diff --git a/.github/composite_actions/launch_ios_simulator/dist/main.cjs b/.github/composite_actions/launch_ios_simulator/dist/main.cjs index 30a2c84da3..da956c533e 100644 --- a/.github/composite_actions/launch_ios_simulator/dist/main.cjs +++ b/.github/composite_actions/launch_ios_simulator/dist/main.cjs @@ -14679,7 +14679,7 @@ case 0: // Function start $async$goto = 2; - return A._asyncAwait(A.Exec_exec(type$.JSObject._as(self.exec), "brew", A._setArrayType(["install", "xcodesorg/made/xcodes", "aria2"], type$.JSArray_String), true), $async$call$0); + return A._asyncAwait(A.Exec_exec(type$.JSObject._as(self.exec), "/bin/sh", A._setArrayType(["-c", "brew install xcodes"], type$.JSArray_String), true), $async$call$0); case 2: // returning from await. if ($async$result.exitCode !== 0) diff --git a/packages/amplify_datastore/example/lib/widgets/public_view.dart b/packages/amplify_datastore/example/lib/widgets/public_view.dart index f85c0e390c..393ba7bd20 100644 --- a/packages/amplify_datastore/example/lib/widgets/public_view.dart +++ b/packages/amplify_datastore/example/lib/widgets/public_view.dart @@ -308,7 +308,7 @@ class _PublicViewState extends State } }, activeTrackColor: Colors.lightGreenAccent, - activeColor: Colors.green, + activeThumbColor: Colors.green, ), Padding(padding: EdgeInsets.all(5.0)), diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/operation/get_tokens_from_refresh_token_operation.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/operation/get_tokens_from_refresh_token_operation.dart index c92345a000..7287577c6c 100644 --- a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/operation/get_tokens_from_refresh_token_operation.dart +++ b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/operation/get_tokens_from_refresh_token_operation.dart @@ -73,6 +73,7 @@ class GetTokensFromRefreshTokenOperation region: _region, service: _i4.AWSService.cognitoIdentityProvider, credentialsProvider: _credentialsProvider, + isOptional: true, ), const _i1.WithUserAgent('aws-sdk-dart/0.3.2'), const _i3.WithSdkInvocationId(), diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart index 7119420870..b3d68b36ee 100644 --- a/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart +++ b/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart @@ -7,14 +7,11 @@ import 'package:amplify_auth_cognito_dart/amplify_auth_cognito_dart.dart'; import 'package:amplify_auth_cognito_dart/src/credentials/auth_plugin_credentials_provider.dart'; import 'package:amplify_auth_cognito_dart/src/credentials/cognito_keys.dart'; import 'package:amplify_auth_cognito_dart/src/credentials/device_metadata_repository.dart'; -import 'package:amplify_auth_cognito_dart/src/flows/constants.dart'; -import 'package:amplify_auth_cognito_dart/src/flows/helpers.dart'; import 'package:amplify_auth_cognito_dart/src/model/session/cognito_sign_in_details.dart'; import 'package:amplify_auth_cognito_dart/src/sdk/cognito_identity.dart' hide NotAuthorizedException; import 'package:amplify_auth_cognito_dart/src/sdk/cognito_identity_provider.dart' as cognito_idp; -import 'package:amplify_auth_cognito_dart/src/sdk/src/cognito_identity_provider/model/analytics_metadata_type.dart'; import 'package:amplify_auth_cognito_dart/src/state/cognito_state_machine.dart'; import 'package:amplify_auth_cognito_dart/src/state/state.dart'; import 'package:amplify_core/amplify_core.dart'; @@ -359,7 +356,6 @@ final class FetchAuthSessionStateMachine AuthResult userSubResult; AuthResult credentialsResult; AuthResult identityIdResult; - final hasUserPool = _authConfig?.userPoolId != null; var userPoolTokens = result.userPoolTokens; if (!hasUserPool) { @@ -511,38 +507,25 @@ final class FetchAuthSessionStateMachine final deviceSecrets = await getOrCreate().get( userPoolTokens.username, ); - final refreshRequest = cognito_idp.InitiateAuthRequest.build((b) { - b - ..authFlow = cognito_idp.AuthFlowType.refreshTokenAuth - ..clientId = _authConfig?.userPoolClientId - ..authParameters.addAll({ - CognitoConstants.refreshToken: userPoolTokens.refreshToken, - }) - ..analyticsMetadata = get()?.toBuilder(); - - // ignore: invalid_use_of_internal_member - if (_authConfig?.appClientSecret != null && - _authConfig?.userPoolClientId != null) { - b.authParameters[CognitoConstants.challengeParamSecretHash] = - computeSecretHash( - userPoolTokens.username, - _authConfig!.userPoolClientId!, - // ignore: invalid_use_of_internal_member - _authConfig!.appClientSecret!, - ); - } + // seems we dont support client metadata + final refreshRequest = cognito_idp.GetTokensFromRefreshTokenRequest.build(( + b, + ) { + b + ..refreshToken = userPoolTokens.refreshToken + ..clientId = _authConfig?.userPoolClientId; final deviceKey = deviceSecrets?.deviceKey; if (deviceKey != null) { - b.authParameters[CognitoConstants.challengeParamDeviceKey] = deviceKey; + b.deviceKey = deviceKey; } }); try { final result = await _withZoneOverrides( - () => _cognitoIdpClient.initiateAuth(refreshRequest).result, + () => + _cognitoIdpClient.getTokensFromRefreshToken(refreshRequest).result, ); final authResult = result.authenticationResult; - final accessToken = authResult?.accessToken; final refreshToken = authResult?.refreshToken; final idToken = authResult?.idToken; diff --git a/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart b/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart index c9bccf223d..686f1ef4db 100644 --- a/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart +++ b/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart @@ -48,11 +48,10 @@ void main() { stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw const AuthNotAuthorizedException( - 'Refresh Token has expired.', - ), - ), + getTokensFromRefreshToken: () async => + throw const AuthNotAuthorizedException( + 'Refresh Token has expired.', + ), ), ); }); diff --git a/packages/auth/amplify_auth_cognito_test/test/plugin/sign_out_test.dart b/packages/auth/amplify_auth_cognito_test/test/plugin/sign_out_test.dart index 3aa2d5d515..fbf41f6709 100644 --- a/packages/auth/amplify_auth_cognito_test/test/plugin/sign_out_test.dart +++ b/packages/auth/amplify_auth_cognito_test/test/plugin/sign_out_test.dart @@ -275,6 +275,8 @@ void main() { final mockIdp = MockCognitoIdentityProviderClient( initiateAuth: (p0) async => throw InternalErrorException(message: 'Invalid token'), + getTokensFromRefreshToken: () async => + throw const AuthNotAuthorizedException('Auth not authorized'), ); stateMachine.addInstance(mockIdp); diff --git a/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart b/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart index 890a20c975..497c241869 100644 --- a/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart +++ b/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart @@ -380,15 +380,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), ), - ), - ), ), ); session = await fetchAuthSession(willRefresh: true); @@ -425,11 +424,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw const AuthNotAuthorizedException( - 'Tokens expired', - ), - ), + getTokensFromRefreshToken: () async => + throw const AuthNotAuthorizedException('Tokens expired'), ), ); session = await fetchAuthSession(willRefresh: true); @@ -469,10 +465,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => - throw AWSHttpException(AWSHttpRequest.get(Uri())), - ), + getTokensFromRefreshToken: () async => + throw AWSHttpException(AWSHttpRequest.get(Uri())), ), ); session = await fetchAuthSession(willRefresh: true); @@ -512,9 +506,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -570,15 +563,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), ), - ), - ), ), ); session = await fetchAuthSession(willRefresh: true); @@ -614,10 +606,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => - throw AWSHttpException(AWSHttpRequest.get(Uri())), - ), + getTokensFromRefreshToken: () async => + throw AWSHttpException(AWSHttpRequest.get(Uri())), ), ); session = await fetchAuthSession(willRefresh: true); @@ -657,9 +647,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -710,15 +699,14 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), ), - ), - ), ), ) ..addInstance( @@ -765,18 +753,56 @@ void main() { }); }); - group('expired', () { + group('with new refresh token', () { + const newRefreshToken = 'new-refresh-token-rotated'; setUp(() async { await configureAmplify(config); stateMachine ..addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw const AuthNotAuthorizedException( - 'Tokens expired', + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: newRefreshToken, + idToken: newIdToken.raw, + ), + ), + ), + ) + ..addInstance( + MockCognitoIdentityClient( + getCredentialsForIdentity: expectAsync0( + () async => GetCredentialsForIdentityResponse( + credentials: Credentials( + accessKeyId: newAccessKeyId, + secretKey: newSecretAccessKey, + ), ), ), ), + ); + session = await fetchAuthSession( + willRefresh: true, + forceRefresh: true, + ); + }); + + test('should return new refresh token', () { + final userPoolTokens = session.userPoolTokensResult.value; + expect(userPoolTokens.refreshToken, newRefreshToken); + }); + }); + + group('expired', () { + setUp(() async { + await configureAmplify(config); + stateMachine + ..addInstance( + MockCognitoIdentityProviderClient( + getTokensFromRefreshToken: () async => + throw const AuthNotAuthorizedException('Tokens expired'), + ), ) ..addInstance( MockCognitoIdentityClient( @@ -832,10 +858,8 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => - throw AWSHttpException(AWSHttpRequest.get(Uri())), - ), + getTokensFromRefreshToken: () async => + throw AWSHttpException(AWSHttpRequest.get(Uri())), ), ) ..addInstance( @@ -891,9 +915,8 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ) ..addInstance( @@ -1270,15 +1293,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), ), - ), - ), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1318,9 +1340,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1375,15 +1396,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), ), - ), - ), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1423,9 +1443,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1478,15 +1497,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), ), - ), - ), ), ); session = await fetchAuthSession( @@ -1530,9 +1548,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession(