From 002ef3cbb8ae2696a6e3abea925b6253fde1b644 Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Tue, 12 Aug 2025 08:58:38 -0700 Subject: [PATCH 01/23] changed initiateAuth to getTokensFromRefreshTokenAPI in refresh token function, changed tests to test rotation functionality --- ...t_tokens_from_refresh_token_operation.dart | 1 + .../fetch_auth_session_state_machine.dart | 37 ++-- .../test/plugin/fetch_auth_session_test.dart | 6 +- .../test/plugin/sign_out_test.dart | 2 + ...fetch_auth_session_state_machine_test.dart | 166 +++++++++--------- 5 files changed, 101 insertions(+), 111 deletions(-) diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/operation/get_tokens_from_refresh_token_operation.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/operation/get_tokens_from_refresh_token_operation.dart index c92345a0004..7287577c6c3 100644 --- a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/operation/get_tokens_from_refresh_token_operation.dart +++ b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/operation/get_tokens_from_refresh_token_operation.dart @@ -73,6 +73,7 @@ class GetTokensFromRefreshTokenOperation region: _region, service: _i4.AWSService.cognitoIdentityProvider, credentialsProvider: _credentialsProvider, + isOptional: true, ), const _i1.WithUserAgent('aws-sdk-dart/0.3.2'), const _i3.WithSdkInvocationId(), diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart index 7119420870c..b3d68b36eec 100644 --- a/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart +++ b/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart @@ -7,14 +7,11 @@ import 'package:amplify_auth_cognito_dart/amplify_auth_cognito_dart.dart'; import 'package:amplify_auth_cognito_dart/src/credentials/auth_plugin_credentials_provider.dart'; import 'package:amplify_auth_cognito_dart/src/credentials/cognito_keys.dart'; import 'package:amplify_auth_cognito_dart/src/credentials/device_metadata_repository.dart'; -import 'package:amplify_auth_cognito_dart/src/flows/constants.dart'; -import 'package:amplify_auth_cognito_dart/src/flows/helpers.dart'; import 'package:amplify_auth_cognito_dart/src/model/session/cognito_sign_in_details.dart'; import 'package:amplify_auth_cognito_dart/src/sdk/cognito_identity.dart' hide NotAuthorizedException; import 'package:amplify_auth_cognito_dart/src/sdk/cognito_identity_provider.dart' as cognito_idp; -import 'package:amplify_auth_cognito_dart/src/sdk/src/cognito_identity_provider/model/analytics_metadata_type.dart'; import 'package:amplify_auth_cognito_dart/src/state/cognito_state_machine.dart'; import 'package:amplify_auth_cognito_dart/src/state/state.dart'; import 'package:amplify_core/amplify_core.dart'; @@ -359,7 +356,6 @@ final class FetchAuthSessionStateMachine AuthResult userSubResult; AuthResult credentialsResult; AuthResult identityIdResult; - final hasUserPool = _authConfig?.userPoolId != null; var userPoolTokens = result.userPoolTokens; if (!hasUserPool) { @@ -511,38 +507,25 @@ final class FetchAuthSessionStateMachine final deviceSecrets = await getOrCreate().get( userPoolTokens.username, ); - final refreshRequest = cognito_idp.InitiateAuthRequest.build((b) { - b - ..authFlow = cognito_idp.AuthFlowType.refreshTokenAuth - ..clientId = _authConfig?.userPoolClientId - ..authParameters.addAll({ - CognitoConstants.refreshToken: userPoolTokens.refreshToken, - }) - ..analyticsMetadata = get()?.toBuilder(); - - // ignore: invalid_use_of_internal_member - if (_authConfig?.appClientSecret != null && - _authConfig?.userPoolClientId != null) { - b.authParameters[CognitoConstants.challengeParamSecretHash] = - computeSecretHash( - userPoolTokens.username, - _authConfig!.userPoolClientId!, - // ignore: invalid_use_of_internal_member - _authConfig!.appClientSecret!, - ); - } + // seems we dont support client metadata + final refreshRequest = cognito_idp.GetTokensFromRefreshTokenRequest.build(( + b, + ) { + b + ..refreshToken = userPoolTokens.refreshToken + ..clientId = _authConfig?.userPoolClientId; final deviceKey = deviceSecrets?.deviceKey; if (deviceKey != null) { - b.authParameters[CognitoConstants.challengeParamDeviceKey] = deviceKey; + b.deviceKey = deviceKey; } }); try { final result = await _withZoneOverrides( - () => _cognitoIdpClient.initiateAuth(refreshRequest).result, + () => + _cognitoIdpClient.getTokensFromRefreshToken(refreshRequest).result, ); final authResult = result.authenticationResult; - final accessToken = authResult?.accessToken; final refreshToken = authResult?.refreshToken; final idToken = authResult?.idToken; diff --git a/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart b/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart index c9bccf223de..36d87123d6f 100644 --- a/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart +++ b/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart @@ -48,10 +48,8 @@ void main() { stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw const AuthNotAuthorizedException( - 'Refresh Token has expired.', - ), + getTokensFromRefreshToken: () async => throw const AuthNotAuthorizedException( + 'Refresh Token has expired.', ), ), ); diff --git a/packages/auth/amplify_auth_cognito_test/test/plugin/sign_out_test.dart b/packages/auth/amplify_auth_cognito_test/test/plugin/sign_out_test.dart index 3aa2d5d5158..fbf41f67093 100644 --- a/packages/auth/amplify_auth_cognito_test/test/plugin/sign_out_test.dart +++ b/packages/auth/amplify_auth_cognito_test/test/plugin/sign_out_test.dart @@ -275,6 +275,8 @@ void main() { final mockIdp = MockCognitoIdentityProviderClient( initiateAuth: (p0) async => throw InternalErrorException(message: 'Invalid token'), + getTokensFromRefreshToken: () async => + throw const AuthNotAuthorizedException('Auth not authorized'), ); stateMachine.addInstance(mockIdp); diff --git a/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart b/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart index 890a20c9756..98c5d2df38b 100644 --- a/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart +++ b/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart @@ -380,13 +380,11 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), + getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, ), ), ), @@ -425,10 +423,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw const AuthNotAuthorizedException( - 'Tokens expired', - ), + getTokensFromRefreshToken: () async => throw const AuthNotAuthorizedException( + 'Tokens expired', ), ), ); @@ -469,10 +465,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => - throw AWSHttpException(AWSHttpRequest.get(Uri())), - ), + getTokensFromRefreshToken: () async => + throw AWSHttpException(AWSHttpRequest.get(Uri())), ), ); session = await fetchAuthSession(willRefresh: true); @@ -512,9 +506,7 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -570,13 +562,11 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), + getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, ), ), ), @@ -614,10 +604,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => - throw AWSHttpException(AWSHttpRequest.get(Uri())), - ), + getTokensFromRefreshToken: () async => + throw AWSHttpException(AWSHttpRequest.get(Uri())), ), ); session = await fetchAuthSession(willRefresh: true); @@ -657,9 +645,7 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -710,13 +696,11 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), + getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, ), ), ), @@ -765,18 +749,56 @@ void main() { }); }); - group('expired', () { + group('with new refresh token', () { + const newRefreshToken = 'new-refresh-token-rotated'; setUp(() async { await configureAmplify(config); stateMachine ..addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw const AuthNotAuthorizedException( - 'Tokens expired', + getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: newRefreshToken, + idToken: newIdToken.raw, + ), + ), + ), + ) + ..addInstance( + MockCognitoIdentityClient( + getCredentialsForIdentity: expectAsync0( + () async => GetCredentialsForIdentityResponse( + credentials: Credentials( + accessKeyId: newAccessKeyId, + secretKey: newSecretAccessKey, + ), ), ), ), + ); + session = await fetchAuthSession( + willRefresh: true, + forceRefresh: true, + ); + }); + + test('should return new refresh token', () { + final userPoolTokens = session.userPoolTokensResult.value; + expect(userPoolTokens.refreshToken, newRefreshToken); + }); + }); + + group('expired', () { + setUp(() async { + await configureAmplify(config); + stateMachine + ..addInstance( + MockCognitoIdentityProviderClient( + getTokensFromRefreshToken: () async => throw const AuthNotAuthorizedException( + 'Tokens expired', + ), + ), ) ..addInstance( MockCognitoIdentityClient( @@ -832,10 +854,8 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => - throw AWSHttpException(AWSHttpRequest.get(Uri())), - ), + getTokensFromRefreshToken: () async => + throw AWSHttpException(AWSHttpRequest.get(Uri())), ), ) ..addInstance( @@ -891,9 +911,7 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => throw _ServiceException(), ), ) ..addInstance( @@ -1270,13 +1288,11 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), + getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, ), ), ), @@ -1318,9 +1334,7 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1375,13 +1389,11 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), + getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, ), ), ), @@ -1423,9 +1435,7 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1478,13 +1488,11 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), + getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, ), ), ), @@ -1530,9 +1538,7 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => throw _ServiceException(), ), ); session = await fetchAuthSession( From 282effab7daf466908d5855927ab990ac32c3b72 Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Tue, 12 Aug 2025 13:50:38 -0700 Subject: [PATCH 02/23] formatting --- .../test/plugin/fetch_auth_session_test.dart | 7 +- ...fetch_auth_session_state_machine_test.dart | 133 ++++++++++-------- 2 files changed, 76 insertions(+), 64 deletions(-) diff --git a/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart b/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart index 36d87123d6f..686f1ef4db0 100644 --- a/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart +++ b/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart @@ -48,9 +48,10 @@ void main() { stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw const AuthNotAuthorizedException( - 'Refresh Token has expired.', - ), + getTokensFromRefreshToken: () async => + throw const AuthNotAuthorizedException( + 'Refresh Token has expired.', + ), ), ); }); diff --git a/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart b/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart index 98c5d2df38b..497c241869e 100644 --- a/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart +++ b/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart @@ -380,13 +380,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), - ), + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), + ), ), ); session = await fetchAuthSession(willRefresh: true); @@ -423,9 +424,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw const AuthNotAuthorizedException( - 'Tokens expired', - ), + getTokensFromRefreshToken: () async => + throw const AuthNotAuthorizedException('Tokens expired'), ), ); session = await fetchAuthSession(willRefresh: true); @@ -506,7 +506,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw _ServiceException(), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -562,13 +563,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), - ), + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), + ), ), ); session = await fetchAuthSession(willRefresh: true); @@ -645,7 +647,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw _ServiceException(), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -696,13 +699,14 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), - ), + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), + ), ), ) ..addInstance( @@ -756,13 +760,14 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: newRefreshToken, - idToken: newIdToken.raw, - ), - ), + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: newRefreshToken, + idToken: newIdToken.raw, + ), + ), ), ) ..addInstance( @@ -795,9 +800,8 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw const AuthNotAuthorizedException( - 'Tokens expired', - ), + getTokensFromRefreshToken: () async => + throw const AuthNotAuthorizedException('Tokens expired'), ), ) ..addInstance( @@ -911,7 +915,8 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw _ServiceException(), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ) ..addInstance( @@ -1288,13 +1293,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), - ), + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), + ), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1334,7 +1340,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw _ServiceException(), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1389,13 +1396,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), - ), + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), + ), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1435,7 +1443,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw _ServiceException(), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1488,13 +1497,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), - ), + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), + ), ), ); session = await fetchAuthSession( @@ -1538,7 +1548,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw _ServiceException(), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession( From 18ef6f057724032965bebf9754febd87c91f51d3 Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Fri, 15 Aug 2025 15:02:27 -0700 Subject: [PATCH 03/23] uninstall xcodes before attempting a new installation during iOS simulator gh action --- .github/composite_actions/launch_ios_simulator/dist/main.cjs | 2 +- .../lib/src/screens/authenticator_screen.dart | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/composite_actions/launch_ios_simulator/dist/main.cjs b/.github/composite_actions/launch_ios_simulator/dist/main.cjs index 30a2c84da39..3af8589577e 100644 --- a/.github/composite_actions/launch_ios_simulator/dist/main.cjs +++ b/.github/composite_actions/launch_ios_simulator/dist/main.cjs @@ -14679,7 +14679,7 @@ case 0: // Function start $async$goto = 2; - return A._asyncAwait(A.Exec_exec(type$.JSObject._as(self.exec), "brew", A._setArrayType(["install", "xcodesorg/made/xcodes", "aria2"], type$.JSArray_String), true), $async$call$0); + return A._asyncAwait(A.Exec_exec(type$.JSObject._as(self.exec), "/bin/sh", A._setArrayType(["-c", "brew uninstall --ignore-dependencies aria2 xcodes || true && brew install xcodesorg/made/xcodes aria2"], type$.JSArray_String), true), $async$call$0); case 2: // returning from await. if ($async$result.exitCode !== 0) diff --git a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart index 92b3d2ed839..e0826ef579b 100644 --- a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart +++ b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart @@ -255,7 +255,7 @@ class _AuthenticatorTabViewState final isDark = Theme.of(context).brightness == Brightness.dark; final labelColor = Theme.of(context).tabBarTheme.labelColor; final textColor = Theme.of(context).textTheme.bodySmall?.color; - final fallbackColor = isDark ? Colors.white : Colors.black; + final fallbackColor = isDark ? Colors.white : Colors.white; return labelColor ?? textColor ?? fallbackColor; } From 454e124be53b03442d4c0c8f71afbf9f0aedca2b Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Fri, 15 Aug 2025 15:25:28 -0700 Subject: [PATCH 04/23] undid sample change to trigger ios tests --- .../lib/src/screens/authenticator_screen.dart | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart index e0826ef579b..92b3d2ed839 100644 --- a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart +++ b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart @@ -255,7 +255,7 @@ class _AuthenticatorTabViewState final isDark = Theme.of(context).brightness == Brightness.dark; final labelColor = Theme.of(context).tabBarTheme.labelColor; final textColor = Theme.of(context).textTheme.bodySmall?.color; - final fallbackColor = isDark ? Colors.white : Colors.white; + final fallbackColor = isDark ? Colors.white : Colors.black; return labelColor ?? textColor ?? fallbackColor; } From 2eb2c6c6508252f16a16350281fb7f6d0aaaa232 Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Mon, 18 Aug 2025 13:54:50 -0700 Subject: [PATCH 05/23] changed to brew install xcodes --- .github/composite_actions/launch_ios_simulator/dist/main.cjs | 2 +- .../lib/src/screens/authenticator_screen.dart | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/composite_actions/launch_ios_simulator/dist/main.cjs b/.github/composite_actions/launch_ios_simulator/dist/main.cjs index 3af8589577e..da956c533e3 100644 --- a/.github/composite_actions/launch_ios_simulator/dist/main.cjs +++ b/.github/composite_actions/launch_ios_simulator/dist/main.cjs @@ -14679,7 +14679,7 @@ case 0: // Function start $async$goto = 2; - return A._asyncAwait(A.Exec_exec(type$.JSObject._as(self.exec), "/bin/sh", A._setArrayType(["-c", "brew uninstall --ignore-dependencies aria2 xcodes || true && brew install xcodesorg/made/xcodes aria2"], type$.JSArray_String), true), $async$call$0); + return A._asyncAwait(A.Exec_exec(type$.JSObject._as(self.exec), "/bin/sh", A._setArrayType(["-c", "brew install xcodes"], type$.JSArray_String), true), $async$call$0); case 2: // returning from await. if ($async$result.exitCode !== 0) diff --git a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart index 92b3d2ed839..4bb92c655cf 100644 --- a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart +++ b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart @@ -255,7 +255,7 @@ class _AuthenticatorTabViewState final isDark = Theme.of(context).brightness == Brightness.dark; final labelColor = Theme.of(context).tabBarTheme.labelColor; final textColor = Theme.of(context).textTheme.bodySmall?.color; - final fallbackColor = isDark ? Colors.white : Colors.black; + final fallbackColor = isDark ? Colors.white : Colors.red; return labelColor ?? textColor ?? fallbackColor; } From 514018cc4881652f2789b4ddc670f8a4f416a99a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Aug 2025 16:21:58 +0000 Subject: [PATCH 06/23] chore(deps): bump tmp and @inquirer/editor in /infra-gen2 Removes [tmp](https://github.com/raszi/node-tmp). It's no longer used after updating ancestor dependency [@inquirer/editor](https://github.com/SBoudrias/Inquirer.js). These dependencies need to be updated together. Removes `tmp` Updates `@inquirer/editor` from 4.2.9 to 4.2.17 - [Release notes](https://github.com/SBoudrias/Inquirer.js/releases) - [Commits](https://github.com/SBoudrias/Inquirer.js/compare/@inquirer/editor@4.2.9...@inquirer/editor@4.2.17) --- updated-dependencies: - dependency-name: tmp dependency-version: dependency-type: indirect - dependency-name: "@inquirer/editor" dependency-version: 4.2.17 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- infra-gen2/package-lock.json | 125 +++++++++++++++-------------------- 1 file changed, 53 insertions(+), 72 deletions(-) diff --git a/infra-gen2/package-lock.json b/infra-gen2/package-lock.json index 1e1603b145f..8f578b23095 100644 --- a/infra-gen2/package-lock.json +++ b/infra-gen2/package-lock.json @@ -22886,13 +22886,14 @@ } }, "node_modules/@inquirer/core": { - "version": "10.1.9", - "resolved": "https://registry.npmjs.org/@inquirer/core/-/core-10.1.9.tgz", - "integrity": "sha512-sXhVB8n20NYkUBfDYgizGHlpRVaCRjtuzNZA6xpALIUbkgfd2Hjz+DfEN6+h1BRnuxw0/P4jCIMjMsEOAMwAJw==", + "version": "10.1.15", + "resolved": "https://registry.npmjs.org/@inquirer/core/-/core-10.1.15.tgz", + "integrity": "sha512-8xrp836RZvKkpNbVvgWUlxjT4CraKk2q+I3Ksy+seI2zkcE+y6wNs1BVhgcv8VyImFecUhdQrYLdW32pAjwBdA==", "dev": true, + "license": "MIT", "dependencies": { - "@inquirer/figures": "^1.0.11", - "@inquirer/type": "^3.0.5", + "@inquirer/figures": "^1.0.13", + "@inquirer/type": "^3.0.8", "ansi-escapes": "^4.3.2", "cli-width": "^4.1.0", "mute-stream": "^2.0.0", @@ -22927,14 +22928,15 @@ } }, "node_modules/@inquirer/editor": { - "version": "4.2.9", - "resolved": "https://registry.npmjs.org/@inquirer/editor/-/editor-4.2.9.tgz", - "integrity": "sha512-8HjOppAxO7O4wV1ETUlJFg6NDjp/W2NP5FB9ZPAcinAlNT4ZIWOLe2pUVwmmPRSV0NMdI5r/+lflN55AwZOKSw==", + "version": "4.2.17", + "resolved": "https://registry.npmjs.org/@inquirer/editor/-/editor-4.2.17.tgz", + "integrity": "sha512-r6bQLsyPSzbWrZZ9ufoWL+CztkSatnJ6uSxqd6N+o41EZC51sQeWOzI6s5jLb+xxTWxl7PlUppqm8/sow241gg==", "dev": true, + "license": "MIT", "dependencies": { - "@inquirer/core": "^10.1.9", - "@inquirer/type": "^3.0.5", - "external-editor": "^3.1.0" + "@inquirer/core": "^10.1.15", + "@inquirer/external-editor": "^1.0.1", + "@inquirer/type": "^3.0.8" }, "engines": { "node": ">=18" @@ -22970,11 +22972,34 @@ } } }, + "node_modules/@inquirer/external-editor": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/@inquirer/external-editor/-/external-editor-1.0.1.tgz", + "integrity": "sha512-Oau4yL24d2B5IL4ma4UpbQigkVhzPDXLoqy1ggK4gnHg/stmkffJE4oOXHXF3uz0UEpywG68KcyXsyYpA1Re/Q==", + "dev": true, + "license": "MIT", + "dependencies": { + "chardet": "^2.1.0", + "iconv-lite": "^0.6.3" + }, + "engines": { + "node": ">=18" + }, + "peerDependencies": { + "@types/node": ">=18" + }, + "peerDependenciesMeta": { + "@types/node": { + "optional": true + } + } + }, "node_modules/@inquirer/figures": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/@inquirer/figures/-/figures-1.0.11.tgz", - "integrity": "sha512-eOg92lvrn/aRUqbxRyvpEWnrvRuTYRifixHkYVpJiygTgVSBIHDqLh0SrMQXkafvULg3ck11V7xvR+zcgvpHFw==", + "version": "1.0.13", + "resolved": "https://registry.npmjs.org/@inquirer/figures/-/figures-1.0.13.tgz", + "integrity": "sha512-lGPVU3yO9ZNqA7vTYz26jny41lE7yoQansmqdMLBEfqaGsmdg7V3W9mK9Pvb5IL4EVZ9GnSDGMO/cJXud5dMaw==", "dev": true, + "license": "MIT", "engines": { "node": ">=18" } @@ -23142,10 +23167,11 @@ } }, "node_modules/@inquirer/type": { - "version": "3.0.5", - "resolved": "https://registry.npmjs.org/@inquirer/type/-/type-3.0.5.tgz", - "integrity": "sha512-ZJpeIYYueOz/i/ONzrfof8g89kNdO2hjGuvULROo3O8rlB2CRtSseE5KeirnyE4t/thAn/EwvS/vuQeJCn+NZg==", + "version": "3.0.8", + "resolved": "https://registry.npmjs.org/@inquirer/type/-/type-3.0.8.tgz", + "integrity": "sha512-lg9Whz8onIHRthWaN1Q9EGLa/0LFJjyM8mEUbL1eTi6yMGvBf8gvyDLtxSXztQsxMvhxxNpJYrwa1YHdq+w4Jw==", "dev": true, + "license": "MIT", "engines": { "node": ">=18" }, @@ -26328,10 +26354,11 @@ } }, "node_modules/chardet": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/chardet/-/chardet-0.7.0.tgz", - "integrity": "sha512-mT8iDcrh03qDGRRmoA2hmBJnxpllMR+0/0qlzjqZES6NdiWDcZkCNAk4rPFZ9Q85r27unkiNNg8ZOiwZXBHwcA==", - "dev": true + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/chardet/-/chardet-2.1.0.tgz", + "integrity": "sha512-bNFETTG/pM5ryzQ9Ad0lJOTa6HWD/YsScAR3EnCPZRPlQh77JocYktSHOUHelyhm8IARL+o4c4F1bP5KVOjiRA==", + "dev": true, + "license": "MIT" }, "node_modules/charenc": { "version": "0.0.2", @@ -27547,20 +27574,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/external-editor": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/external-editor/-/external-editor-3.1.0.tgz", - "integrity": "sha512-hMQ4CX1p1izmuLYyZqLMO/qGNw10wSv9QDCPfzXfyFrOaCSSoRfqE1Kf1s5an66J5JZC62NewG+mK49jOCtQew==", - "dev": true, - "dependencies": { - "chardet": "^0.7.0", - "iconv-lite": "^0.4.24", - "tmp": "^0.0.33" - }, - "engines": { - "node": ">=4" - } - }, "node_modules/fast-deep-equal": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", @@ -28346,12 +28359,13 @@ } }, "node_modules/iconv-lite": { - "version": "0.4.24", - "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", - "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==", + "version": "0.6.3", + "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.6.3.tgz", + "integrity": "sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==", "dev": true, + "license": "MIT", "dependencies": { - "safer-buffer": ">= 2.1.2 < 3" + "safer-buffer": ">= 2.1.2 < 3.0.0" }, "engines": { "node": ">=0.10.0" @@ -29674,18 +29688,6 @@ "node": ">= 8.0" } }, - "node_modules/mysql2/node_modules/iconv-lite": { - "version": "0.6.3", - "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.6.3.tgz", - "integrity": "sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==", - "dev": true, - "dependencies": { - "safer-buffer": ">= 2.1.2 < 3.0.0" - }, - "engines": { - "node": ">=0.10.0" - } - }, "node_modules/mysql2/node_modules/lru-cache": { "version": "8.0.5", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-8.0.5.tgz", @@ -30045,15 +30047,6 @@ "url": "https://github.com/chalk/strip-ansi?sponsor=1" } }, - "node_modules/os-tmpdir": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/os-tmpdir/-/os-tmpdir-1.0.2.tgz", - "integrity": "sha512-D2FR03Vir7FIu45XBY20mTb+/ZSWB00sjU9jdQXt83gDrI4Ztz5Fs7/yy74g2N5SVQY4xY1qDr4rNddwYRVX0g==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, "node_modules/own-keys": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/own-keys/-/own-keys-1.0.1.tgz", @@ -31817,18 +31810,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/tmp": { - "version": "0.0.33", - "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.0.33.tgz", - "integrity": "sha512-jRCJlojKnZ3addtTOjdIqoRuPEKBvNXcGYqzO6zWZX8KfKEpnGY5jfggJQ3EjKuu8D4bJRr0y+cYJFmYbImXGw==", - "dev": true, - "dependencies": { - "os-tmpdir": "~1.0.2" - }, - "engines": { - "node": ">=0.6.0" - } - }, "node_modules/to-fast-properties": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", From 1f73e87b8141aa327ce42f62306068ad4a2453c1 Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Mon, 18 Aug 2025 15:28:12 -0700 Subject: [PATCH 07/23] changed test commit --- .../lib/src/screens/authenticator_screen.dart | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart index 4bb92c655cf..92b3d2ed839 100644 --- a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart +++ b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart @@ -255,7 +255,7 @@ class _AuthenticatorTabViewState final isDark = Theme.of(context).brightness == Brightness.dark; final labelColor = Theme.of(context).tabBarTheme.labelColor; final textColor = Theme.of(context).textTheme.bodySmall?.color; - final fallbackColor = isDark ? Colors.white : Colors.red; + final fallbackColor = isDark ? Colors.white : Colors.black; return labelColor ?? textColor ?? fallbackColor; } From eeb614a328a568b59308139d29924d692db5ebbf Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Mon, 18 Aug 2025 15:37:35 -0700 Subject: [PATCH 08/23] updated to use activeThumbColor instead of activeColor in a datastore widget --- packages/amplify_datastore/example/lib/widgets/public_view.dart | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/amplify_datastore/example/lib/widgets/public_view.dart b/packages/amplify_datastore/example/lib/widgets/public_view.dart index f85c0e390c7..393ba7bd200 100644 --- a/packages/amplify_datastore/example/lib/widgets/public_view.dart +++ b/packages/amplify_datastore/example/lib/widgets/public_view.dart @@ -308,7 +308,7 @@ class _PublicViewState extends State } }, activeTrackColor: Colors.lightGreenAccent, - activeColor: Colors.green, + activeThumbColor: Colors.green, ), Padding(padding: EdgeInsets.all(5.0)), From ff191860c5548bc813c77edd6172ba5c9e26825e Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Tue, 12 Aug 2025 08:58:38 -0700 Subject: [PATCH 09/23] changed initiateAuth to getTokensFromRefreshTokenAPI in refresh token function, changed tests to test rotation functionality --- ...t_tokens_from_refresh_token_operation.dart | 1 + .../fetch_auth_session_state_machine.dart | 37 ++-- .../test/plugin/fetch_auth_session_test.dart | 6 +- .../test/plugin/sign_out_test.dart | 2 + ...fetch_auth_session_state_machine_test.dart | 166 +++++++++--------- 5 files changed, 101 insertions(+), 111 deletions(-) diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/operation/get_tokens_from_refresh_token_operation.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/operation/get_tokens_from_refresh_token_operation.dart index c92345a0004..7287577c6c3 100644 --- a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/operation/get_tokens_from_refresh_token_operation.dart +++ b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/operation/get_tokens_from_refresh_token_operation.dart @@ -73,6 +73,7 @@ class GetTokensFromRefreshTokenOperation region: _region, service: _i4.AWSService.cognitoIdentityProvider, credentialsProvider: _credentialsProvider, + isOptional: true, ), const _i1.WithUserAgent('aws-sdk-dart/0.3.2'), const _i3.WithSdkInvocationId(), diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart index 7119420870c..b3d68b36eec 100644 --- a/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart +++ b/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart @@ -7,14 +7,11 @@ import 'package:amplify_auth_cognito_dart/amplify_auth_cognito_dart.dart'; import 'package:amplify_auth_cognito_dart/src/credentials/auth_plugin_credentials_provider.dart'; import 'package:amplify_auth_cognito_dart/src/credentials/cognito_keys.dart'; import 'package:amplify_auth_cognito_dart/src/credentials/device_metadata_repository.dart'; -import 'package:amplify_auth_cognito_dart/src/flows/constants.dart'; -import 'package:amplify_auth_cognito_dart/src/flows/helpers.dart'; import 'package:amplify_auth_cognito_dart/src/model/session/cognito_sign_in_details.dart'; import 'package:amplify_auth_cognito_dart/src/sdk/cognito_identity.dart' hide NotAuthorizedException; import 'package:amplify_auth_cognito_dart/src/sdk/cognito_identity_provider.dart' as cognito_idp; -import 'package:amplify_auth_cognito_dart/src/sdk/src/cognito_identity_provider/model/analytics_metadata_type.dart'; import 'package:amplify_auth_cognito_dart/src/state/cognito_state_machine.dart'; import 'package:amplify_auth_cognito_dart/src/state/state.dart'; import 'package:amplify_core/amplify_core.dart'; @@ -359,7 +356,6 @@ final class FetchAuthSessionStateMachine AuthResult userSubResult; AuthResult credentialsResult; AuthResult identityIdResult; - final hasUserPool = _authConfig?.userPoolId != null; var userPoolTokens = result.userPoolTokens; if (!hasUserPool) { @@ -511,38 +507,25 @@ final class FetchAuthSessionStateMachine final deviceSecrets = await getOrCreate().get( userPoolTokens.username, ); - final refreshRequest = cognito_idp.InitiateAuthRequest.build((b) { - b - ..authFlow = cognito_idp.AuthFlowType.refreshTokenAuth - ..clientId = _authConfig?.userPoolClientId - ..authParameters.addAll({ - CognitoConstants.refreshToken: userPoolTokens.refreshToken, - }) - ..analyticsMetadata = get()?.toBuilder(); - - // ignore: invalid_use_of_internal_member - if (_authConfig?.appClientSecret != null && - _authConfig?.userPoolClientId != null) { - b.authParameters[CognitoConstants.challengeParamSecretHash] = - computeSecretHash( - userPoolTokens.username, - _authConfig!.userPoolClientId!, - // ignore: invalid_use_of_internal_member - _authConfig!.appClientSecret!, - ); - } + // seems we dont support client metadata + final refreshRequest = cognito_idp.GetTokensFromRefreshTokenRequest.build(( + b, + ) { + b + ..refreshToken = userPoolTokens.refreshToken + ..clientId = _authConfig?.userPoolClientId; final deviceKey = deviceSecrets?.deviceKey; if (deviceKey != null) { - b.authParameters[CognitoConstants.challengeParamDeviceKey] = deviceKey; + b.deviceKey = deviceKey; } }); try { final result = await _withZoneOverrides( - () => _cognitoIdpClient.initiateAuth(refreshRequest).result, + () => + _cognitoIdpClient.getTokensFromRefreshToken(refreshRequest).result, ); final authResult = result.authenticationResult; - final accessToken = authResult?.accessToken; final refreshToken = authResult?.refreshToken; final idToken = authResult?.idToken; diff --git a/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart b/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart index c9bccf223de..36d87123d6f 100644 --- a/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart +++ b/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart @@ -48,10 +48,8 @@ void main() { stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw const AuthNotAuthorizedException( - 'Refresh Token has expired.', - ), + getTokensFromRefreshToken: () async => throw const AuthNotAuthorizedException( + 'Refresh Token has expired.', ), ), ); diff --git a/packages/auth/amplify_auth_cognito_test/test/plugin/sign_out_test.dart b/packages/auth/amplify_auth_cognito_test/test/plugin/sign_out_test.dart index 3aa2d5d5158..fbf41f67093 100644 --- a/packages/auth/amplify_auth_cognito_test/test/plugin/sign_out_test.dart +++ b/packages/auth/amplify_auth_cognito_test/test/plugin/sign_out_test.dart @@ -275,6 +275,8 @@ void main() { final mockIdp = MockCognitoIdentityProviderClient( initiateAuth: (p0) async => throw InternalErrorException(message: 'Invalid token'), + getTokensFromRefreshToken: () async => + throw const AuthNotAuthorizedException('Auth not authorized'), ); stateMachine.addInstance(mockIdp); diff --git a/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart b/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart index 890a20c9756..98c5d2df38b 100644 --- a/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart +++ b/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart @@ -380,13 +380,11 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), + getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, ), ), ), @@ -425,10 +423,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw const AuthNotAuthorizedException( - 'Tokens expired', - ), + getTokensFromRefreshToken: () async => throw const AuthNotAuthorizedException( + 'Tokens expired', ), ), ); @@ -469,10 +465,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => - throw AWSHttpException(AWSHttpRequest.get(Uri())), - ), + getTokensFromRefreshToken: () async => + throw AWSHttpException(AWSHttpRequest.get(Uri())), ), ); session = await fetchAuthSession(willRefresh: true); @@ -512,9 +506,7 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -570,13 +562,11 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), + getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, ), ), ), @@ -614,10 +604,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => - throw AWSHttpException(AWSHttpRequest.get(Uri())), - ), + getTokensFromRefreshToken: () async => + throw AWSHttpException(AWSHttpRequest.get(Uri())), ), ); session = await fetchAuthSession(willRefresh: true); @@ -657,9 +645,7 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -710,13 +696,11 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), + getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, ), ), ), @@ -765,18 +749,56 @@ void main() { }); }); - group('expired', () { + group('with new refresh token', () { + const newRefreshToken = 'new-refresh-token-rotated'; setUp(() async { await configureAmplify(config); stateMachine ..addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw const AuthNotAuthorizedException( - 'Tokens expired', + getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: newRefreshToken, + idToken: newIdToken.raw, + ), + ), + ), + ) + ..addInstance( + MockCognitoIdentityClient( + getCredentialsForIdentity: expectAsync0( + () async => GetCredentialsForIdentityResponse( + credentials: Credentials( + accessKeyId: newAccessKeyId, + secretKey: newSecretAccessKey, + ), ), ), ), + ); + session = await fetchAuthSession( + willRefresh: true, + forceRefresh: true, + ); + }); + + test('should return new refresh token', () { + final userPoolTokens = session.userPoolTokensResult.value; + expect(userPoolTokens.refreshToken, newRefreshToken); + }); + }); + + group('expired', () { + setUp(() async { + await configureAmplify(config); + stateMachine + ..addInstance( + MockCognitoIdentityProviderClient( + getTokensFromRefreshToken: () async => throw const AuthNotAuthorizedException( + 'Tokens expired', + ), + ), ) ..addInstance( MockCognitoIdentityClient( @@ -832,10 +854,8 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => - throw AWSHttpException(AWSHttpRequest.get(Uri())), - ), + getTokensFromRefreshToken: () async => + throw AWSHttpException(AWSHttpRequest.get(Uri())), ), ) ..addInstance( @@ -891,9 +911,7 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => throw _ServiceException(), ), ) ..addInstance( @@ -1270,13 +1288,11 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), + getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, ), ), ), @@ -1318,9 +1334,7 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1375,13 +1389,11 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), + getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, ), ), ), @@ -1423,9 +1435,7 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1478,13 +1488,11 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => InitiateAuthResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), + getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, ), ), ), @@ -1530,9 +1538,7 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - initiateAuth: expectAsync1( - (_) async => throw _ServiceException(), - ), + getTokensFromRefreshToken: () async => throw _ServiceException(), ), ); session = await fetchAuthSession( From f2fbf905616416cd2daa8507e9dbbdca0be188c5 Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Tue, 12 Aug 2025 13:50:38 -0700 Subject: [PATCH 10/23] formatting --- .../test/plugin/fetch_auth_session_test.dart | 7 +- ...fetch_auth_session_state_machine_test.dart | 133 ++++++++++-------- 2 files changed, 76 insertions(+), 64 deletions(-) diff --git a/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart b/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart index 36d87123d6f..686f1ef4db0 100644 --- a/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart +++ b/packages/auth/amplify_auth_cognito_test/test/plugin/fetch_auth_session_test.dart @@ -48,9 +48,10 @@ void main() { stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw const AuthNotAuthorizedException( - 'Refresh Token has expired.', - ), + getTokensFromRefreshToken: () async => + throw const AuthNotAuthorizedException( + 'Refresh Token has expired.', + ), ), ); }); diff --git a/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart b/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart index 98c5d2df38b..497c241869e 100644 --- a/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart +++ b/packages/auth/amplify_auth_cognito_test/test/state/fetch_auth_session_state_machine_test.dart @@ -380,13 +380,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), - ), + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), + ), ), ); session = await fetchAuthSession(willRefresh: true); @@ -423,9 +424,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw const AuthNotAuthorizedException( - 'Tokens expired', - ), + getTokensFromRefreshToken: () async => + throw const AuthNotAuthorizedException('Tokens expired'), ), ); session = await fetchAuthSession(willRefresh: true); @@ -506,7 +506,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw _ServiceException(), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -562,13 +563,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), - ), + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), + ), ), ); session = await fetchAuthSession(willRefresh: true); @@ -645,7 +647,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw _ServiceException(), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -696,13 +699,14 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), - ), + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), + ), ), ) ..addInstance( @@ -756,13 +760,14 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: newRefreshToken, - idToken: newIdToken.raw, - ), - ), + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: newRefreshToken, + idToken: newIdToken.raw, + ), + ), ), ) ..addInstance( @@ -795,9 +800,8 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw const AuthNotAuthorizedException( - 'Tokens expired', - ), + getTokensFromRefreshToken: () async => + throw const AuthNotAuthorizedException('Tokens expired'), ), ) ..addInstance( @@ -911,7 +915,8 @@ void main() { stateMachine ..addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw _ServiceException(), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ) ..addInstance( @@ -1288,13 +1293,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), - ), + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), + ), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1334,7 +1340,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw _ServiceException(), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1389,13 +1396,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), - ), + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), + ), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1435,7 +1443,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw _ServiceException(), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession(willRefresh: true); @@ -1488,13 +1497,14 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => GetTokensFromRefreshTokenResponse( - authenticationResult: AuthenticationResultType( - accessToken: newAccessToken.raw, - refreshToken: refreshToken, - idToken: newIdToken.raw, - ), - ), + getTokensFromRefreshToken: () async => + GetTokensFromRefreshTokenResponse( + authenticationResult: AuthenticationResultType( + accessToken: newAccessToken.raw, + refreshToken: refreshToken, + idToken: newIdToken.raw, + ), + ), ), ); session = await fetchAuthSession( @@ -1538,7 +1548,8 @@ void main() { await configureAmplify(config); stateMachine.addInstance( MockCognitoIdentityProviderClient( - getTokensFromRefreshToken: () async => throw _ServiceException(), + getTokensFromRefreshToken: () async => + throw _ServiceException(), ), ); session = await fetchAuthSession( From 3d504713eab6a6cde427047db4f9dd3069905777 Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Fri, 15 Aug 2025 15:02:27 -0700 Subject: [PATCH 11/23] uninstall xcodes before attempting a new installation during iOS simulator gh action --- .github/composite_actions/launch_ios_simulator/dist/main.cjs | 2 +- .../lib/src/screens/authenticator_screen.dart | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/composite_actions/launch_ios_simulator/dist/main.cjs b/.github/composite_actions/launch_ios_simulator/dist/main.cjs index 30a2c84da39..3af8589577e 100644 --- a/.github/composite_actions/launch_ios_simulator/dist/main.cjs +++ b/.github/composite_actions/launch_ios_simulator/dist/main.cjs @@ -14679,7 +14679,7 @@ case 0: // Function start $async$goto = 2; - return A._asyncAwait(A.Exec_exec(type$.JSObject._as(self.exec), "brew", A._setArrayType(["install", "xcodesorg/made/xcodes", "aria2"], type$.JSArray_String), true), $async$call$0); + return A._asyncAwait(A.Exec_exec(type$.JSObject._as(self.exec), "/bin/sh", A._setArrayType(["-c", "brew uninstall --ignore-dependencies aria2 xcodes || true && brew install xcodesorg/made/xcodes aria2"], type$.JSArray_String), true), $async$call$0); case 2: // returning from await. if ($async$result.exitCode !== 0) diff --git a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart index 92b3d2ed839..e0826ef579b 100644 --- a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart +++ b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart @@ -255,7 +255,7 @@ class _AuthenticatorTabViewState final isDark = Theme.of(context).brightness == Brightness.dark; final labelColor = Theme.of(context).tabBarTheme.labelColor; final textColor = Theme.of(context).textTheme.bodySmall?.color; - final fallbackColor = isDark ? Colors.white : Colors.black; + final fallbackColor = isDark ? Colors.white : Colors.white; return labelColor ?? textColor ?? fallbackColor; } From e11bdcd165d5786e7219a92840219be47581640b Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Fri, 15 Aug 2025 15:25:28 -0700 Subject: [PATCH 12/23] undid sample change to trigger ios tests --- .../lib/src/screens/authenticator_screen.dart | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart index e0826ef579b..92b3d2ed839 100644 --- a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart +++ b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart @@ -255,7 +255,7 @@ class _AuthenticatorTabViewState final isDark = Theme.of(context).brightness == Brightness.dark; final labelColor = Theme.of(context).tabBarTheme.labelColor; final textColor = Theme.of(context).textTheme.bodySmall?.color; - final fallbackColor = isDark ? Colors.white : Colors.white; + final fallbackColor = isDark ? Colors.white : Colors.black; return labelColor ?? textColor ?? fallbackColor; } From 9080f66b38bd22ab33c70ce1b16b218b17093f3c Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Mon, 18 Aug 2025 13:54:50 -0700 Subject: [PATCH 13/23] changed to brew install xcodes --- .github/composite_actions/launch_ios_simulator/dist/main.cjs | 2 +- .../lib/src/screens/authenticator_screen.dart | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/composite_actions/launch_ios_simulator/dist/main.cjs b/.github/composite_actions/launch_ios_simulator/dist/main.cjs index 3af8589577e..da956c533e3 100644 --- a/.github/composite_actions/launch_ios_simulator/dist/main.cjs +++ b/.github/composite_actions/launch_ios_simulator/dist/main.cjs @@ -14679,7 +14679,7 @@ case 0: // Function start $async$goto = 2; - return A._asyncAwait(A.Exec_exec(type$.JSObject._as(self.exec), "/bin/sh", A._setArrayType(["-c", "brew uninstall --ignore-dependencies aria2 xcodes || true && brew install xcodesorg/made/xcodes aria2"], type$.JSArray_String), true), $async$call$0); + return A._asyncAwait(A.Exec_exec(type$.JSObject._as(self.exec), "/bin/sh", A._setArrayType(["-c", "brew install xcodes"], type$.JSArray_String), true), $async$call$0); case 2: // returning from await. if ($async$result.exitCode !== 0) diff --git a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart index 92b3d2ed839..4bb92c655cf 100644 --- a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart +++ b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart @@ -255,7 +255,7 @@ class _AuthenticatorTabViewState final isDark = Theme.of(context).brightness == Brightness.dark; final labelColor = Theme.of(context).tabBarTheme.labelColor; final textColor = Theme.of(context).textTheme.bodySmall?.color; - final fallbackColor = isDark ? Colors.white : Colors.black; + final fallbackColor = isDark ? Colors.white : Colors.red; return labelColor ?? textColor ?? fallbackColor; } From ebe1a4c9a770bc07e9770cc5bb8bf0731ec6c8fc Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Mon, 18 Aug 2025 15:28:12 -0700 Subject: [PATCH 14/23] changed test commit --- .../lib/src/screens/authenticator_screen.dart | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart index 4bb92c655cf..92b3d2ed839 100644 --- a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart +++ b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart @@ -255,7 +255,7 @@ class _AuthenticatorTabViewState final isDark = Theme.of(context).brightness == Brightness.dark; final labelColor = Theme.of(context).tabBarTheme.labelColor; final textColor = Theme.of(context).textTheme.bodySmall?.color; - final fallbackColor = isDark ? Colors.white : Colors.red; + final fallbackColor = isDark ? Colors.white : Colors.black; return labelColor ?? textColor ?? fallbackColor; } From b2d44ddd0f45162ea6edeb3266ec8374b5485d5c Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Mon, 18 Aug 2025 15:37:35 -0700 Subject: [PATCH 15/23] updated to use activeThumbColor instead of activeColor in a datastore widget --- packages/amplify_datastore/example/lib/widgets/public_view.dart | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/amplify_datastore/example/lib/widgets/public_view.dart b/packages/amplify_datastore/example/lib/widgets/public_view.dart index f85c0e390c7..393ba7bd200 100644 --- a/packages/amplify_datastore/example/lib/widgets/public_view.dart +++ b/packages/amplify_datastore/example/lib/widgets/public_view.dart @@ -308,7 +308,7 @@ class _PublicViewState extends State } }, activeTrackColor: Colors.lightGreenAccent, - activeColor: Colors.green, + activeThumbColor: Colors.green, ), Padding(padding: EdgeInsets.all(5.0)), From 7f2bda86c9673d4f2c817b1a51ca26e80d15f896 Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Tue, 2 Sep 2025 14:39:16 -0700 Subject: [PATCH 16/23] updated new refresh api to include app secret if available --- .../model/get_tokens_from_refresh_token_request.dart | 7 +++---- .../machines/fetch_auth_session_state_machine.dart | 11 ++++++++--- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart index 26ef8c1c68b..8755c93bacf 100644 --- a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart +++ b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart @@ -32,9 +32,8 @@ abstract class GetTokensFromRefreshTokenRequest clientId: clientId, clientSecret: clientSecret, deviceKey: deviceKey, - clientMetadata: clientMetadata == null - ? null - : _i3.BuiltMap(clientMetadata), + clientMetadata: + clientMetadata == null ? null : _i3.BuiltMap(clientMetadata), ); } @@ -53,7 +52,7 @@ abstract class GetTokensFromRefreshTokenRequest static const List<_i1.SmithySerializer> serializers = [GetTokensFromRefreshTokenRequestAwsJson11Serializer()]; - /// A valid refresh token that can authorize the request for new tokens. When refresh token rotation is active in the requested app client, this token is invalidated after the request is complete. + /// A valid refresh token that can authorize the request for new tokens. When refresh token rotation is active in the requested app client, this token is invalidated after the request is complete and after an optional grace period. String get refreshToken; /// The app client that issued the refresh token to the user who wants to request new tokens. diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart index b3d68b36eec..771c014921a 100644 --- a/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart +++ b/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart @@ -507,18 +507,23 @@ final class FetchAuthSessionStateMachine final deviceSecrets = await getOrCreate().get( userPoolTokens.username, ); - - // seems we dont support client metadata + + final deviceKey = deviceSecrets?.deviceKey; + // ignore: invalid_use_of_internal_member + final appClientSecret = _authConfig?.appClientSecret; + final refreshRequest = cognito_idp.GetTokensFromRefreshTokenRequest.build(( b, ) { b ..refreshToken = userPoolTokens.refreshToken ..clientId = _authConfig?.userPoolClientId; - final deviceKey = deviceSecrets?.deviceKey; if (deviceKey != null) { b.deviceKey = deviceKey; } + if (appClientSecret != null) { + b.clientSecret = appClientSecret; + } }); try { final result = await _withZoneOverrides( From b061463090bb020d7dd46307305bbc57f746b69d Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Wed, 3 Sep 2025 08:46:53 -0700 Subject: [PATCH 17/23] updated formatting --- .../model/get_tokens_from_refresh_token_request.dart | 5 +++-- .../src/state/machines/fetch_auth_session_state_machine.dart | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart index 8755c93bacf..05d62781c21 100644 --- a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart +++ b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart @@ -32,8 +32,9 @@ abstract class GetTokensFromRefreshTokenRequest clientId: clientId, clientSecret: clientSecret, deviceKey: deviceKey, - clientMetadata: - clientMetadata == null ? null : _i3.BuiltMap(clientMetadata), + clientMetadata: clientMetadata == null + ? null + : _i3.BuiltMap(clientMetadata), ); } diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart index 771c014921a..500513415b7 100644 --- a/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart +++ b/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart @@ -507,11 +507,11 @@ final class FetchAuthSessionStateMachine final deviceSecrets = await getOrCreate().get( userPoolTokens.username, ); - + final deviceKey = deviceSecrets?.deviceKey; // ignore: invalid_use_of_internal_member final appClientSecret = _authConfig?.appClientSecret; - + final refreshRequest = cognito_idp.GetTokensFromRefreshTokenRequest.build(( b, ) { From e6544466bbdf54141ecb4460c06ca8775f4bcccf Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Fri, 15 Aug 2025 15:02:27 -0700 Subject: [PATCH 18/23] uninstall xcodes before attempting a new installation during iOS simulator gh action --- .github/composite_actions/launch_ios_simulator/dist/main.cjs | 5 ----- .../lib/src/screens/authenticator_screen.dart | 2 +- 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/composite_actions/launch_ios_simulator/dist/main.cjs b/.github/composite_actions/launch_ios_simulator/dist/main.cjs index da956c533e3..b24535382a4 100644 --- a/.github/composite_actions/launch_ios_simulator/dist/main.cjs +++ b/.github/composite_actions/launch_ios_simulator/dist/main.cjs @@ -4517,7 +4517,6 @@ error = type$.Object._as(error); error.stack = stackTrace.toString$0(0); throw error; - throw A.wrapException("unreachable"); }, List_List$filled($length, fill, growable, $E) { var i, @@ -6480,7 +6479,6 @@ // goto return $async$goto = 1; break; - $async$handler = 2; // goto after finally $async$goto = 6; break; @@ -6490,8 +6488,6 @@ $async$exception = $async$currentError; t1 = A.Exception_Exception('"' + commandLine + " " + B.JSArray_methods.join$1(args, " ") + '" failed:\n' + A.S(stdout) + "\n" + A.S(stderr)); throw A.wrapException(t1); - // goto after finally - $async$goto = 6; break; case 3: // uncaught @@ -7410,7 +7406,6 @@ // goto finally $async$goto = 4; break; - $async$next.push(5); // goto finally $async$goto = 4; break; diff --git a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart index 92b3d2ed839..e0826ef579b 100644 --- a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart +++ b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart @@ -255,7 +255,7 @@ class _AuthenticatorTabViewState final isDark = Theme.of(context).brightness == Brightness.dark; final labelColor = Theme.of(context).tabBarTheme.labelColor; final textColor = Theme.of(context).textTheme.bodySmall?.color; - final fallbackColor = isDark ? Colors.white : Colors.black; + final fallbackColor = isDark ? Colors.white : Colors.white; return labelColor ?? textColor ?? fallbackColor; } From d75f731080a01e2c77892c3eafafaf8f46e11dc5 Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Fri, 15 Aug 2025 15:25:28 -0700 Subject: [PATCH 19/23] undid sample change to trigger ios tests --- .../lib/src/screens/authenticator_screen.dart | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart index e0826ef579b..92b3d2ed839 100644 --- a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart +++ b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart @@ -255,7 +255,7 @@ class _AuthenticatorTabViewState final isDark = Theme.of(context).brightness == Brightness.dark; final labelColor = Theme.of(context).tabBarTheme.labelColor; final textColor = Theme.of(context).textTheme.bodySmall?.color; - final fallbackColor = isDark ? Colors.white : Colors.white; + final fallbackColor = isDark ? Colors.white : Colors.black; return labelColor ?? textColor ?? fallbackColor; } From 41bc571b9ff5a93ee79ce635acfe14e57a506f63 Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Mon, 18 Aug 2025 13:54:50 -0700 Subject: [PATCH 20/23] changed to brew install xcodes --- .../lib/src/screens/authenticator_screen.dart | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart index 92b3d2ed839..4bb92c655cf 100644 --- a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart +++ b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart @@ -255,7 +255,7 @@ class _AuthenticatorTabViewState final isDark = Theme.of(context).brightness == Brightness.dark; final labelColor = Theme.of(context).tabBarTheme.labelColor; final textColor = Theme.of(context).textTheme.bodySmall?.color; - final fallbackColor = isDark ? Colors.white : Colors.black; + final fallbackColor = isDark ? Colors.white : Colors.red; return labelColor ?? textColor ?? fallbackColor; } From 663adaeb5975e59b279526f9d37a6e2aa7767d59 Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Mon, 18 Aug 2025 15:28:12 -0700 Subject: [PATCH 21/23] changed test commit --- .../lib/src/screens/authenticator_screen.dart | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart index 4bb92c655cf..92b3d2ed839 100644 --- a/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart +++ b/packages/authenticator/amplify_authenticator/lib/src/screens/authenticator_screen.dart @@ -255,7 +255,7 @@ class _AuthenticatorTabViewState final isDark = Theme.of(context).brightness == Brightness.dark; final labelColor = Theme.of(context).tabBarTheme.labelColor; final textColor = Theme.of(context).textTheme.bodySmall?.color; - final fallbackColor = isDark ? Colors.white : Colors.red; + final fallbackColor = isDark ? Colors.white : Colors.black; return labelColor ?? textColor ?? fallbackColor; } From 6f57d8d02433a6fbbc258fdd218cace7f0614200 Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Tue, 2 Sep 2025 14:39:16 -0700 Subject: [PATCH 22/23] updated new refresh api to include app secret if available --- .../model/get_tokens_from_refresh_token_request.dart | 7 +++---- .../machines/fetch_auth_session_state_machine.dart | 11 ++++++++--- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart index 26ef8c1c68b..8755c93bacf 100644 --- a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart +++ b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart @@ -32,9 +32,8 @@ abstract class GetTokensFromRefreshTokenRequest clientId: clientId, clientSecret: clientSecret, deviceKey: deviceKey, - clientMetadata: clientMetadata == null - ? null - : _i3.BuiltMap(clientMetadata), + clientMetadata: + clientMetadata == null ? null : _i3.BuiltMap(clientMetadata), ); } @@ -53,7 +52,7 @@ abstract class GetTokensFromRefreshTokenRequest static const List<_i1.SmithySerializer> serializers = [GetTokensFromRefreshTokenRequestAwsJson11Serializer()]; - /// A valid refresh token that can authorize the request for new tokens. When refresh token rotation is active in the requested app client, this token is invalidated after the request is complete. + /// A valid refresh token that can authorize the request for new tokens. When refresh token rotation is active in the requested app client, this token is invalidated after the request is complete and after an optional grace period. String get refreshToken; /// The app client that issued the refresh token to the user who wants to request new tokens. diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart index b3d68b36eec..771c014921a 100644 --- a/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart +++ b/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart @@ -507,18 +507,23 @@ final class FetchAuthSessionStateMachine final deviceSecrets = await getOrCreate().get( userPoolTokens.username, ); - - // seems we dont support client metadata + + final deviceKey = deviceSecrets?.deviceKey; + // ignore: invalid_use_of_internal_member + final appClientSecret = _authConfig?.appClientSecret; + final refreshRequest = cognito_idp.GetTokensFromRefreshTokenRequest.build(( b, ) { b ..refreshToken = userPoolTokens.refreshToken ..clientId = _authConfig?.userPoolClientId; - final deviceKey = deviceSecrets?.deviceKey; if (deviceKey != null) { b.deviceKey = deviceKey; } + if (appClientSecret != null) { + b.clientSecret = appClientSecret; + } }); try { final result = await _withZoneOverrides( From ae0dd5ffd2aa7130ea18757237fe95bd1d566080 Mon Sep 17 00:00:00 2001 From: Ekjot <43255916+ekjotmultani@users.noreply.github.com> Date: Wed, 3 Sep 2025 08:46:53 -0700 Subject: [PATCH 23/23] updated formatting --- .../model/get_tokens_from_refresh_token_request.dart | 5 +++-- .../src/state/machines/fetch_auth_session_state_machine.dart | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart index 8755c93bacf..05d62781c21 100644 --- a/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart +++ b/packages/auth/amplify_auth_cognito_dart/lib/src/sdk/src/cognito_identity_provider/model/get_tokens_from_refresh_token_request.dart @@ -32,8 +32,9 @@ abstract class GetTokensFromRefreshTokenRequest clientId: clientId, clientSecret: clientSecret, deviceKey: deviceKey, - clientMetadata: - clientMetadata == null ? null : _i3.BuiltMap(clientMetadata), + clientMetadata: clientMetadata == null + ? null + : _i3.BuiltMap(clientMetadata), ); } diff --git a/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart b/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart index 771c014921a..500513415b7 100644 --- a/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart +++ b/packages/auth/amplify_auth_cognito_dart/lib/src/state/machines/fetch_auth_session_state_machine.dart @@ -507,11 +507,11 @@ final class FetchAuthSessionStateMachine final deviceSecrets = await getOrCreate().get( userPoolTokens.username, ); - + final deviceKey = deviceSecrets?.deviceKey; // ignore: invalid_use_of_internal_member final appClientSecret = _authConfig?.appClientSecret; - + final refreshRequest = cognito_idp.GetTokensFromRefreshTokenRequest.build(( b, ) {