/fragments/lib/analytics/flutter/getting-started/30_initAnalytics.mdx
+++ b/src/fragments/lib/analytics/flutter/getting-started/30_initAnalytics.mdx
@@ -18,7 +18,7 @@ Future _configureAmplify() async {
-When running your app on MacOS you will need to enable keychain sharing in Xcode, as described in the [Project setup guide](/gen1/[platform]/start/project-setup/platform-setup/#enable-keychain).
+When running your app on macOS you will need to enable keychain sharing in Xcode, as described in the [Project setup guide](/gen1/[platform]/start/project-setup/platform-setup/#enable-keychain).
diff --git a/src/fragments/lib/flutter.mdx b/src/fragments/lib/flutter.mdx
index 7319007f8b2..0564e19914e 100644
--- a/src/fragments/lib/flutter.mdx
+++ b/src/fragments/lib/flutter.mdx
@@ -2,7 +2,7 @@
Welcome to the Amplify Flutter documentation. To stay up to date with the latest changes and provide feedback, please take a look at our [GitHub repo](https://github.com/aws-amplify/amplify-flutter) or join us on [Discord](https://discord.gg/jWVbPfC).
-The stable release of Amplify Flutter currently supports iOS, Android, Web, Windows, MacOS, and Linux as target platforms. Currently Push Notifications and DataStore are supported for only iOS and Android.
+The stable release of Amplify Flutter currently supports iOS, Android, Web, Windows, macOS, and Linux as target platforms. Currently Push Notifications and DataStore are supported for only iOS and Android.
Get Started
diff --git a/src/fragments/lib/geo/ios/device_tracking/10_tracking_options.mdx b/src/fragments/lib/geo/ios/device_tracking/10_tracking_options.mdx
index 1afdf8b12ce..2e1a0ed6fbd 100644
--- a/src/fragments/lib/geo/ios/device_tracking/10_tracking_options.mdx
+++ b/src/fragments/lib/geo/ios/device_tracking/10_tracking_options.mdx
@@ -6,9 +6,9 @@
**`allowsBackgroundLocationUpdates`** | `false` | If true, location updates will be received from the OS when the app is in the background.
**`pausesLocationUpdatesAutomatically`** | `true` | If true, allow the OS to pause location updates to optimize battery usages.
**`activityType`** | `.automotive-` `Navigation` | If `pausesLocationUpdatesAutomatically` is true, the OS will decide appropriate times to pause location updates to improve battery life based on the `activityType`.
-**`showsBackgroundLocationIndicator`** | `false` | If true and `requestAlwaysAuthorization` is true, the background location indicator is displayed and visible to the users. This option is not supported on MacOS.
+**`showsBackgroundLocationIndicator`** | `false` | If true and `requestAlwaysAuthorization` is true, the background location indicator is displayed and visible to the users. This option is not supported on macOS.
**`disregardLocationUpdatesWhenOffline`** | `false` | If true, the app will not store location updates when the app is offline. This is false by default; Amplify will store location updates locally due to loss of network connectivity and send location updates when app is online.
**`wakeAppForSignificantLocationChanges`** | `false` | If true, the app will be woken up by significant location updates after an app has been force closed. In order to take advantage of this, you'll need to call `Amplify.Geo.startTracking()` in your apps launch lifecycle method. (e.g. `didFinishedLoading`)
**`distanceFilter`** | `0` | If set, the minimum distance in meters at which the OS will update the app with a new location.
**`trackUntil`** | `.distantFuture` | If set, the app will stop tracking when date is reached. By default, tracking will continue until user logOut or `stopTracking()` is called.
-**`batchingOptions`** | `.none` | Custom defined behavior to send location updates in batches based on a specified threshold.
\ No newline at end of file
+**`batchingOptions`** | `.none` | Custom defined behavior to send location updates in batches based on a specified threshold.
diff --git a/src/fragments/lib/project-setup/flutter/platform-setup/macos.mdx b/src/fragments/lib/project-setup/flutter/platform-setup/macos.mdx
index 7656a345740..2e02deac857 100644
--- a/src/fragments/lib/project-setup/flutter/platform-setup/macos.mdx
+++ b/src/fragments/lib/project-setup/flutter/platform-setup/macos.mdx
@@ -14,7 +14,7 @@ Open your project in Xcode and select Runner, Targets -> Runner and then the "Ge
Select Runner, Project -> Runner and then the "Info" tab. Update "macOS Deployment Target" to 10.15 or higher.
-
+
### Enable Network Calls
diff --git a/src/pages/[platform]/build-a-backend/add-aws-services/analytics/set-up-analytics/index.mdx b/src/pages/[platform]/build-a-backend/add-aws-services/analytics/set-up-analytics/index.mdx
index 78130859cd0..a50de0854cf 100644
--- a/src/pages/[platform]/build-a-backend/add-aws-services/analytics/set-up-analytics/index.mdx
+++ b/src/pages/[platform]/build-a-backend/add-aws-services/analytics/set-up-analytics/index.mdx
@@ -297,7 +297,7 @@ Future _configureAmplify() async {
-When running your app on MacOS you will need to enable keychain sharing in Xcode, as described in the [Project setup guide](/gen1/[platform]/start/project-setup/platform-setup/#enable-keychain).
+When running your app on macOS you will need to enable keychain sharing in Xcode, as described in the [Project setup guide](/gen1/[platform]/start/project-setup/platform-setup/#enable-keychain).
From 0d787f855065f2160c72e982cec45589deb9ab38 Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 13:26:19 -0700
Subject: [PATCH 08/18] chore: fix forget device wording
---
.../lib-v1/auth/flutter/device_features/20_forgetDevice.mdx | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/fragments/lib-v1/auth/flutter/device_features/20_forgetDevice.mdx b/src/fragments/lib-v1/auth/flutter/device_features/20_forgetDevice.mdx
index be260d1d20f..253fb2c1ed4 100644
--- a/src/fragments/lib-v1/auth/flutter/device_features/20_forgetDevice.mdx
+++ b/src/fragments/lib-v1/auth/flutter/device_features/20_forgetDevice.mdx
@@ -18,9 +18,9 @@ Future forgetCurrentDevice() async {
```dart
// A device that was fetched via Amplify.Auth.fetchDevices()
-Future forgetSpecificDevice(AuthDevice myDevice) async {
+Future forgetSpecificDevice(AuthDevice registeredDevice) async {
try {
- await Amplify.Auth.forgetDevice(myDevice);
+ await Amplify.Auth.forgetDevice(registeredDevice);
safePrint('Forget device succeeded');
} on AuthException catch (e) {
safePrint('Forget device failed with error: $e');
From 1cbfc1d586e00396bbaccc4da8efb8a1bcd08eb5 Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 13:39:14 -0700
Subject: [PATCH 09/18] chore: remove unnecessary header change in auth flows
---
src/fragments/lib-v1/auth/common/sms/flows.mdx | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/fragments/lib-v1/auth/common/sms/flows.mdx b/src/fragments/lib-v1/auth/common/sms/flows.mdx
index 5d8ec4582c6..7e35bf24ecf 100644
--- a/src/fragments/lib-v1/auth/common/sms/flows.mdx
+++ b/src/fragments/lib-v1/auth/common/sms/flows.mdx
@@ -84,7 +84,7 @@ import all1 from "/src/fragments/lib-v1/auth/common/sms/add_verification.mdx";
-### SMS MFA
+### MFA
import all2 from "/src/fragments/lib-v1/auth/common/sms/add_mfa.mdx";
From c7f8d7f936bc4d95be1a11e5593198c91fe2958f Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 13:48:14 -0700
Subject: [PATCH 10/18] chore: fix html being used instead of markdown. Also
change type inference to statically typed isSignedIn variable
---
.../flutter/signin_web_ui/20_platform_specific_setup.mdx | 8 ++++----
.../auth/flutter/signin_with_custom_flow/30_signin.mdx | 2 +-
.../flutter/signin_web_ui/20_platform_specific_setup.mdx | 8 ++++----
3 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/src/fragments/lib-v1/auth/flutter/signin_web_ui/20_platform_specific_setup.mdx b/src/fragments/lib-v1/auth/flutter/signin_web_ui/20_platform_specific_setup.mdx
index 8a9b656f5db..5ad4064fde8 100644
--- a/src/fragments/lib-v1/auth/flutter/signin_web_ui/20_platform_specific_setup.mdx
+++ b/src/fragments/lib-v1/auth/flutter/signin_web_ui/20_platform_specific_setup.mdx
@@ -4,11 +4,11 @@ Sign-in with web UI will display the sign-in UI inside a webview. After the sign
## Platform Setup
-Web
+### Web
To use Hosted UI in your Flutter web application locally, you must run the app with the `--web-port=3000` argument (with the value being whichever port you assigned to localhost host when configuring your redirect URIs).
-Android
+### Android
Add the following `queries` element to the `AndroidManifest.xml` file in your app's `android/app/src/main` directory, as well as the following `intent-filter` to the `MainActivity` in the same file.
@@ -36,12 +36,12 @@ Replace `myapp` with your redirect URI scheme as necessary:
```
-macOS
+### macOS
Open XCode and enable the App Sandbox capability and then select "Incoming Connections (Server)" under "Network".
-iOS, Windows and Linux
+### iOS, Windows and Linux
No specific platform configuration is required.
diff --git a/src/fragments/lib-v1/auth/flutter/signin_with_custom_flow/30_signin.mdx b/src/fragments/lib-v1/auth/flutter/signin_with_custom_flow/30_signin.mdx
index fa336a21b6d..46a9d82aad3 100644
--- a/src/fragments/lib-v1/auth/flutter/signin_with_custom_flow/30_signin.mdx
+++ b/src/fragments/lib-v1/auth/flutter/signin_with_custom_flow/30_signin.mdx
@@ -1,6 +1,6 @@
```dart
// Create state variables for the sign in status
-var isSignedIn = false;
+bool isSignedIn = false;
String? challengeHint;
Future signInCustomFlow(String username) async {
diff --git a/src/fragments/lib/auth/flutter/signin_web_ui/20_platform_specific_setup.mdx b/src/fragments/lib/auth/flutter/signin_web_ui/20_platform_specific_setup.mdx
index 8a9b656f5db..5ad4064fde8 100644
--- a/src/fragments/lib/auth/flutter/signin_web_ui/20_platform_specific_setup.mdx
+++ b/src/fragments/lib/auth/flutter/signin_web_ui/20_platform_specific_setup.mdx
@@ -4,11 +4,11 @@ Sign-in with web UI will display the sign-in UI inside a webview. After the sign
## Platform Setup
-Web
+### Web
To use Hosted UI in your Flutter web application locally, you must run the app with the `--web-port=3000` argument (with the value being whichever port you assigned to localhost host when configuring your redirect URIs).
-Android
+### Android
Add the following `queries` element to the `AndroidManifest.xml` file in your app's `android/app/src/main` directory, as well as the following `intent-filter` to the `MainActivity` in the same file.
@@ -36,12 +36,12 @@ Replace `myapp` with your redirect URI scheme as necessary:
```
-macOS
+### macOS
Open XCode and enable the App Sandbox capability and then select "Incoming Connections (Server)" under "Network".
-iOS, Windows and Linux
+### iOS, Windows and Linux
No specific platform configuration is required.
From 832263a6316cd53f377c439c95079a2f0f506247 Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 14:16:56 -0700
Subject: [PATCH 11/18] chore: remove inline filter for appsync limit callout
---
src/fragments/lib-v1/datastore/native_common/real-time.mdx | 2 --
1 file changed, 2 deletions(-)
diff --git a/src/fragments/lib-v1/datastore/native_common/real-time.mdx b/src/fragments/lib-v1/datastore/native_common/real-time.mdx
index 26112dbea33..6cb54ebba04 100644
--- a/src/fragments/lib-v1/datastore/native_common/real-time.mdx
+++ b/src/fragments/lib-v1/datastore/native_common/real-time.mdx
@@ -2,7 +2,6 @@
You can subscribe to changes on your Models. This reacts dynamically to updates of data to the underlying Storage Engine, which could be the result of GraphQL Subscriptions as well as Queries or Mutations that run against the backing AppSync API if you are synchronizing with the cloud.
-
**NOTE:** AWS AppSync has an [adjustable limit of 100 subscriptions per connection](https://docs.aws.amazon.com/general/latest/gr/appsync.html). DataStore automatically subscribes to create, update, and delete mutations for all models.
@@ -12,7 +11,6 @@ This means that GraphQL APIs with DataStore enabled are limited to 33 models and
However, You can [request a service limit increase](https://console.aws.amazon.com/servicequotas/home/services/appsync/quotas/L-AA33EB36) from AWS AppSync to meet the real-time requirements of your application.
-
import js0 from '/src/fragments/lib-v1/datastore/js/real-time/observe-snippet.mdx';
From 5cfcc81fbe1fe9d7faa73641c6511adc66c96a34 Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 14:25:42 -0700
Subject: [PATCH 12/18] chore: change v1 references from lib to lib-v1
---
src/fragments/lib-v1/graphqlapi/flutter/authz/21_oidc.mdx | 2 +-
src/fragments/lib-v1/graphqlapi/flutter/authz/22_lambda.mdx | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/fragments/lib-v1/graphqlapi/flutter/authz/21_oidc.mdx b/src/fragments/lib-v1/graphqlapi/flutter/authz/21_oidc.mdx
index 03dc4ca4b17..9576869702b 100644
--- a/src/fragments/lib-v1/graphqlapi/flutter/authz/21_oidc.mdx
+++ b/src/fragments/lib-v1/graphqlapi/flutter/authz/21_oidc.mdx
@@ -15,6 +15,6 @@ class CustomOIDCProvider extends OIDCAuthProvider {
}
```
-import warning from "/src/fragments/lib/graphqlapi/flutter/authz/2X_add_plugin.mdx";
+import warning from "/src/fragments/lib-v1/graphqlapi/flutter/authz/2X_add_plugin.mdx";
diff --git a/src/fragments/lib-v1/graphqlapi/flutter/authz/22_lambda.mdx b/src/fragments/lib-v1/graphqlapi/flutter/authz/22_lambda.mdx
index cedc5024efe..6e5f0094abd 100644
--- a/src/fragments/lib-v1/graphqlapi/flutter/authz/22_lambda.mdx
+++ b/src/fragments/lib-v1/graphqlapi/flutter/authz/22_lambda.mdx
@@ -9,6 +9,6 @@ class CustomFunctionProvider extends FunctionAuthProvider {
}
```
-import warning from "/src/fragments/lib/graphqlapi/flutter/authz/2X_add_plugin.mdx";
+import warning from "/src/fragments/lib-v1/graphqlapi/flutter/authz/2X_add_plugin.mdx";
From f63b43d2242df913d8844b74fe098858ac95b1dc Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 14:28:11 -0700
Subject: [PATCH 13/18] chore: remove unnecessary inline filter
---
.../lib-v1/graphqlapi/native_common/getting-started/common.mdx | 2 --
1 file changed, 2 deletions(-)
diff --git a/src/fragments/lib-v1/graphqlapi/native_common/getting-started/common.mdx b/src/fragments/lib-v1/graphqlapi/native_common/getting-started/common.mdx
index 5ced147f81d..5af5112b801 100644
--- a/src/fragments/lib-v1/graphqlapi/native_common/getting-started/common.mdx
+++ b/src/fragments/lib-v1/graphqlapi/native_common/getting-started/common.mdx
@@ -141,8 +141,6 @@ Congratulations! You've created a `Todo` object in your database. Check out the
- [Update data](/gen1/[platform]/prev/build-a-backend/graphqlapi/mutate-data/)
- [Subscribe to data](/gen1/[platform]/prev/build-a-backend/graphqlapi/subscribe-data/)
- [Concepts](/gen1/[platform]/prev/build-a-backend/graphqlapi/api-graphql-concepts/)
-
- [Configure authorization modes](/gen1/[platform]/prev/build-a-backend/graphqlapi/customize-authz-modes)
-
{/* TODO: * [Authorizing API calls with Cognito User Pool] */}
From 1302b9fe6e710a2f4478b77a88634be7264b872f Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 14:29:39 -0700
Subject: [PATCH 14/18] chore: print to safePrint
---
src/fragments/lib-v1/restapi/flutter/delete.mdx | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/fragments/lib-v1/restapi/flutter/delete.mdx b/src/fragments/lib-v1/restapi/flutter/delete.mdx
index cb77bc8e9c1..98061be5ff8 100644
--- a/src/fragments/lib-v1/restapi/flutter/delete.mdx
+++ b/src/fragments/lib-v1/restapi/flutter/delete.mdx
@@ -5,9 +5,9 @@ Future deleteTodo() async {
try {
final restOperation = Amplify.API.delete('todo/1');
final response = await restOperation.response;
- print('DELETE call succeeded: ${response.decodeBody()}');
+ safePrint('DELETE call succeeded: ${response.decodeBody()}');
} on ApiException catch (e) {
- print('DELETE call failed: $e');
+ safePrint('DELETE call failed: $e');
}
}
```
From 294a6037fff86f6bd0ee102f96bff7f4da1a953b Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 14:37:03 -0700
Subject: [PATCH 15/18] chore: change order of platforms back to original
---
.../prev/build-a-backend/auth/existing-resources/index.mdx | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/pages/gen1/[platform]/prev/build-a-backend/auth/existing-resources/index.mdx b/src/pages/gen1/[platform]/prev/build-a-backend/auth/existing-resources/index.mdx
index 73af5f8f12a..b7bf6aa37e0 100644
--- a/src/pages/gen1/[platform]/prev/build-a-backend/auth/existing-resources/index.mdx
+++ b/src/pages/gen1/[platform]/prev/build-a-backend/auth/existing-resources/index.mdx
@@ -4,7 +4,7 @@ export const meta = {
title: 'Use existing Amazon Cognito resources',
description:
'Configure the Amplify Libraries to use existing Amazon Cognito resources by referencing them in your configuration.',
- platforms: ['swift', 'android', 'flutter']
+ platforms: ['flutter', 'swift', 'android']
};
export const getStaticPaths = async () => {
From 84e44aa2fa47c212565e2d2f00258b4c858af5ff Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Tue, 14 May 2024 14:46:39 -0700
Subject: [PATCH 16/18] chore: fix flutter v1 MFA docs
---
.../lib-v1/auth/common/mfa/flows.mdx | 732 +++++++++---------
.../build-a-backend/auth/manage-mfa/index.mdx | 4 +-
2 files changed, 368 insertions(+), 368 deletions(-)
diff --git a/src/fragments/lib-v1/auth/common/mfa/flows.mdx b/src/fragments/lib-v1/auth/common/mfa/flows.mdx
index 3ef933a4821..441a69f1f88 100644
--- a/src/fragments/lib-v1/auth/common/mfa/flows.mdx
+++ b/src/fragments/lib-v1/auth/common/mfa/flows.mdx
@@ -56,142 +56,92 @@ import all5 from '/src/fragments/lib/auth/common/mfa/update_mfa.mdx';
You will need to pass `phone_number` as a user attribute to enable SMS MFA for your users during sign up. However, if the primary login mechanism for your Cognito resource is `phone_number` (without enabling `username`), then you do not need to pass it as an attribute.
-
+import android6 from '/src/fragments/lib/auth/android/sms/sign_up.mdx';
-
-
+
-```ts
-import { signUp } from 'aws-amplify/auth';
+import flutter6 from '/src/fragments/lib/auth/flutter/sms/sign_up.mdx';
-async function handleSignUp(
- username: string,
- password: string,
- phone_number: string,
- email: string
-) {
- try {
- await signUp({
- username,
- password,
- options: {
- userAttributes: {
- phone_number,
- email
- }
- }
- });
- } catch (error) {
- console.log(error);
- }
-}
-```
+
-
+import iosSignUp from '/src/fragments/lib/auth/ios/sms/sign_up.mdx';
-
+
-```javascript
-import { signUp } from 'aws-amplify/auth';
+By default, you have to verify a user account after they sign up using the `confirmSignUp` API, which will send a one-time password to the user's phone number or email, depending on your Amazon Cognito configuration.
-async function handleSignUp(username, password, phone_number, email) {
- try {
- await signUp({
- username,
- password,
- options: {
- userAttributes: {
- phone_number,
- email
- }
- }
- });
- } catch (error) {
- console.log(error);
- }
-}
-```
+import flutter7 from '/src/fragments/lib/auth/flutter/sms/confirm_sign_up.mdx';
-
-
+
-
+import android7 from '/src/fragments/lib/auth/android/sms/confirm_sign_up.mdx';
-By default, you have to verify a user account after they sign up using the `confirmSignUp` API, which will send a one-time password to the user's phone number or email, depending on your Amazon Cognito configuration.
+
-
+import iosConfirmSignUp from '/src/fragments/lib/auth/ios/sms/confirm_sign_up.mdx';
-
-
+
-```ts
-import { confirmSignUp } from 'aws-amplify/auth';
+### Handling SMS MFA challenge during Sign In
-async function handleSignUpConfirmation(
- username: string,
- confirmationCode: string
-) {
- try {
- await confirmSignUp({ username, confirmationCode });
- } catch (error) {
- console.log(error);
- }
-}
-```
+After a user signs in, if they have MFA enabled for their account, a challenge will be returned that you would need to call the `confirmSignIn` API where the user provides their confirmation code sent to their phone number.
-
-
+import flutter8 from '/src/fragments/lib/auth/flutter/sms/sign_in.mdx';
-```js
-import { confirmSignUp } from 'aws-amplify/auth';
+
-async function handleSignUpConfirmation(username, confirmationCode) {
- try {
- await confirmSignUp({ username, confirmationCode });
- } catch (error) {
- console.log(error);
- }
-}
-```
+import iosSignInTOTP from '/src/fragments/lib/auth/ios/sms/sign_in.mdx';
-
-
+
-
+import android8 from '/src/fragments/lib/auth/android/sms/sign_in.mdx';
-### Handling SMS MFA challenge during Sign In
+
-After a user signs in, if they have MFA enabled for their account, a challenge will be returned that you would need to call the `confirmSignIn` API where the user provides their confirmation code sent to their phone number.
+If MFA is **ON** or enabled for the user, you must call `confirmSignIn` with the OTP sent to their phone.
-
+import flutter9 from '/src/fragments/lib/auth/flutter/sms/confirm_sign_in.mdx';
-
-
+
-```typescript
-import { signIn } from 'aws-amplify/auth';
+import iosConfirmSignInTOTP from '/src/fragments/lib/auth/ios/sms/confirm_sign_in.mdx';
-async function handleSignIn(username: string, password: string) {
- try {
- await signIn({ username, password });
- } catch (error) {
- console.log(error);
- }
-}
-```
+
-
-
+import android9 from '/src/fragments/lib/auth/android/sms/confirm_sign_in.mdx';
-```js
-import { signIn } from 'aws-amplify/auth';
+
-async function handleSignIn(username, password) {
- try {
- await signIn({ username, password });
- } catch (error) {
- console.log(error);
- }
+After a user has been signed in, call `updateMFAPreference` to record the MFA type as enabled for the user and optionally set it as preferred so that subsequent logins default to using this MFA type.
+
+
+
+
+
+```java
+if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") instanceof AWSCognitoAuthPlugin) {
+ AWSCognitoAuthPlugin plugin = (AWSCognitoAuthPlugin) Amplify.Auth.getPlugin("awsCognitoAuthPlugin");
+ plugin.updateMFAPreference(
+ MFAPreference.ENABLED,
+ null,
+ () -> Log.i("AuthQuickstart", "MFA preference updated successfully"),
+ e -> Log.e("AuthQuickstart", "Failed to update MFA preference.", e)
+ );
+ }
+```
+
+
+
+
+```kotlin
+if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin) {
+ val plugin = Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
+ plugin.updateMFAPreference(
+ MFAPreference.ENABLED,
+ null,
+ { Log.i( "AuthQuickstart", "MFA preference updated successfully") },
+ { e: AuthException? -> Log.e( "AuthQuickstart", "Failed to update MFA preference", e) }
+ )
}
```
@@ -200,59 +150,64 @@ async function handleSignIn(username, password) {
-If MFA is **ON** or enabled for the user, you must call `confirmSignIn` with the OTP sent to their phone.
-
-
+
-
-```ts
-import { confirmSignIn } from 'aws-amplify/auth';
+
-async function handleSignInConfirmation(otpCode: string) {
- try {
- await confirmSignIn({ challengeResponse: otpCode });
- } catch (error) {
- console.log(error);
- }
+```swift
+func updateMFAPreferences() async throws {
+ let authCognitoPlugin = try Amplify.Auth.getPlugin(
+ for: "awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
+
+ let smsMfaPreference: MFAPreference = .enabled // or .preferred
+
+ try await authCognitoPlugin?.updateMFAPreference(
+ sms: smsMfaPreference)
}
```
-
+
-```js
-import { confirmSignIn } from 'aws-amplify/auth';
+```swift
+func updateMFAPreferences() -> AnyCancellable {
+ Amplify.Publisher.create {
+ let authCognitoPlugin = try Amplify.Auth.getPlugin(
+ for: "awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
-async function handleSignInConfirmation(otpCode) {
- try {
- await confirmSignIn({ challengeResponse: otpCode });
- } catch (error) {
- console.log(error);
- }
+ let smsMfaPreference: MFAPreference = .enabled // or .preferred
+
+ try await authCognitoPlugin?.updateMFAPreference(
+ sms: smsMfaPreference)
+ }.sink {
+ if case let .failure(authError) = $0 {
+ print("Confirm sign in failed \(authError)")
+ }
+ }
+ receiveValue: {
+ print("Update MFA preference succeeded")
+ }
}
```
+
-After a user has been signed in, call `updateMFAPreference` to record the MFA type as enabled for the user and optionally set it as preferred so that subsequent logins default to using this MFA type.
-
-
+
-```ts
-import { updateMFAPreference } from 'aws-amplify/auth';
+```dart
+Future updateMfaPreferences() async {
+ final cognitoPlugin = Amplify.Auth.getPlugin(AmplifyAuthCognito.pluginKey);
-async function handleUpdateMFAPreference() {
- try {
- await updateMFAPreference({ sms: 'PREFERRED' });
- } catch (error) {
- console.log(error);
- }
+ await cognitoPlugin.updateMfaPreference(
+ sms: MfaPreference.enabled, // or .preferred
+ );
}
```
@@ -264,156 +219,173 @@ You can use Time-based One-Time Password (TOTP) for multi-factor authentication
### Setting up TOTP for a user
-After you initiate a user sign in with the `signIn` API where a user is required to set up TOTP as an MFA method, the API call will return `CONTINUE_SIGN_IN_WITH_TOTP_SETUP` as a challenge and next step to handle in your app. You will get that challenge if the following conditions are met:
+After you initiate a user sign in with the `signIn` API where a user is required to set up TOTP as an MFA method, the API call will return `continueSignInWithTOTPSetup` as a challenge and next step to handle in your app. You will get that challenge if the following conditions are met:
-- MFA is marked as **Required** in your user pool.
-- TOTP is enabled in your user pool.
+- MFA is marked as **Required** in Cognito User Pool.
+- TOTP is enabled in the Cognito User Pool
- User does not have TOTP MFA set up already.
-The `CONTINUE_SIGN_IN_WITH_TOTP_SETUP` step signifies that the user must set up TOTP before they can sign in. The step returns an associated value of type `TOTPSetupDetails` which must be used to configure an authenticator app like Microsoft Authenticator or Google Authenticator. `TOTPSetupDetails` provides a helper method called `getSetupURI` which generates a URI that can be used, for example, in a button to open the user's installed authenticator app. For more advanced use cases, `TOTPSetupDetails` also contains a `sharedSecret` which can be used to either generate a QR code or be manually entered into an authenticator app.
+The `continueSignInWithTOTPSetup` step signifies that the user must set up TOTP before they can sign in. The step returns an associated value of type `TOTPSetupDetails` which must be used to configure an authenticator app like Microsoft Authenticator or Google Authenticator. `TOTPSetupDetails` provides a helper method called `getSetupURI` which generates a URI that can be used, for example, in a button to open the user's installed authenticator app. For more advanced use cases, `TOTPSetupDetails` also contains a `sharedSecret` which can be used to either generate a QR code or be manually entered into an authenticator app.
Once the authenticator app is set up, the user can generate a TOTP code and provide it to the library to complete the sign in process.
-
+import iosSignIn from '/src/fragments/lib/auth/ios/totp/sign_in.mdx';
-
-
+
-```ts
-import { signIn, SignInOutput } from 'aws-amplify/auth';
+import androidSignIn from '/src/fragments/lib/auth/android/totp/sign_in.mdx';
-async function handleSignIn(username: string, password: string) {
+
+
+
+
+```dart
+Future signInUser(String username, String password) async {
try {
- const output = await signIn({
- username,
- password
- });
-
- handleSignInNextSteps(output);
- } catch (error) {
- console.log(error);
+ final result = await Amplify.Auth.signIn(
+ username: username,
+ password: password,
+ );
+ return _handleSignInResult(result);
+ } on AuthException catch (e) {
+ safePrint('Error signing in: ${e.message}');
}
}
-function handleSignInNextSteps(output: SignInOutput) {
- const { nextStep } = output;
- switch (nextStep.signInStep) {
- // ...
- case 'CONTINUE_SIGN_IN_WITH_TOTP_SETUP':
- const totpSetupDetails = nextStep.totpSetupDetails;
- const appName = 'my_app_name';
- const setupUri = totpSetupDetails.getSetupUri(appName);
- // Open setupUri with an authenticator APP to retrieve an OTP code
- break;
- // ...
+Future _handleSignInResult(SignInResult result) async {
+ switch (result.nextStep.signInStep) {
+ // ···
+ case AuthSignInStep.continueSignInWithTotpSetup:
+ final totpSetupDetails = result.nextStep.totpSetupDetails!;
+ final setupUri = totpSetupDetails.getSetupUri(appName: 'MyApp');
+ safePrint('Open URI to complete setup: $setupUri');
+ // ···
}
}
```
-
+
-
+The TOTP code can be obtained from the user via a text field or any other means. Once the user provides the TOTP code, call `confirmSignIn` with the TOTP code as the `challengeResponse` parameter.
-```js
-import { signIn } from 'aws-amplify/auth';
+import iosConfirmSignIn from '/src/fragments/lib/auth/ios/totp/confirm_sign_in.mdx';
-async function handleSignIn(username, password) {
- try {
- const output = await signIn({
- username,
- password
- });
-
- handleSignInNextSteps(output);
- } catch (error) {
- console.log(error);
- }
-}
+
-function handleSignInNextSteps(output) {
- const { nextStep } = output;
- switch (nextStep.signInStep) {
- // ...
- case 'CONTINUE_SIGN_IN_WITH_TOTP_SETUP':
- const totpSetupDetails = nextStep.totpSetupDetails;
- const appName = 'my_app_name';
- const setupUri = totpSetupDetails.getSetupUri(appName);
- // Open setupUri with an authenticator APP to retrieve an OTP code
- break;
- // ...
+import androidConfirmSignIn from '/src/fragments/lib/auth/android/totp/confirm_sign_in.mdx';
+
+
+
+
+
+```dart
+Future confirmTotpUser(String totpCode) async {
+ try {
+ final result = await Amplify.Auth.confirmSignIn(
+ confirmationValue: totpCode,
+ );
+ return _handleSignInResult(result);
+ } on AuthException catch (e) {
+ safePrint('Error confirming TOTP code: ${e.message}');
}
}
```
-
-
-
-The TOTP code can be obtained from the user via a text field or any other means. Once the user provides the TOTP code, call `confirmSignIn` with the TOTP code as the `challengeResponse` parameter.
+
-
+After a user has been signed in, call `updateMFAPreference` to record the MFA type as enabled for the user and optionally set it as preferred so that subsequent logins default to using this MFA type.
+
-
-
-```ts
-import { confirmSignIn } from 'aws-amplify/auth';
+
+
+```java
+if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") instanceof AWSCognitoAuthPlugin) {
+ AWSCognitoAuthPlugin plugin = (AWSCognitoAuthPlugin) Amplify.Auth.getPlugin("awsCognitoAuthPlugin");
+ plugin.updateMFAPreference(
+ null,
+ MFAPreference.ENABLED,
+ () -> Log.i("AuthQuickstart", "MFA preference updated successfully"),
+ e -> Log.e("AuthQuickstart", "Failed to update MFA preference.", e)
+ );
+ }
+```
-async function handleSignInConfirmation(totpCode: string) {
- try {
- await confirmSignIn({ challengeResponse: totpCode });
- } catch (error) {
- console.log(error);
- }
+
+
+
+```kotlin
+if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin) {
+ val plugin = Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
+ plugin.updateMFAPreference(
+ null,
+ MFAPreference.ENABLED,
+ { Log.i("AuthQuickstart", "MFA preference updated successfully") },
+ { e: AuthException? -> Log.e("AuthQuickstart", "Failed to update MFA preference", e) }
+ )
}
```
+
-
+
-```js
-import { confirmSignIn } from 'aws-amplify/auth';
+
-async function handleSignInConfirmation(totpCode) {
- try {
- await confirmSignIn({ challengeResponse: totpCode });
- } catch (error) {
- console.log(error);
- }
+
+
+```swift
+func updateMFAPreferences() async throws {
+ let authCognitoPlugin = try Amplify.Auth.getPlugin(
+ for: "awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
+
+ let totpMfaPreference: MFAPreference = .enabled // or .preferred
+
+ try await authCognitoPlugin?.updateMFAPreference(
+ totp: totpMfaPreference)
}
```
-
-
-
-After a user has been signed in, call `updateMFAPreference` to record the MFA type as enabled for the user and optionally set it as preferred so that subsequent logins default to using this MFA type.
+
-
+```swift
+func updateMFAPreferences() -> AnyCancellable {
+ Amplify.Publisher.create {
+ let authCognitoPlugin = try Amplify.Auth.getPlugin(
+ for: "awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
-```ts
-import { updateMFAPreference } from 'aws-amplify/auth';
+ let totpMfaPreference: MFAPreference = .enabled // or .preferred
-async function handleUpdateMFAPreference() {
- try {
- await updateMFAPreference({ totp: 'PREFERRED' });
- } catch (error) {
- console.log(error);
- }
+ try await authCognitoPlugin?.updateMFAPreference(
+ totp: totpMfaPreference)
+ }.sink {
+ if case let .failure(authError) = $0 {
+ print("Confirm sign in failed \(authError)")
+ }
+ }
+ receiveValue: {
+ print("Update MFA preference succeeded")
+ }
}
```
+
+
+
+
### Enabling TOTP after a user is signed in
TOTP MFA can be set up after a user has signed in. This can be done when the following conditions are met:
-- MFA is marked as **Optional** or **Required** in your user pool.
-- TOTP is marked as an enabled MFA method in your user pool.
+- MFA is marked as **Optional** or **Required** in the Cognito User Pool
+- TOTP is marked as an enabled MFA method in Cognito user pool
TOTP can be set up by calling the `setUpTOTP` and `verifyTOTPSetup` APIs in the `Auth` category.
@@ -421,19 +393,24 @@ Invoke the `setUpTOTP` API to generate a `TOTPSetupDetails` object which should
that contains the `sharedSecret` which will be used to either to generate a QR code or can be manually entered into an Authenticator app.
-
+import iosSetUpTOTP from '/src/fragments/lib/auth/ios/totp/set_up_totp.mdx';
+
+
+
+import androidSetUpTOTP from '/src/fragments/lib/auth/android/totp/set_up_totp.mdx';
+
+
-```typescript
-import { setUpTOTP } from 'aws-amplify/auth';
+
-async function handleTOTPSetup() {
+```dart
+Future setUpTotp() async {
try {
- const totpSetupDetails = await setUpTOTP();
- const appName = 'my_app_name';
- const setupUri = totpSetupDetails.getSetupUri(appName);
- // Open setupUri with an authenticator APP to retrieve an OTP code
- } catch (error) {
- console.log(error);
+ final totpSetupDetails = await Amplify.Auth.setUpTotp();
+ final setupUri = totpSetupDetails.getSetupUri(appName: 'MyApp');
+ safePrint('Open URI to complete setup: $setupUri');
+ } on AuthException catch (e) {
+ safePrint('An error occurred setting up TOTP: $e');
}
}
```
@@ -442,36 +419,56 @@ async function handleTOTPSetup() {
Once the Authenticator app is set up, the user must generate a TOTP code and provide it to the library. Pass the code to `verifyTOTPSetup` to complete the TOTP setup process.
-
+import iosVerifyTOTPSetup from '/src/fragments/lib/auth/ios/totp/verify_totp_setup.mdx';
-
-
+
+
+import androidVerifyTOTPSetup from '/src/fragments/lib/auth/android/totp/verify_totp_setup.mdx';
+
+
-```ts
-import { verifyTOTPSetup } from 'aws-amplify/auth';
+
-async function handleTOTPVerification(totpCode: string) {
+```dart
+Future verifyTotpSetup(String totpCode) async {
try {
- await verifyTOTPSetup({ code: totpCode });
- } catch (error) {
- console.log(error);
+ await Amplify.Auth.verifyTotpSetup(totpCode);
+ } on AuthException catch (e) {
+ safePrint('An error occurred verifying TOTP: $e');
}
}
```
-
-
-
+
-```js
-import { verifyTOTPSetup } from 'aws-amplify/auth';
+
+
+
+
+```java
+if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") instanceof AWSCognitoAuthPlugin) {
+ AWSCognitoAuthPlugin plugin = (AWSCognitoAuthPlugin) Amplify.Auth.getPlugin("awsCognitoAuthPlugin");
+ plugin.updateMFAPreference(
+ null,
+ MFAPreference.ENABLED,
+ () -> Log.i("AuthQuickstart", "MFA preference updated successfully"),
+ e -> Log.e("AuthQuickstart", "Failed to update MFA preference.", e)
+ );
+ }
+```
-async function handleTOTPVerification(totpCode) {
- try {
- await verifyTOTPSetup({ code: totpCode });
- } catch (error) {
- console.log(error);
- }
+
+
+
+```kotlin
+if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin) {
+ val plugin = Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
+ plugin.updateMFAPreference(
+ null,
+ MFAPreference.ENABLED,
+ { Log.i("AuthQuickstart", "MFA preference updated successfully" ) },
+ { e: AuthException? -> Log.e("AuthQuickstart", "Failed to update MFA preference", e) }
+ )
}
```
@@ -480,33 +477,66 @@ async function handleTOTPVerification(totpCode) {
+
+
After TOTP setup is complete, call `updateMFAPreference` to record the MFA type as enabled for the user and optionally set it as preferred so that subsequent logins default to using this MFA type.
-
+
-```ts
-import { updateMFAPreference } from 'aws-amplify/auth';
+
-async function handleUpdateMFAPreference() {
- try {
- await updateMFAPreference({ sms: 'ENABLED', totp: 'PREFERRED' });
- } catch (error) {
- console.log(error);
- }
+```swift
+func updateMFAPreferences() async throws {
+ let authCognitoPlugin = try Amplify.Auth.getPlugin(
+ for: "awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
+
+ let totpMfaPreference: MFAPreference = .enabled // or .preferred
+
+ try await authCognitoPlugin?.updateMFAPreference(
+ totp: totpMfaPreference)
}
```
+
+
+
+
+```swift
+func updateMFAPreferences() -> AnyCancellable {
+ Amplify.Publisher.create {
+ let authCognitoPlugin = try Amplify.Auth.getPlugin(
+ for: "awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
+
+ let totpMfaPreference: MFAPreference = .enabled // or .preferred
+
+ try await authCognitoPlugin?.updateMFAPreference(
+ totp: totpMfaPreference)
+ }.sink {
+ if case let .failure(authError) = $0 {
+ print("Confirm sign in failed \(authError)")
+ }
+ }
+ receiveValue: {
+ print("Update MFA preference succeeded")
+ }
+}
+```
+
+
+
+
+
### Recovering from a lost TOTP device
-If a user loses access to their TOTP device, they would need to contact an administrator to help get access to their account. Based on the Cognito user pool configuration, the administrator can use the [AdminSetUserMFAPreference](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html) to either change the MFA preference to a different MFA method or to disable MFA for the user.
+If a user loses access to their TOTP device, they would need to contact an administrator to help get access to their account. Based on the Cognito User Pool configuration, the administrator can use the [AdminSetUserMFAPreference](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html) to either change the MFA preference to a different MFA method or to disable MFA for the user.
-In a scenario where MFA is marked as **Required** in your user pool and another MFA method is not set up, the administrator would need to first initiate an [AdminUpdateUserAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html) call and update the user’s phone number attribute. Once this is complete, the administrator can continue changing the MFA preference to SMS as suggested above.
+In a scenario where MFA is marked as **Required** in Cognito User Pool and another MFA method is not set up, the administrator would need to first initiate an [AdminUpdateUserAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html) call and update the user’s phone number attribute. Once this is complete, the administrator can continue changing the MFA preference to SMS as suggested above.
## Setting a user's preferred MFA option
@@ -514,19 +544,23 @@ In a scenario where MFA is marked as **Required** in your user pool and another
Invoke the following API to get the current MFA preference and enabled MFA types, if any, for the current user.
-
+import iosFetchMFAPreference from '/src/fragments/lib/auth/ios/mfa_preference/10_fetch_mfa_preference.mdx';
-```ts
-import { fetchMFAPreference } from 'aws-amplify/auth';
+
-async function handleFetchMFAPreference() {
- try {
- const output = await fetchMFAPreference();
- console.log(`Enabled MFA types for the user: ${output.enabled}`);
- console.log(`Preferred MFA type for the user: ${output.preferred}`);
- } catch (error) {
- console.log(error);
- }
+import androidFetchMFAPreference from '/src/fragments/lib/auth/android/mfa_preference/10_fetch_mfa_preference.mdx';
+
+
+
+
+
+```dart
+Future getCurrentMfaPreference() async {
+ final cognitoPlugin = Amplify.Auth.getPlugin(AmplifyAuthCognito.pluginKey);
+
+ final currentPreference = await cognitoPlugin.fetchMfaPreference();
+ safePrint('Enabled MFA types for user: ${currentPreference.enabled}');
+ safePrint('Preferred MFA type for user: ${currentPreference.preferred}');
}
```
@@ -542,106 +576,72 @@ Only one MFA method can be marked as preferred at a time. If the user has multip
-
+import iosUpdateMFAPreferences from '/src/fragments/lib/auth/ios/mfa_preference/20_update_mfa_preference.mdx';
-```ts
-import { updateMFAPreference } from 'aws-amplify/auth';
+
-async function handleUpdateMFAPreference() {
- try {
- await updateMFAPreference({ sms: 'ENABLED', totp: 'PREFERRED' });
- } catch (error) {
- console.log(error);
- }
+import androidUpdateMFAPreferences from '/src/fragments/lib/auth/android/mfa_preference/20_update_mfa_preference.mdx';
+
+
+
+
+
+```dart
+Future updateMfaPreferences() async {
+ final cognitoPlugin = Amplify.Auth.getPlugin(AmplifyAuthCognito.pluginKey);
+
+ await cognitoPlugin.updateMfaPreference(
+ sms: MfaPreference.enabled,
+ totp: MfaPreference.preferred,
+ );
}
```
-If multiple MFA methods are enabled for the user, the `signIn` API will return `CONTINUE_SIGN_IN_WITH_MFA_SELECTION` as the next step in the auth flow. During this scenario, the user should be prompted to select the MFA method they want to use to sign in and their preference should be passed to `confirmSignIn`.
+If multiple MFA methods are enabled for the user, the `signIn` API will return `continueSignInWithMFASelection` as the next step in the auth flow. During this scenario, the user should be prompted to select the MFA method they want to use to sign in and their preference should be passed to `confirmSignIn`.
-
+import iosContinueSignInWithMFASelection from '/src/fragments/lib/auth/ios/signin_next_steps/91_continue_mfa_selection_code.mdx';
-
-
-
-```ts
-import { confirmSignIn, SignInOutput } from 'aws-amplify/auth';
-
-function handleSignInNextSteps(output: SignInOutput) {
- const { nextStep } = output;
- switch (nextStep.signInStep) {
- // ...
- case 'CONTINUE_SIGN_IN_WITH_MFA_SELECTION':
- const allowedMFATypes = nextStep.allowedMFATypes;
- const mfaType = promptUserForMFAType(allowedMFATypes);
- case 'CONFIRM_SIGN_IN_WITH_SMS_CODE':
- // display user to enter otp code;
- break;
- case 'CONFIRM_SIGN_IN_WITH_TOTP_CODE':
- // display user to enter otp code;
- break;
- // ...
- }
-}
+
-function promptUserForMFAType(
- allowedMFATypes?: ('SMS' | 'TOTP')[]
-): 'SMS' | 'TOTP' {
- // Prompt user to select MFA type
-}
+import androidContinueSignInWithMFASelection from '/src/fragments/lib/auth/android/signin_next_steps/91_confirm_totp_mfa.mdx';
-async function handleMFASelection(mfaType: 'SMS' | 'TOTP') {
- try {
- const output = await confirmSignIn({
- challengeResponse: mfaType
- });
- handleSignInNextSteps(output);
- } catch (error) {
- console.log(error);
- }
-}
-```
+
-
+
-
-
-```js
-function handleSignInNextSteps(output) {
- const { nextStep } = output;
- switch (nextStep.signInStep) {
- // ...
- case 'CONTINUE_SIGN_IN_WITH_MFA_SELECTION':
- const allowedMFATypes = nextStep.allowedMFATypes;
- const mfaType = promptUserForMFAType(allowedMFATypes);
- case 'CONFIRM_SIGN_IN_WITH_SMS_CODE':
- // display user to enter otp code;
- break;
- case 'CONFIRM_SIGN_IN_WITH_TOTP_CODE':
- // display user to enter otp code;
- break;
- // ...
+The MFA types which are currently supported by Amplify Auth are:
+
+- `MfaType.sms`
+- `MfaType.totp`
+
+```dart
+Future _handleSignInResult(SignInResult result) async {
+ switch (result.nextStep.signInStep) {
+ // ···
+ case AuthSignInStep.continueSignInWithMfaSelection:
+ final allowedMfaTypes = result.nextStep.allowedMfaTypes!;
+ final selection = await _promptUserPreference(allowedMfaTypes);
+ return _handleMfaSelection(selection);
+ // ···
}
}
-function promptUserForMFAType(allowedMFATypes) {
- // Prompt user to select MFA type
+Future _promptUserPreference(Set allowedTypes) async {
+ // ···
}
-async function handleMFASelection(mfaType) {
+Future _handleMfaSelection(MfaType selection) async {
try {
- const output = await confirmSignIn({
- challengeResponse: mfaType
- });
- handleSignInNextSteps(output);
- } catch (error) {
- console.log(error);
+ final result = await Amplify.Auth.confirmSignIn(
+ confirmationValue: selection.confirmationValue,
+ );
+ return _handleSignInResult(result);
+ } on AuthException catch (e) {
+ safePrint('Error resending code: ${e.message}');
}
}
```
-
-
-
diff --git a/src/pages/gen1/[platform]/prev/build-a-backend/auth/manage-mfa/index.mdx b/src/pages/gen1/[platform]/prev/build-a-backend/auth/manage-mfa/index.mdx
index b855e9df6cf..aa180892631 100644
--- a/src/pages/gen1/[platform]/prev/build-a-backend/auth/manage-mfa/index.mdx
+++ b/src/pages/gen1/[platform]/prev/build-a-backend/auth/manage-mfa/index.mdx
@@ -829,6 +829,6 @@ Now that you completed setting up multi-factor authentication you may also want
-import flows from '/src/fragments/lib/auth/common/mfa/flows.mdx';
+import flows from '/src/fragments/lib-v1/auth/common/mfa/flows.mdx';
-
+
From efa68daaa3c424d8dc58a1a06efb012d05d01158 Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Wed, 15 May 2024 10:35:41 -0700
Subject: [PATCH 17/18] Revert "chore: fix flutter v1 MFA docs"
This reverts commit 84e44aa2fa47c212565e2d2f00258b4c858af5ff.
---
.../lib-v1/auth/common/mfa/flows.mdx | 732 +++++++++---------
.../build-a-backend/auth/manage-mfa/index.mdx | 4 +-
2 files changed, 368 insertions(+), 368 deletions(-)
diff --git a/src/fragments/lib-v1/auth/common/mfa/flows.mdx b/src/fragments/lib-v1/auth/common/mfa/flows.mdx
index 441a69f1f88..3ef933a4821 100644
--- a/src/fragments/lib-v1/auth/common/mfa/flows.mdx
+++ b/src/fragments/lib-v1/auth/common/mfa/flows.mdx
@@ -56,92 +56,142 @@ import all5 from '/src/fragments/lib/auth/common/mfa/update_mfa.mdx';
You will need to pass `phone_number` as a user attribute to enable SMS MFA for your users during sign up. However, if the primary login mechanism for your Cognito resource is `phone_number` (without enabling `username`), then you do not need to pass it as an attribute.
-import android6 from '/src/fragments/lib/auth/android/sms/sign_up.mdx';
+
-
-
-import flutter6 from '/src/fragments/lib/auth/flutter/sms/sign_up.mdx';
-
-
-
-import iosSignUp from '/src/fragments/lib/auth/ios/sms/sign_up.mdx';
-
-
+
+
-By default, you have to verify a user account after they sign up using the `confirmSignUp` API, which will send a one-time password to the user's phone number or email, depending on your Amazon Cognito configuration.
+```ts
+import { signUp } from 'aws-amplify/auth';
-import flutter7 from '/src/fragments/lib/auth/flutter/sms/confirm_sign_up.mdx';
+async function handleSignUp(
+ username: string,
+ password: string,
+ phone_number: string,
+ email: string
+) {
+ try {
+ await signUp({
+ username,
+ password,
+ options: {
+ userAttributes: {
+ phone_number,
+ email
+ }
+ }
+ });
+ } catch (error) {
+ console.log(error);
+ }
+}
+```
-
+
-import android7 from '/src/fragments/lib/auth/android/sms/confirm_sign_up.mdx';
+
-
+```javascript
+import { signUp } from 'aws-amplify/auth';
-import iosConfirmSignUp from '/src/fragments/lib/auth/ios/sms/confirm_sign_up.mdx';
+async function handleSignUp(username, password, phone_number, email) {
+ try {
+ await signUp({
+ username,
+ password,
+ options: {
+ userAttributes: {
+ phone_number,
+ email
+ }
+ }
+ });
+ } catch (error) {
+ console.log(error);
+ }
+}
+```
-
+
+
-### Handling SMS MFA challenge during Sign In
+
-After a user signs in, if they have MFA enabled for their account, a challenge will be returned that you would need to call the `confirmSignIn` API where the user provides their confirmation code sent to their phone number.
+By default, you have to verify a user account after they sign up using the `confirmSignUp` API, which will send a one-time password to the user's phone number or email, depending on your Amazon Cognito configuration.
-import flutter8 from '/src/fragments/lib/auth/flutter/sms/sign_in.mdx';
+
-
+
+
-import iosSignInTOTP from '/src/fragments/lib/auth/ios/sms/sign_in.mdx';
+```ts
+import { confirmSignUp } from 'aws-amplify/auth';
-
+async function handleSignUpConfirmation(
+ username: string,
+ confirmationCode: string
+) {
+ try {
+ await confirmSignUp({ username, confirmationCode });
+ } catch (error) {
+ console.log(error);
+ }
+}
+```
-import android8 from '/src/fragments/lib/auth/android/sms/sign_in.mdx';
+
+
-
+```js
+import { confirmSignUp } from 'aws-amplify/auth';
-If MFA is **ON** or enabled for the user, you must call `confirmSignIn` with the OTP sent to their phone.
+async function handleSignUpConfirmation(username, confirmationCode) {
+ try {
+ await confirmSignUp({ username, confirmationCode });
+ } catch (error) {
+ console.log(error);
+ }
+}
+```
-import flutter9 from '/src/fragments/lib/auth/flutter/sms/confirm_sign_in.mdx';
+
+
-
+
-import iosConfirmSignInTOTP from '/src/fragments/lib/auth/ios/sms/confirm_sign_in.mdx';
+### Handling SMS MFA challenge during Sign In
-
+After a user signs in, if they have MFA enabled for their account, a challenge will be returned that you would need to call the `confirmSignIn` API where the user provides their confirmation code sent to their phone number.
-import android9 from '/src/fragments/lib/auth/android/sms/confirm_sign_in.mdx';
+
-
+
+
-After a user has been signed in, call `updateMFAPreference` to record the MFA type as enabled for the user and optionally set it as preferred so that subsequent logins default to using this MFA type.
+```typescript
+import { signIn } from 'aws-amplify/auth';
-
-
-
-
-```java
-if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") instanceof AWSCognitoAuthPlugin) {
- AWSCognitoAuthPlugin plugin = (AWSCognitoAuthPlugin) Amplify.Auth.getPlugin("awsCognitoAuthPlugin");
- plugin.updateMFAPreference(
- MFAPreference.ENABLED,
- null,
- () -> Log.i("AuthQuickstart", "MFA preference updated successfully"),
- e -> Log.e("AuthQuickstart", "Failed to update MFA preference.", e)
- );
- }
+async function handleSignIn(username: string, password: string) {
+ try {
+ await signIn({ username, password });
+ } catch (error) {
+ console.log(error);
+ }
+}
```
-
-
-```kotlin
-if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin) {
- val plugin = Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
- plugin.updateMFAPreference(
- MFAPreference.ENABLED,
- null,
- { Log.i( "AuthQuickstart", "MFA preference updated successfully") },
- { e: AuthException? -> Log.e( "AuthQuickstart", "Failed to update MFA preference", e) }
- )
+
+
+```js
+import { signIn } from 'aws-amplify/auth';
+
+async function handleSignIn(username, password) {
+ try {
+ await signIn({ username, password });
+ } catch (error) {
+ console.log(error);
+ }
}
```
@@ -150,64 +200,59 @@ if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin) {
-
-
-
+If MFA is **ON** or enabled for the user, you must call `confirmSignIn` with the OTP sent to their phone.
-
+
-```swift
-func updateMFAPreferences() async throws {
- let authCognitoPlugin = try Amplify.Auth.getPlugin(
- for: "awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
+
+
- let smsMfaPreference: MFAPreference = .enabled // or .preferred
+```ts
+import { confirmSignIn } from 'aws-amplify/auth';
- try await authCognitoPlugin?.updateMFAPreference(
- sms: smsMfaPreference)
+async function handleSignInConfirmation(otpCode: string) {
+ try {
+ await confirmSignIn({ challengeResponse: otpCode });
+ } catch (error) {
+ console.log(error);
+ }
}
```
-
+
-```swift
-func updateMFAPreferences() -> AnyCancellable {
- Amplify.Publisher.create {
- let authCognitoPlugin = try Amplify.Auth.getPlugin(
- for: "awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
+```js
+import { confirmSignIn } from 'aws-amplify/auth';
- let smsMfaPreference: MFAPreference = .enabled // or .preferred
-
- try await authCognitoPlugin?.updateMFAPreference(
- sms: smsMfaPreference)
- }.sink {
- if case let .failure(authError) = $0 {
- print("Confirm sign in failed \(authError)")
- }
- }
- receiveValue: {
- print("Update MFA preference succeeded")
- }
+async function handleSignInConfirmation(otpCode) {
+ try {
+ await confirmSignIn({ challengeResponse: otpCode });
+ } catch (error) {
+ console.log(error);
+ }
}
```
-
-
+After a user has been signed in, call `updateMFAPreference` to record the MFA type as enabled for the user and optionally set it as preferred so that subsequent logins default to using this MFA type.
+
+
-```dart
-Future updateMfaPreferences() async {
- final cognitoPlugin = Amplify.Auth.getPlugin(AmplifyAuthCognito.pluginKey);
+```ts
+import { updateMFAPreference } from 'aws-amplify/auth';
- await cognitoPlugin.updateMfaPreference(
- sms: MfaPreference.enabled, // or .preferred
- );
+async function handleUpdateMFAPreference() {
+ try {
+ await updateMFAPreference({ sms: 'PREFERRED' });
+ } catch (error) {
+ console.log(error);
+ }
}
```
@@ -219,112 +264,84 @@ You can use Time-based One-Time Password (TOTP) for multi-factor authentication
### Setting up TOTP for a user
-After you initiate a user sign in with the `signIn` API where a user is required to set up TOTP as an MFA method, the API call will return `continueSignInWithTOTPSetup` as a challenge and next step to handle in your app. You will get that challenge if the following conditions are met:
+After you initiate a user sign in with the `signIn` API where a user is required to set up TOTP as an MFA method, the API call will return `CONTINUE_SIGN_IN_WITH_TOTP_SETUP` as a challenge and next step to handle in your app. You will get that challenge if the following conditions are met:
-- MFA is marked as **Required** in Cognito User Pool.
-- TOTP is enabled in the Cognito User Pool
+- MFA is marked as **Required** in your user pool.
+- TOTP is enabled in your user pool.
- User does not have TOTP MFA set up already.
-The `continueSignInWithTOTPSetup` step signifies that the user must set up TOTP before they can sign in. The step returns an associated value of type `TOTPSetupDetails` which must be used to configure an authenticator app like Microsoft Authenticator or Google Authenticator. `TOTPSetupDetails` provides a helper method called `getSetupURI` which generates a URI that can be used, for example, in a button to open the user's installed authenticator app. For more advanced use cases, `TOTPSetupDetails` also contains a `sharedSecret` which can be used to either generate a QR code or be manually entered into an authenticator app.
+The `CONTINUE_SIGN_IN_WITH_TOTP_SETUP` step signifies that the user must set up TOTP before they can sign in. The step returns an associated value of type `TOTPSetupDetails` which must be used to configure an authenticator app like Microsoft Authenticator or Google Authenticator. `TOTPSetupDetails` provides a helper method called `getSetupURI` which generates a URI that can be used, for example, in a button to open the user's installed authenticator app. For more advanced use cases, `TOTPSetupDetails` also contains a `sharedSecret` which can be used to either generate a QR code or be manually entered into an authenticator app.
Once the authenticator app is set up, the user can generate a TOTP code and provide it to the library to complete the sign in process.
-import iosSignIn from '/src/fragments/lib/auth/ios/totp/sign_in.mdx';
-
-
+
-import androidSignIn from '/src/fragments/lib/auth/android/totp/sign_in.mdx';
-
-
+
+
-
+```ts
+import { signIn, SignInOutput } from 'aws-amplify/auth';
-```dart
-Future signInUser(String username, String password) async {
+async function handleSignIn(username: string, password: string) {
try {
- final result = await Amplify.Auth.signIn(
- username: username,
- password: password,
- );
- return _handleSignInResult(result);
- } on AuthException catch (e) {
- safePrint('Error signing in: ${e.message}');
+ const output = await signIn({
+ username,
+ password
+ });
+
+ handleSignInNextSteps(output);
+ } catch (error) {
+ console.log(error);
}
}
-Future _handleSignInResult(SignInResult result) async {
- switch (result.nextStep.signInStep) {
- // ···
- case AuthSignInStep.continueSignInWithTotpSetup:
- final totpSetupDetails = result.nextStep.totpSetupDetails!;
- final setupUri = totpSetupDetails.getSetupUri(appName: 'MyApp');
- safePrint('Open URI to complete setup: $setupUri');
- // ···
+function handleSignInNextSteps(output: SignInOutput) {
+ const { nextStep } = output;
+ switch (nextStep.signInStep) {
+ // ...
+ case 'CONTINUE_SIGN_IN_WITH_TOTP_SETUP':
+ const totpSetupDetails = nextStep.totpSetupDetails;
+ const appName = 'my_app_name';
+ const setupUri = totpSetupDetails.getSetupUri(appName);
+ // Open setupUri with an authenticator APP to retrieve an OTP code
+ break;
+ // ...
}
}
```
-
-
-The TOTP code can be obtained from the user via a text field or any other means. Once the user provides the TOTP code, call `confirmSignIn` with the TOTP code as the `challengeResponse` parameter.
-
-import iosConfirmSignIn from '/src/fragments/lib/auth/ios/totp/confirm_sign_in.mdx';
-
-
-
-import androidConfirmSignIn from '/src/fragments/lib/auth/android/totp/confirm_sign_in.mdx';
+
-
+
-
+```js
+import { signIn } from 'aws-amplify/auth';
-```dart
-Future confirmTotpUser(String totpCode) async {
+async function handleSignIn(username, password) {
try {
- final result = await Amplify.Auth.confirmSignIn(
- confirmationValue: totpCode,
- );
- return _handleSignInResult(result);
- } on AuthException catch (e) {
- safePrint('Error confirming TOTP code: ${e.message}');
+ const output = await signIn({
+ username,
+ password
+ });
+
+ handleSignInNextSteps(output);
+ } catch (error) {
+ console.log(error);
}
}
-```
-
-
-
-
-
-After a user has been signed in, call `updateMFAPreference` to record the MFA type as enabled for the user and optionally set it as preferred so that subsequent logins default to using this MFA type.
-
-
-
-
-
-```java
-if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") instanceof AWSCognitoAuthPlugin) {
- AWSCognitoAuthPlugin plugin = (AWSCognitoAuthPlugin) Amplify.Auth.getPlugin("awsCognitoAuthPlugin");
- plugin.updateMFAPreference(
- null,
- MFAPreference.ENABLED,
- () -> Log.i("AuthQuickstart", "MFA preference updated successfully"),
- e -> Log.e("AuthQuickstart", "Failed to update MFA preference.", e)
- );
- }
-```
-
-
-
-```kotlin
-if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin) {
- val plugin = Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
- plugin.updateMFAPreference(
- null,
- MFAPreference.ENABLED,
- { Log.i("AuthQuickstart", "MFA preference updated successfully") },
- { e: AuthException? -> Log.e("AuthQuickstart", "Failed to update MFA preference", e) }
- )
+function handleSignInNextSteps(output) {
+ const { nextStep } = output;
+ switch (nextStep.signInStep) {
+ // ...
+ case 'CONTINUE_SIGN_IN_WITH_TOTP_SETUP':
+ const totpSetupDetails = nextStep.totpSetupDetails;
+ const appName = 'my_app_name';
+ const setupUri = totpSetupDetails.getSetupUri(appName);
+ // Open setupUri with an authenticator APP to retrieve an OTP code
+ break;
+ // ...
+ }
}
```
@@ -333,59 +350,70 @@ if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin) {
-
+The TOTP code can be obtained from the user via a text field or any other means. Once the user provides the TOTP code, call `confirmSignIn` with the TOTP code as the `challengeResponse` parameter.
-
+
-```swift
-func updateMFAPreferences() async throws {
- let authCognitoPlugin = try Amplify.Auth.getPlugin(
- for: "awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
+
+
- let totpMfaPreference: MFAPreference = .enabled // or .preferred
+```ts
+import { confirmSignIn } from 'aws-amplify/auth';
- try await authCognitoPlugin?.updateMFAPreference(
- totp: totpMfaPreference)
+async function handleSignInConfirmation(totpCode: string) {
+ try {
+ await confirmSignIn({ challengeResponse: totpCode });
+ } catch (error) {
+ console.log(error);
+ }
}
```
-
-
-```swift
-func updateMFAPreferences() -> AnyCancellable {
- Amplify.Publisher.create {
- let authCognitoPlugin = try Amplify.Auth.getPlugin(
- for: "awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
+
- let totpMfaPreference: MFAPreference = .enabled // or .preferred
+```js
+import { confirmSignIn } from 'aws-amplify/auth';
- try await authCognitoPlugin?.updateMFAPreference(
- totp: totpMfaPreference)
- }.sink {
- if case let .failure(authError) = $0 {
- print("Confirm sign in failed \(authError)")
- }
- }
- receiveValue: {
- print("Update MFA preference succeeded")
- }
+async function handleSignInConfirmation(totpCode) {
+ try {
+ await confirmSignIn({ challengeResponse: totpCode });
+ } catch (error) {
+ console.log(error);
+ }
}
```
-
+After a user has been signed in, call `updateMFAPreference` to record the MFA type as enabled for the user and optionally set it as preferred so that subsequent logins default to using this MFA type.
+
+
+
+```ts
+import { updateMFAPreference } from 'aws-amplify/auth';
+
+async function handleUpdateMFAPreference() {
+ try {
+ await updateMFAPreference({ totp: 'PREFERRED' });
+ } catch (error) {
+ console.log(error);
+ }
+}
+```
+
+
+
### Enabling TOTP after a user is signed in
TOTP MFA can be set up after a user has signed in. This can be done when the following conditions are met:
-- MFA is marked as **Optional** or **Required** in the Cognito User Pool
-- TOTP is marked as an enabled MFA method in Cognito user pool
+- MFA is marked as **Optional** or **Required** in your user pool.
+- TOTP is marked as an enabled MFA method in your user pool.
TOTP can be set up by calling the `setUpTOTP` and `verifyTOTPSetup` APIs in the `Auth` category.
@@ -393,24 +421,19 @@ Invoke the `setUpTOTP` API to generate a `TOTPSetupDetails` object which should
that contains the `sharedSecret` which will be used to either to generate a QR code or can be manually entered into an Authenticator app.
-import iosSetUpTOTP from '/src/fragments/lib/auth/ios/totp/set_up_totp.mdx';
-
-
-
-import androidSetUpTOTP from '/src/fragments/lib/auth/android/totp/set_up_totp.mdx';
-
-
+
-
+```typescript
+import { setUpTOTP } from 'aws-amplify/auth';
-```dart
-Future setUpTotp() async {
+async function handleTOTPSetup() {
try {
- final totpSetupDetails = await Amplify.Auth.setUpTotp();
- final setupUri = totpSetupDetails.getSetupUri(appName: 'MyApp');
- safePrint('Open URI to complete setup: $setupUri');
- } on AuthException catch (e) {
- safePrint('An error occurred setting up TOTP: $e');
+ const totpSetupDetails = await setUpTOTP();
+ const appName = 'my_app_name';
+ const setupUri = totpSetupDetails.getSetupUri(appName);
+ // Open setupUri with an authenticator APP to retrieve an OTP code
+ } catch (error) {
+ console.log(error);
}
}
```
@@ -419,56 +442,36 @@ Future setUpTotp() async {
Once the Authenticator app is set up, the user must generate a TOTP code and provide it to the library. Pass the code to `verifyTOTPSetup` to complete the TOTP setup process.
-import iosVerifyTOTPSetup from '/src/fragments/lib/auth/ios/totp/verify_totp_setup.mdx';
+
-
-
-import androidVerifyTOTPSetup from '/src/fragments/lib/auth/android/totp/verify_totp_setup.mdx';
-
-
+
+
-
+```ts
+import { verifyTOTPSetup } from 'aws-amplify/auth';
-```dart
-Future verifyTotpSetup(String totpCode) async {
+async function handleTOTPVerification(totpCode: string) {
try {
- await Amplify.Auth.verifyTotpSetup(totpCode);
- } on AuthException catch (e) {
- safePrint('An error occurred verifying TOTP: $e');
+ await verifyTOTPSetup({ code: totpCode });
+ } catch (error) {
+ console.log(error);
}
}
```
-
+
-
-
-
-
-```java
-if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") instanceof AWSCognitoAuthPlugin) {
- AWSCognitoAuthPlugin plugin = (AWSCognitoAuthPlugin) Amplify.Auth.getPlugin("awsCognitoAuthPlugin");
- plugin.updateMFAPreference(
- null,
- MFAPreference.ENABLED,
- () -> Log.i("AuthQuickstart", "MFA preference updated successfully"),
- e -> Log.e("AuthQuickstart", "Failed to update MFA preference.", e)
- );
- }
-```
+
-
-
-
-```kotlin
-if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin) {
- val plugin = Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
- plugin.updateMFAPreference(
- null,
- MFAPreference.ENABLED,
- { Log.i("AuthQuickstart", "MFA preference updated successfully" ) },
- { e: AuthException? -> Log.e("AuthQuickstart", "Failed to update MFA preference", e) }
- )
+```js
+import { verifyTOTPSetup } from 'aws-amplify/auth';
+
+async function handleTOTPVerification(totpCode) {
+ try {
+ await verifyTOTPSetup({ code: totpCode });
+ } catch (error) {
+ console.log(error);
+ }
}
```
@@ -477,66 +480,33 @@ if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin) {
-
-
After TOTP setup is complete, call `updateMFAPreference` to record the MFA type as enabled for the user and optionally set it as preferred so that subsequent logins default to using this MFA type.
-
-
-
+
-```swift
-func updateMFAPreferences() async throws {
- let authCognitoPlugin = try Amplify.Auth.getPlugin(
- for: "awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
+```ts
+import { updateMFAPreference } from 'aws-amplify/auth';
- let totpMfaPreference: MFAPreference = .enabled // or .preferred
-
- try await authCognitoPlugin?.updateMFAPreference(
- totp: totpMfaPreference)
-}
-```
-
-
-
-
-
-```swift
-func updateMFAPreferences() -> AnyCancellable {
- Amplify.Publisher.create {
- let authCognitoPlugin = try Amplify.Auth.getPlugin(
- for: "awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
-
- let totpMfaPreference: MFAPreference = .enabled // or .preferred
-
- try await authCognitoPlugin?.updateMFAPreference(
- totp: totpMfaPreference)
- }.sink {
- if case let .failure(authError) = $0 {
- print("Confirm sign in failed \(authError)")
- }
- }
- receiveValue: {
- print("Update MFA preference succeeded")
- }
+async function handleUpdateMFAPreference() {
+ try {
+ await updateMFAPreference({ sms: 'ENABLED', totp: 'PREFERRED' });
+ } catch (error) {
+ console.log(error);
+ }
}
```
-
-
-
-
### Recovering from a lost TOTP device
-If a user loses access to their TOTP device, they would need to contact an administrator to help get access to their account. Based on the Cognito User Pool configuration, the administrator can use the [AdminSetUserMFAPreference](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html) to either change the MFA preference to a different MFA method or to disable MFA for the user.
+If a user loses access to their TOTP device, they would need to contact an administrator to help get access to their account. Based on the Cognito user pool configuration, the administrator can use the [AdminSetUserMFAPreference](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html) to either change the MFA preference to a different MFA method or to disable MFA for the user.
-In a scenario where MFA is marked as **Required** in Cognito User Pool and another MFA method is not set up, the administrator would need to first initiate an [AdminUpdateUserAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html) call and update the user’s phone number attribute. Once this is complete, the administrator can continue changing the MFA preference to SMS as suggested above.
+In a scenario where MFA is marked as **Required** in your user pool and another MFA method is not set up, the administrator would need to first initiate an [AdminUpdateUserAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html) call and update the user’s phone number attribute. Once this is complete, the administrator can continue changing the MFA preference to SMS as suggested above.
## Setting a user's preferred MFA option
@@ -544,23 +514,19 @@ In a scenario where MFA is marked as **Required** in Cognito User Pool and anoth
Invoke the following API to get the current MFA preference and enabled MFA types, if any, for the current user.
-import iosFetchMFAPreference from '/src/fragments/lib/auth/ios/mfa_preference/10_fetch_mfa_preference.mdx';
+
-
+```ts
+import { fetchMFAPreference } from 'aws-amplify/auth';
-import androidFetchMFAPreference from '/src/fragments/lib/auth/android/mfa_preference/10_fetch_mfa_preference.mdx';
-
-
-
-
-
-```dart
-Future getCurrentMfaPreference() async {
- final cognitoPlugin = Amplify.Auth.getPlugin(AmplifyAuthCognito.pluginKey);
-
- final currentPreference = await cognitoPlugin.fetchMfaPreference();
- safePrint('Enabled MFA types for user: ${currentPreference.enabled}');
- safePrint('Preferred MFA type for user: ${currentPreference.preferred}');
+async function handleFetchMFAPreference() {
+ try {
+ const output = await fetchMFAPreference();
+ console.log(`Enabled MFA types for the user: ${output.enabled}`);
+ console.log(`Preferred MFA type for the user: ${output.preferred}`);
+ } catch (error) {
+ console.log(error);
+ }
}
```
@@ -576,72 +542,106 @@ Only one MFA method can be marked as preferred at a time. If the user has multip
-import iosUpdateMFAPreferences from '/src/fragments/lib/auth/ios/mfa_preference/20_update_mfa_preference.mdx';
-
-
-
-import androidUpdateMFAPreferences from '/src/fragments/lib/auth/android/mfa_preference/20_update_mfa_preference.mdx';
+
-
+```ts
+import { updateMFAPreference } from 'aws-amplify/auth';
-
-
-```dart
-Future updateMfaPreferences() async {
- final cognitoPlugin = Amplify.Auth.getPlugin(AmplifyAuthCognito.pluginKey);
-
- await cognitoPlugin.updateMfaPreference(
- sms: MfaPreference.enabled,
- totp: MfaPreference.preferred,
- );
+async function handleUpdateMFAPreference() {
+ try {
+ await updateMFAPreference({ sms: 'ENABLED', totp: 'PREFERRED' });
+ } catch (error) {
+ console.log(error);
+ }
}
```
-If multiple MFA methods are enabled for the user, the `signIn` API will return `continueSignInWithMFASelection` as the next step in the auth flow. During this scenario, the user should be prompted to select the MFA method they want to use to sign in and their preference should be passed to `confirmSignIn`.
-
-import iosContinueSignInWithMFASelection from '/src/fragments/lib/auth/ios/signin_next_steps/91_continue_mfa_selection_code.mdx';
-
-
+If multiple MFA methods are enabled for the user, the `signIn` API will return `CONTINUE_SIGN_IN_WITH_MFA_SELECTION` as the next step in the auth flow. During this scenario, the user should be prompted to select the MFA method they want to use to sign in and their preference should be passed to `confirmSignIn`.
-import androidContinueSignInWithMFASelection from '/src/fragments/lib/auth/android/signin_next_steps/91_confirm_totp_mfa.mdx';
+
-
+
+
+
+```ts
+import { confirmSignIn, SignInOutput } from 'aws-amplify/auth';
+
+function handleSignInNextSteps(output: SignInOutput) {
+ const { nextStep } = output;
+ switch (nextStep.signInStep) {
+ // ...
+ case 'CONTINUE_SIGN_IN_WITH_MFA_SELECTION':
+ const allowedMFATypes = nextStep.allowedMFATypes;
+ const mfaType = promptUserForMFAType(allowedMFATypes);
+ case 'CONFIRM_SIGN_IN_WITH_SMS_CODE':
+ // display user to enter otp code;
+ break;
+ case 'CONFIRM_SIGN_IN_WITH_TOTP_CODE':
+ // display user to enter otp code;
+ break;
+ // ...
+ }
+}
-
+function promptUserForMFAType(
+ allowedMFATypes?: ('SMS' | 'TOTP')[]
+): 'SMS' | 'TOTP' {
+ // Prompt user to select MFA type
+}
-The MFA types which are currently supported by Amplify Auth are:
+async function handleMFASelection(mfaType: 'SMS' | 'TOTP') {
+ try {
+ const output = await confirmSignIn({
+ challengeResponse: mfaType
+ });
+ handleSignInNextSteps(output);
+ } catch (error) {
+ console.log(error);
+ }
+}
+```
-- `MfaType.sms`
-- `MfaType.totp`
+
-```dart
-Future _handleSignInResult(SignInResult result) async {
- switch (result.nextStep.signInStep) {
- // ···
- case AuthSignInStep.continueSignInWithMfaSelection:
- final allowedMfaTypes = result.nextStep.allowedMfaTypes!;
- final selection = await _promptUserPreference(allowedMfaTypes);
- return _handleMfaSelection(selection);
- // ···
+
+
+```js
+function handleSignInNextSteps(output) {
+ const { nextStep } = output;
+ switch (nextStep.signInStep) {
+ // ...
+ case 'CONTINUE_SIGN_IN_WITH_MFA_SELECTION':
+ const allowedMFATypes = nextStep.allowedMFATypes;
+ const mfaType = promptUserForMFAType(allowedMFATypes);
+ case 'CONFIRM_SIGN_IN_WITH_SMS_CODE':
+ // display user to enter otp code;
+ break;
+ case 'CONFIRM_SIGN_IN_WITH_TOTP_CODE':
+ // display user to enter otp code;
+ break;
+ // ...
}
}
-Future _promptUserPreference(Set allowedTypes) async {
- // ···
+function promptUserForMFAType(allowedMFATypes) {
+ // Prompt user to select MFA type
}
-Future _handleMfaSelection(MfaType selection) async {
+async function handleMFASelection(mfaType) {
try {
- final result = await Amplify.Auth.confirmSignIn(
- confirmationValue: selection.confirmationValue,
- );
- return _handleSignInResult(result);
- } on AuthException catch (e) {
- safePrint('Error resending code: ${e.message}');
+ const output = await confirmSignIn({
+ challengeResponse: mfaType
+ });
+ handleSignInNextSteps(output);
+ } catch (error) {
+ console.log(error);
}
}
```
+
+
+
diff --git a/src/pages/gen1/[platform]/prev/build-a-backend/auth/manage-mfa/index.mdx b/src/pages/gen1/[platform]/prev/build-a-backend/auth/manage-mfa/index.mdx
index aa180892631..b855e9df6cf 100644
--- a/src/pages/gen1/[platform]/prev/build-a-backend/auth/manage-mfa/index.mdx
+++ b/src/pages/gen1/[platform]/prev/build-a-backend/auth/manage-mfa/index.mdx
@@ -829,6 +829,6 @@ Now that you completed setting up multi-factor authentication you may also want
-import flows from '/src/fragments/lib-v1/auth/common/mfa/flows.mdx';
+import flows from '/src/fragments/lib/auth/common/mfa/flows.mdx';
-
+
From 95633ea91a8a9ebb1ee5d6ba7a7a37b122d6113b Mon Sep 17 00:00:00 2001
From: Kha Truong <64438356+khatruong2009@users.noreply.github.com>
Date: Wed, 15 May 2024 10:37:16 -0700
Subject: [PATCH 18/18] chore: revert partial previous commit
---
.../[platform]/prev/build-a-backend/auth/manage-mfa/index.mdx | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/pages/gen1/[platform]/prev/build-a-backend/auth/manage-mfa/index.mdx b/src/pages/gen1/[platform]/prev/build-a-backend/auth/manage-mfa/index.mdx
index b855e9df6cf..aa180892631 100644
--- a/src/pages/gen1/[platform]/prev/build-a-backend/auth/manage-mfa/index.mdx
+++ b/src/pages/gen1/[platform]/prev/build-a-backend/auth/manage-mfa/index.mdx
@@ -829,6 +829,6 @@ Now that you completed setting up multi-factor authentication you may also want
-import flows from '/src/fragments/lib/auth/common/mfa/flows.mdx';
+import flows from '/src/fragments/lib-v1/auth/common/mfa/flows.mdx';
-
+