Bump aws-amplify version (#14706)

Fixes #14704

Migrated to amplify v6. Needed some patches, as the new version does not envision external browser and deeplinks redirects.

# Important Notes
Requires QA of various ways of logging in and using 2FA

Author: farmaazon

MODULE.bazel

@@ -46,6 +46,9 @@ register_toolchains("//toolchains:windows_builtin_tar_toolchain")
 npm = use_extension("@aspect_rules_js//npm:extensions.bzl", "npm", dev_dependency = True)
 npm.npm_translate_lock(
     name = "npm",
+    data = [
+        "//:patches/@aws-amplify__auth.patch",
+    ],
     npmrc = "//:.npmrc",
     pnpm_lock = "//:pnpm-lock.yaml",
     verify_node_modules_ignored = "//:.bazelignore",

app/gui/package.json

@@ -46,8 +46,7 @@
     "@ag-grid-community/styles": "^32.3.3",
     "@ag-grid-enterprise/core": "^32.3.3",
     "@ag-grid-enterprise/range-selection": "^32.3.3",
-    "@aws-amplify/auth": "5.6.5",
-    "@aws-amplify/core": "5.8.5",
+    "aws-amplify": "^6.16.0",
     "@babel/parser": "^7.26.3",
     "@codemirror/autocomplete": "catalog:",
     "@codemirror/commands": "^6.8.1",
@@ -150,7 +149,7 @@
     "@types/mapbox-gl": "^3.4.1",
     "@types/node": "catalog:",
     "@types/papaparse": "^5.3.15",
-    "@types/react": "^18.3.18",
+    "@types/react": "^18.3.1",
     "@types/react-dom": "^18.3.5",
     "@types/shuffle-seed": "^1.1.3",
     "@types/tar": "^6.1.13",
@@ -204,7 +203,6 @@
     "zip-stream": "^7.0.2"
   },
   "overrides": {
-    "@aws-amplify/auth": "../_IGNORED_",
     "react-native-url-polyfill": "../_IGNORED_"
   }
 }

app/gui/src/authentication/cognito.mock.ts

@@ -31,7 +31,6 @@
  * `kind` field provides a unique string that can be used to brand the error in place of the
  * `internalCode`, when rethrowing the error.
  */
-import type * as amplify from '@aws-amplify/auth'
 import type * as cognito from 'amazon-cognito-identity-js'
 import * as results from 'ts-results'
 
@@ -185,7 +184,8 @@ export class Cognito {
    */
   async signInWithApple() {
     this.isSignedIn = true
-    listen.authEventListener?.(listen.AuthEvent.signIn)
+    listen.authEventListener?.(listen.AuthEvent.signInWithRedirect)
+    listen.authEventListener?.(listen.AuthEvent.signedIn)
     await Promise.resolve()
   }
 
@@ -198,7 +198,8 @@ export class Cognito {
    */
   async signInWithMicrosoft() {
     this.isSignedIn = true
-    listen.authEventListener?.(listen.AuthEvent.signIn)
+    listen.authEventListener?.(listen.AuthEvent.signInWithRedirect)
+    listen.authEventListener?.(listen.AuthEvent.signedIn)
     await Promise.resolve()
   }
 
@@ -211,7 +212,8 @@ export class Cognito {
    */
   async signInWithGoogle() {
     this.isSignedIn = true
-    listen.authEventListener?.(listen.AuthEvent.signIn)
+    listen.authEventListener?.(listen.AuthEvent.signInWithRedirect)
+    listen.authEventListener?.(listen.AuthEvent.signedIn)
     await Promise.resolve()
   }
 
@@ -224,7 +226,8 @@ export class Cognito {
    */
   signInWithGitHub() {
     this.isSignedIn = true
-    listen.authEventListener?.(listen.AuthEvent.signIn)
+    listen.authEventListener?.(listen.AuthEvent.signInWithRedirect)
+    listen.authEventListener?.(listen.AuthEvent.signedIn)
     return Promise.resolve({
       accessKeyId: 'access key id',
       sessionToken: 'session token',
@@ -245,7 +248,7 @@ export class Cognito {
     mockEmail = username
     localStorage.setItem(MOCK_EMAIL_KEY, username)
     const result = await results.Result.wrapAsync(async () => {
-      listen.authEventListener?.(listen.AuthEvent.signIn)
+      listen.authEventListener?.(listen.AuthEvent.signedIn)
       return Promise.resolve(await this.userSession())
     })
     return result
@@ -256,7 +259,7 @@ export class Cognito {
   /** Sign out the current user. */
   async signOut() {
     this.isSignedIn = false
-    listen.authEventListener?.(listen.AuthEvent.signOut)
+    listen.authEventListener?.(listen.AuthEvent.signedOut)
     localStorage.removeItem(MOCK_EMAIL_KEY)
     localStorage.removeItem(MOCK_ORGANIZATION_ID_KEY)
     return Promise.resolve(null)
@@ -301,18 +304,13 @@ export class Cognito {
    * component.
    */
   async changePassword(oldPassword: string, newPassword: string) {
-    const cognitoUserResult = await currentAuthenticatedUser()
-    if (cognitoUserResult.ok) {
-      const result = await results.Result.wrapAsync(() =>
-        fetch('https://mock-cognito.com/change-password', {
-          method: 'POST',
-          body: JSON.stringify({ oldPassword, newPassword }),
-        }),
-      )
-      return result.mapErr(original.intoAmplifyErrorOrThrow)
-    } else {
-      return results.Err(cognitoUserResult.val)
-    }
+    const result = await results.Result.wrapAsync(() =>
+      fetch('https://mock-cognito.com/change-password', {
+        method: 'POST',
+        body: JSON.stringify({ oldPassword, newPassword }),
+      }),
+    )
+    return result.mapErr(original.intoAmplifyErrorOrThrow)
   }
 
   /** Refresh the current user's session. */
@@ -387,15 +385,3 @@ async function confirmSignUp(_email: string, _code: string) {
     result.mapErr(original.intoAmplifyErrorOrThrow).mapErr(original.intoConfirmSignUpErrorOrThrow),
   )
 }
-
-/**
- * A wrapper around the Amplify "current authenticated user" endpoint that converts known errors
- * to `AmplifyError`s.
- */
-async function currentAuthenticatedUser() {
-  const result = await results.Result.wrapAsync(
-    // The methods are not needed.
-    async () => await Promise.resolve<amplify.CognitoUser>({} as unknown as amplify.CognitoUser),
-  )
-  return result.mapErr(original.intoAmplifyErrorOrThrow)
-}