@liftric/authdeprecated

Lightweight AWS Cognito client.

Usage no npm install needed!

<script type="module">
  import liftricAuth from 'https://cdn.skypack.dev/@liftric/auth';
</script>

README

CI maven-central OSS Sonatype (Releases) npm (scoped)

Auth

Auth is a lightweight AWS Cognito client for Kotlin Multiplatform projects

In its current state it provides only the bare minimum that was needed for our project. Feel free to contribute if there is something missing for you.

Import

Kotlin

sourceSets {
    val commonMain by getting {
        dependencies {
            implementation("com.liftric:auth:<version>")
        }
    }
}

Typescript

Yarn

yarn add @liftric/auth@<version>

npm

npm i @liftric/auth@<version>

How-to

Instantiating

The handler needs a configuration object consisting of the region code and the client ID.

val configuration = Configuration(region = Region.euCentral1,
                                  clientId = "CLIENT_ID")

Kotlin

val authHandler = AuthHandler(configuration)

Typescript

import {AuthHandlerJS} from '@liftric/auth';

const auth = new AuthHandlerJS('<regionString>', '<clientId>');

API

General usage of the request methods.

Kotlin

All methods are suspending and will return a Result<T> object which wraps the desired return object T and can contain an exception.

val response = signUp(username = "user", password = "password")
if (response.isSuccess) {
    println(signUpResponse.getOrNull())
} else {
    println(signUpResponse.exceptionOrNull())
}

Typescript

All methods return a Promise that returns the desired object T on success.

Sign Up

Signs up the user.

Attributes are optional.

val attribute = UserAttribute(Name = "email", Value = "name@url.tld")

signUp(username = "USERNAME", password = "PASSWORD",
       attributes = listOf(attribute)): Result<SignUpResponse>
...

Confirm Sign Up

Confirms the sign up (also the delivery medium).

confirmSignUp(username = "USERNAME", confirmationCode = "CODE_FROM_DELIVERY_MEDIUM"): Result<Unit>

Sign In

Signs in the users.

signIn(username = "USERNAME", password = "PASSWORD"): Result<SignInResponse>

Refresh access token

Refreshes access token based on refresh token that's retrieved from an earlier sign in.

val signInResponse: SignInResponse = ... // from earlier login or refresh
val refreshToken = signInResponse.AuthenticationResult.RefreshToken
refresh(refreshToken = refreshToken): Result<SignInResponse>

Get Claims

You can retrieve the claims of both the IdTokens' and AccessTokens' payload by converting them to either a CognitoIdToken or CognitoAccessToken

val idToken = CognitoIdToken(idTokenString)
// or
val accessToken = CognitoAccessToken(accessTokenString)

val phoneNumber = idToken.claims.phoneNumber
val sub = idToken.claims.sub

Custom attributes of the IdToken get mapped into customAttributes

val twitter = idToken.claims.customAttributes["custom:twitter"]

Get User

Returns the users attributes and metadata on success.

More info about this in the official documentation.

getUser(accessToken = "TOKEN_FROM_SIGN_IN_REQUEST"): Result<GetUserResponse>

Update User Attributes

Updates the users attributes (e.g. email, phone number, ...).

updateUserAttributes(accessToken = "TOKEN_FROM_SIGN_IN_REQUEST",
                     attributes = listOf(...)): Result<UpdateUserAttributesResponse>

Change Password

Updates the users password

changePassword(accessToken = "TOKEN_FROM_SIGN_IN_REQUEST",
               currentPassword = "OLD_PW",
               newPassword = "NEW_PW"): Result<Unit>

Forgot Password

Invokes password forgot and sends a confirmation code the the users' delivery medium.

More info about the ForgotPasswordResponse in the official documentation.

forgotPassword(username = "USERNAME"): Result<ForgotPasswordResponse>

Confirm Forgot Password

Confirms forgot password.

confirmForgotPassword(confirmationCode = "CODE_FROM_DELIVERY_MEDIUM", username = "USERNAME", 
                      password = "NEW_PASSWORD_FROM_DELIVERY_MEDIUM"): Result<Unit>

Get user Attribute Verification Code

Gets the user attribute verification code for the specified attribute name

getUserAttributeVerificationCode(accessToken = "TOKEN_FROM_SIGN_IN_REQUEST", attributeName = "EMAIL", clientMetadata = null): Result<GetAttributeVerificationCodeResponse>

Verify User Attribute

Verifies the specified user attribute.

verifyUserAttribute(accessToken = "TOKEN_FROM_SIGN_IN_REQUEST", attributeName = "EMAIL", code = "CODE_FROM_DELIVERY_MEDIUM"): Result<Unit>

Sign Out

Signs out the user globally.

signOut(accessToken = "TOKEN_FROM_SIGN_IN_REQUEST"): Result<SignOutResponse>

Revoke Token

Revokes all access tokens generated by the refresh token.

revokeToken(refreshToken = "TOKEN_FROM_SIGN_IN_REQUEST"): Result<Unit>

Delete User

Deletes the user from the user pool.

deleteUser(accessToken = "TOKEN_FROM_SIGN_IN_REQUEST"): Result<Unit>

Contributing

Auth is a simple kotlin project with one caveat: We're using a live Cogntio Userpool for integration tests and the values are provided using code generation at compile time.

The build needs both region and clientid configured, either using our hashicorp vault cluster (obviously not accessible from the outside), or via env var (github actions approach). region expects the AWS Region Code for the target region, like "us-east-1".

So if you only want to build the project, provide region and clientid env var with garbage values...

... and if you want to execute to tests yourself, you can use your own congito user pool client values.

License

Auth is available under the MIT license. See the LICENSE file for more info.