Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(auth): add passwordless support #3920

Merged
merged 36 commits into from
Nov 25, 2024
Merged

feat(auth): add passwordless support #3920

merged 36 commits into from
Nov 25, 2024

Conversation

harsh62
Copy link
Member

@harsh62 harsh62 commented Nov 22, 2024
edited
Loading

Issue #

Description

This PR adds support for Cognito's new Passwordless Sign In Flows.

This includes the following new functionality for the Auth category:

Passwordless Sign-Up using a One Time Passcode (OTP) sent to a user's email address or SMS number

  • Auto-Sign In feature to sign in directly after signing up, without needing to re-enter the user's information

New USER_AUTH flow that can be used to sign in with any of the following mechanisms

  • Password & Password SRP
  • Email OTP
  • SMS OTP
  • WebAuthn

WebAuthn credential management APIs

  • Register device as a WebAuthn credential, allowing user to sign in with biometrics
  • List the registered WebAuthn credentials for the current user
  • Remove a registered WebAuthn credential

Integration Tests (Except DataStore & API)

Integration Tests | API - All

Integration Tests | DataStore - All

General Checklist

  • Added new tests to cover change, if needed
  • Build succeeds with all target using Swift Package Manager
  • All unit tests pass
  • All integration tests pass
  • Security oriented best practices and standards are followed (e.g. using input sanitization, principle of least privilege, etc)
  • Documentation update for the change if required
  • PR title conforms to conventional commit style
  • New or updated tests include Given When Then inline code documentation and are named accordingly testThing_condition_expectation()
  • If breaking change, documentation/changelog update with migration instructions

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

harsh62 and others added 27 commits November 3, 2024 14:18
@harsh62
feat(auth): adding support for email mfa (#3892)
9b219e4 
* feat(auth): adding support for email mfa

* fix swift lint warning

* worked on a review comment

* adding integration tests wave 1

* integration tests wave 2

* integration tests wave 3

* Add test setup instructions wave 4

* Add edge case

* update readme to include graphQL details
@harsh62
chore: initial commit to add sdk with passwordless models
c1c08a1
@harsh62
chore: model update
2e704e5
@ruisebas @harsh62
feat(Auth): Adding WebAuthn APIs (#153)
9a0ce7d 
* feat(Auth): Adding List WebAuthn API

* feat(Auth): Adding associate and delete WebAuthn credentials APIs

* Addding missing transports array in the credentials payload

* Adding friendlyName to AuthWebAuthnCredential

* Adding excludedCredentials to avoid multiple PassKeys for the same device

* Adding pagination support in the list API

* Renaming CredentialPayload to CredentialRegistrationPayload

* Addressing PR comments
@harsh62
feat(auth): add passwordless sign with otp (#151)
970c93a 
* feat(auth): add passwordless OTP implementation

* add fallback password and password srp flows

* add web auth n states

* modifying states
@ruisebas @harsh62
feat(Auth): Adding WebAuthn support to signIn and confirmSignIn APIs (#…
9e8f2f6 
…155)

* feat(auth): add passwordless OTP implementation

* add fallback password and password srp flows

* add web auth n states

* modifying states

* feat(Auth): Implementing signIn with WebAuthn

* Adding support for a presentation anchor in sign in and confirm sign in options

* Fixing errors

* Addressing PR comments

* fix build error

---------

Co-authored-by: Harshdeep Singh <[email protected]>
@ruisebas @harsh62
fix: Fixing build issue when iOS 18/macOS 15 are not installed
ac9dde4
@ruisebas @harsh62
feat(WebAuthn): Adding support for retrying a confirmSignIn with WebA…
a6e760b 
…uthn request, if the first one fails (#158)
@thisisabhash @harsh62
feat(auth): add support for passwordless sign up and auto sign in (#160)
364b966 
* add autoSignIn() category API definitions (#152)

* add autoSignIn() category API definitions

* add sign up step for auto sign in

* add state machine changes for autoSignIn() and signUp() (#154)

* add autoSignIn() category API definitions

* add sign up step for auto sign in

* add state machine changes

* add events and update resolvers

* update sign up events and resolvers

* add updates to resolver for auto sign in

* update confirm sign up flow and debug code

* Address review comments

---------

Co-authored-by: Harsh <[email protected]>

* update auto sign state machine events and resolver (#157)

* update auto sign state machine events and resolver

* Address review comments

* update sign up and auto sign in unit tests (#159)

* update sign up and auto sign in unit tests

* add auto sign in tests and refactor existing tests

* Add more service error tests

* Address review changes

---------

Co-authored-by: Harsh <[email protected]>
@harsh62
chore: fix building of unit tests after sign up rebase
c773ced
@harsh62
feat(auth): adding passwordless sign in preferred flows (#162)
56b31e0 
* feat(auth): add passwordless preferred flow

* adding confirm device and device srp flows to user auth

* update message

* worked on review comments

* update
@thisisabhash
chore(auth): add more auto sign in and sign up state machine/e2e unit…
3df1ef0 
… tests (#161)

* chore(auth): add more auto sign in and sign up state machine/e2e unit tests

* Address review comments
@harsh62
chore: updated SDK and models
119a8b1
@harsh62
Merge branch 'passwordless' of github.com:aws-amplify/amplify-ios-sta…
ab2edae 
…ging into passwordless
@harsh62
chore: update integration test host app
745cc8e
@ruisebas
fix: Fixing build errors in watchOS/tvOS due to missing prechecks.
7336281
@harsh62
feat(auth): adding an initial passwordless integration test with reso…
495a487 
…urces defined (#163)
@harsh62
chore: update no-auth API's in the resolver
aaaf694
@ruisebas
chore: Updating to the renamed WebAuthn APIs (#164)
717fa31 
* chore: Updating to the renamed WebAuthn APIs

* Fixing unit tests
@ruisebas
chore: Adding unit tests for the WebAuthn APIs Tasks (#165)
208ca17 
* test: Adding AssociateWebAuthn unit tests

* test: Adding ListWebAuthnCredentials unit tests

* test: Adding DeleteWebAuthnCredential unit tests

* chore: simplifying how webauthn errors are handled

* adressing PR comments
@thisisabhash
chore(auth): add integration tests for passwordless signup and auto s…
0ffc77b 
…ign in (#166)

* chore(auth): add integration tests for passwordless signup and auto sign in

* remove unused code

* refactor code
@harsh62
chore: add integration tests for sign in flows (#168)
f4e5701 
* chore: add integration tests for sign in flows

* Update AuthSignInWithPasswordUsingUserAuthTests.swift

* Add more integration tests

* update
@harsh62
chore: update sdk to use the latest models
4820997
@ruisebas
test: Adding integration tests for WebAuthn APIs (#169)
f55d2bb 
* test: Adding integration tests for WebAuthn APIs

* chore: Adding webauthn integration workflow

* Refactoring the code to remove unnecesary waits and make it more easy to read
@ruisebas
fix: Fixing service errors being reported as .unknown when sign in fa…
ed7fbf9 
…ils (#170)

* fix: Fixing service errors being reported as .unknown when sign in fails. Also adding proper WebAuthn cases to the AWSCognitoAuthError enum.

* addressing PR comment
@thisisabhash
fix(auth): fix resolvers and tasks for auto sign in when state machin…
19eeb30 
…e is in signing in state (#172)

* fix(auth): fix resolvers and tasks for auto sign in when state machine is in signin in state

* fix indentation
@ruisebas
feat: Adding visionOS support to the WebAuthn APIs (#171)
d1263a0
@harsh62 harsh62 requested a review from a team as a code owner November 22, 2024 18:42
@harsh62 harsh62 changed the title feat(auth): add passwrodless support feat(auth): add passwordless support Nov 22, 2024
@harsh62 harsh62 merged commit edd2aa7 into main Nov 25, 2024
117 of 118 checks passed
@harsh62 harsh62 deleted the passwordless branch November 25, 2024 18:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thisisabhash thisisabhash thisisabhash approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@harsh62 @thisisabhash @ruisebas