chore: kickoff release

Author: harsh62

.circleci/config.yml

@@ -107,18 +107,18 @@ commands:
       - run:
           name: Checkout code shallow and change to working directory
           command: |
-            git clone --depth 1 "$CIRCLE_REPOSITORY_URL" --branch "$CIRCLE_BRANCH" $CIRCLE_WORKING_DIRECTORY
+            git clone --depth 10 "$CIRCLE_REPOSITORY_URL" --branch "$CIRCLE_BRANCH" $CIRCLE_WORKING_DIRECTORY
             cd $CIRCLE_WORKING_DIRECTORY
 
             if [ -n "$CIRCLE_TAG" ]; then
               echo 'Fetch tag'
-              git fetch --depth 1 --force origin "+refs/tags/${CIRCLE_TAG}:refs/tags/${CIRCLE_TAG}"
+              git fetch --depth 10 --force origin "+refs/tags/${CIRCLE_TAG}:refs/tags/${CIRCLE_TAG}"
             elif [[ $(echo $CIRCLE_PULL_REQUEST | grep -E "${CIRCLE_BRANCH}$") ]]; then
               echo 'Fetch pull request'
-              git fetch --depth 1 --force origin "$CIRCLE_BRANCH/head:remotes/origin/$CIRCLE_BRANCH"
+              git fetch --depth 10 --force origin "$CIRCLE_BRANCH/head:remotes/origin/$CIRCLE_BRANCH"
             else
               echo 'Fetch branch'
-              git fetch --depth 1 --force origin "$CIRCLE_BRANCH:remotes/origin/$CIRCLE_BRANCH"
+              git fetch --depth 10 --force origin "$CIRCLE_BRANCH:remotes/origin/$CIRCLE_BRANCH"
             fi
             echo "Checking out the CI HEAD"
             git reset --hard "$CIRCLE_SHA1"

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Operations/Helpers/HostedUISignInHelper.swift

@@ -26,8 +26,15 @@ struct HostedUISignInHelper: DefaultLogger {
 
     func initiateSignIn() async throws -> AuthSignInResult {
         try await isValidState()
-        log.verbose("Start signIn flow")
-        return try await doSignIn()
+        do {
+            log.verbose("Start signIn flow")
+            let result = try await doSignIn()
+            log.verbose("Received result")
+            return result
+        } catch {
+            await waitForSignInCancel()
+            throw error
+        }
     }
 
     func isValidState() async throws {
@@ -80,23 +87,20 @@ struct HostedUISignInHelper: DefaultLogger {
             switch authNState {
             case .signedIn:
                 if case .sessionEstablished = authZState {
-                   return AuthSignInResult(nextStep: .done)
+                    return AuthSignInResult(nextStep: .done)
+                } else if case .error(let error) = authZState {
+                    log.verbose("Authorization reached an error state \(error)")
+                    throw error.authError
                 }
 
             case .error(let error):
-                await waitForSignInCancel()
                 throw error.authError
 
             case .signingIn(let signInState):
-                do {
-                    guard let result = try UserPoolSignInHelper.checkNextStep(signInState) else {
-                        continue
-                    }
-                    return result
-                } catch {
-                    await waitForSignInCancel()
-                    throw error
+                guard let result = try UserPoolSignInHelper.checkNextStep(signInState) else {
+                    continue
                 }
+                return result
             default:
                 continue
             }
@@ -143,6 +147,10 @@ struct HostedUISignInHelper: DefaultLogger {
             switch authenticationState {
             case .signedOut:
                 return
+            case .signingOut(let signingOutState):
+                if case .error = signingOutState {
+                    return
+                }
             default: continue
             }
         }

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/Errors/AuthorizationError.swift

@@ -26,14 +26,13 @@ extension AuthorizationError: AuthErrorConvertible {
         case .configuration(let message):
             return .configuration(message, "")
         case .service(let error):
-            if let getIdOutputError = error as? SdkError<GetIdOutputError> {
-                return getIdOutputError.authError
-            } else if let getCredentialForIdentityError = error as? SdkError<GetCredentialsForIdentityOutputError> {
-                return getCredentialForIdentityError.authError
-            } else if let authError = error as? AuthError {
-                return authError
+            if let convertibleError = error as? AuthErrorConvertible {
+                return convertibleError.authError
             } else {
-                return AuthError.unknown("", error)
+                return .service(
+                    "Service error occurred",
+                    AmplifyErrorMessages.reportBugToAWS(),
+                    error)
             }
         case .invalidState(let message):
             return .invalidState(message, AuthPluginErrorConstants.invalidStateError, nil)

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/Errors/FetchSessionError.swift

@@ -79,10 +79,14 @@ extension FetchSessionError: AuthErrorConvertible {
             return .unknown(
                 "Refreshing credentials from federationToIdentityPool is not supported \(AmplifyErrorMessages.reportBugToAWS())")
         case .service(let error):
-            return .service(
-                "Service error occurred",
-                AmplifyErrorMessages.reportBugToAWS(),
-                error)
+            if let convertibleError = error as? AuthErrorConvertible {
+                return convertibleError.authError
+            } else {
+                return .service(
+                    "Service error occurred",
+                    AmplifyErrorMessages.reportBugToAWS(),
+                    error)
+            }
         }
     }
 

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/Resolvers/Authentication/AuthenticationState+Resolver.swift

@@ -202,6 +202,16 @@ extension AuthenticationState {
                 )
                 return resolution
 
+            case .cancelSignIn:
+                let action = InitiateSignOut(
+                    signedInData: currentSignedInData,
+                    signOutEventData: .init(globalSignOut: false))
+                let signOutState = SignOutState.notStarted
+                let resolution = StateResolution(
+                    newState: AuthenticationState.signingOut(signOutState),
+                    actions: [action]
+                )
+                return resolution
             default:
                 return .from(.signedIn(currentSignedInData))
             }

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Support/Helpers/UserPoolSignInHelper.swift

@@ -81,7 +81,7 @@ struct UserPoolSignInHelper: DefaultLogger {
 
             let client = try environment.cognitoUserPoolFactory()
             let response = try await client.respondToAuthChallenge(input: request)
-            let event = try self.parseResponse(response, for: username, signInMethod: signInMethod)
+            let event = self.parseResponse(response, for: username, signInMethod: signInMethod)
             return event
         }
 
@@ -90,7 +90,7 @@ struct UserPoolSignInHelper: DefaultLogger {
     static func parseResponse(
         _ response: SignInResponseBehavior,
         for username: String,
-        signInMethod: SignInMethod) throws -> StateMachineEvent {
+        signInMethod: SignInMethod) -> StateMachineEvent {
 
             if let authenticationResult = response.authenticationResult,
                let idToken = authenticationResult.idToken,

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Task/AWSAuthSignInTask.swift

@@ -45,7 +45,7 @@ class AWSAuthSignInTask: AuthSignInTask, DefaultLogger {
         let authflowType = authFlowType(userPoolConfiguration: userPoolConfiguration)
         do {
             log.verbose("Signing with \(authflowType)")
-           let result = try await doSignIn(authflowType: authflowType)
+            let result = try await doSignIn(authflowType: authflowType)
             log.verbose("Received result")
             return result
         } catch {
@@ -95,8 +95,7 @@ class AWSAuthSignInTask: AuthSignInTask, DefaultLogger {
                     return AuthSignInResult(nextStep: .done)
                 } else if case .error(let error) = authZState {
                     log.verbose("Authorization reached an error state \(error)")
-                    let error = AuthError.unknown("Sign in reached an error state", error)
-                    throw error
+                    throw error.authError
                 }
             case .error(let error):
                 throw error.authError

AmplifyPlugins/Auth/Tests/AWSCognitoAuthPluginUnitTests/TaskTests/AWSAuthSignInPluginTests.swift

@@ -150,6 +150,10 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///
     func testSignInWithEmptyPassword() async {
 
+        self.mockIdentity = MockIdentity(
+            mockGetIdResponse: getId,
+            mockGetCredentialsResponse: getCredentials)
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             InitiateAuthOutputResponse(
                 authenticationResult: .none,
@@ -674,6 +678,7 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///    - I should get a .service error with .lambda error
     ///
     func testSignInWithInvalidLambdaResponseException() async {
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             throw InitiateAuthOutputError.invalidLambdaResponseException(.init())
         })
@@ -702,6 +707,7 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///    - I should get a .service error with .invalidParameter error
     ///
     func testSignInWithInvalidParameterException() async {
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             throw InitiateAuthOutputError.invalidParameterException(.init())
         })
@@ -730,6 +736,7 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///    - I should get a .configuration error
     ///
     func testSignInWithInvalidUserPoolConfigurationException() async {
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             throw InitiateAuthOutputError.invalidUserPoolConfigurationException(.init())
         })
@@ -757,6 +764,7 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///    - I should get a .notAuthorized error
     ///
     func testSignInWithNotAuthorizedException() async {
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             throw InitiateAuthOutputError.notAuthorizedException(.init())
         })
@@ -784,6 +792,7 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///    - I should get a .resetPassword as next step
     ///
     func testSignInWithPasswordResetRequiredException() async {
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             throw InitiateAuthOutputError.passwordResetRequiredException(.init())
         })
@@ -812,6 +821,7 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///    - I should get a .resetPassword as next step
     ///
     func testSignInWithPasswordResetRequiredException2() async {
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             let serviceError = SdkError<InitiateAuthOutputError>
                 .service(.passwordResetRequiredException(PasswordResetRequiredException()),
@@ -843,6 +853,7 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///    - I should get a .service error with .resourceNotFound error
     ///
     func testSignInWithResourceNotFoundException() async {
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             throw InitiateAuthOutputError.resourceNotFoundException(.init())
         })
@@ -871,6 +882,7 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///    - I should get a .service error with .requestLimitExceeded error
     ///
     func testSignInWithTooManyRequestsException() async {
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             throw InitiateAuthOutputError.tooManyRequestsException(.init())
         })
@@ -899,6 +911,7 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///    - I should get a .service error with .lambda error
     ///
     func testSignInWithUnexpectedLambdaException() async {
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             throw InitiateAuthOutputError.unexpectedLambdaException(.init())
         })
@@ -927,6 +940,7 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///    - I should get a .service error with .lambda error
     ///
     func testSignInWithUserLambdaValidationException() async {
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             throw InitiateAuthOutputError.userLambdaValidationException(.init())
         })
@@ -983,6 +997,7 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///    - I should get a .confirmSignUp as next step
     ///
     func testSignInWithUserNotConfirmedException2() async {
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             let serviceError = SdkError<InitiateAuthOutputError>
                 .service(.userNotConfirmedException(UserNotConfirmedException()),
@@ -1014,6 +1029,7 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///    - I should get a .service error with .userNotFound error
     ///
     func testSignInWithUserNotFoundException() async {
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             throw InitiateAuthOutputError.userNotFoundException(.init())
         })
@@ -1044,6 +1060,7 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///    - I should get a .service error with .aliasExists error
     ///
     func testSignInWithAliasExistsException() async {
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             InitiateAuthOutputResponse(
                 authenticationResult: .none,
@@ -1078,6 +1095,7 @@ class AWSAuthSignInPluginTests: BasePluginTest {
     ///    - I should get a .service error with .invalidPassword error
     ///
     func testSignInWithInvalidPasswordException() async {
+
         self.mockIdentityProvider = MockIdentityProvider(mockInitiateAuthResponse: { _ in
             InitiateAuthOutputResponse(
                 authenticationResult: .none,
@@ -1166,4 +1184,69 @@ class AWSAuthSignInPluginTests: BasePluginTest {
             XCTFail("Received failure with error \(error)")
         }
     }
+
+    /// Test a signIn with valid inputs
+    ///
+    /// - Given: Given an auth plugin with mocked service.
+    ///
+    /// - When:
+    ///    - I invoke signIn with valid values, and
+    ///      AuthN is success whereas AuthZ fails
+    ///      In This case, GetId throws an exception
+    /// - Then:
+    ///    - I should get a service exception and should not be signed in
+    ///
+    func testSuccessfulSignInWithFailingIdentity() async {
+
+        self.mockIdentity = MockIdentity(
+            mockGetIdResponse: { _ in
+                throw GetIdOutputError.invalidParameterException(.init(message: "Invalid parameter passed"))
+            },
+            mockGetCredentialsResponse: getCredentials)
+
+        self.mockIdentityProvider = MockIdentityProvider(mockRevokeTokenResponse: { _ in
+            RevokeTokenOutputResponse()
+        }, mockInitiateAuthResponse: { _ in
+            InitiateAuthOutputResponse(
+                authenticationResult: .none,
+                challengeName: .passwordVerifier,
+                challengeParameters: InitiateAuthOutputResponse.validChalengeParams,
+                session: "someSession")
+        }, mockRespondToAuthChallengeResponse: { _ in
+            RespondToAuthChallengeOutputResponse(
+                authenticationResult: .init(
+                    accessToken: Defaults.validAccessToken,
+                    expiresIn: 300,
+                    idToken: "idToken",
+                    newDeviceMetadata: nil,
+                    refreshToken: "refreshToken",
+                    tokenType: ""),
+                challengeName: .none,
+                challengeParameters: [:],
+                session: "session")
+        })
+
+        let pluginOptions = AWSAuthSignInOptions(validationData: ["somekey": "somevalue"],
+                                                 metadata: ["somekey": "somevalue"])
+        let options = AuthSignInRequest.Options(pluginOptions: pluginOptions)
+
+        do {
+            _ = try await plugin.signIn(username: "username", password: "password", options: options)
+            XCTFail("Sign In with failing authorization should throw an error")
+
+        } catch AuthError.service(_, _, let error) {
+            guard let cognitoError = error as? AWSCognitoAuthError else {
+                XCTFail("Underlying error should be of type AWSCognitoAuthError")
+                return
+            }
+
+            guard case AWSCognitoAuthError.invalidParameter = cognitoError else {
+                XCTFail("Error thrown should be an AWSCognitoAuthError.invalidParameter")
+                return
+            }
+
+        } catch {
+            XCTFail("Error thrown should be an AuthError but got:\n\(error)")
+        }
+    }
 }

AmplifyPlugins/Auth/Tests/AWSCognitoAuthPluginUnitTests/TaskTests/AuthorizationTests/AWSAuthFederationToIdentityPoolTests.swift

@@ -787,7 +787,7 @@ class AWSAuthFederationToIdentityPoolTests: BaseAuthorizationTests {
 
         let getCredentials: MockIdentity.MockGetCredentialsResponse = { input in
             if shouldThrowError {
-                throw GetCredentialsForIdentityOutputError.internalErrorException(.init())
+                throw GetCredentialsForIdentityOutputError.invalidParameterException(.init())
             } else {
                 return .init(credentials: credentials, identityId: mockIdentityId)
             }