Showing 10 of 145 files from the diff.
Other files ignored by Codecov
.gitignore has changed.
README.md has changed.
NOTICE is new.

@@ -780,13 +780,22 @@
Loading
780 780
	}
781 781
782 782
	private async _awsRealTimeOPENIDHeader({ host }) {
783 +
		let token;
784 +
		// backwards compatibility
783 785
		const federatedInfo = await Cache.getItem('federatedInfo');
784 -
785 -
		if (!federatedInfo || !federatedInfo.token) {
786 +
		if (federatedInfo) {
787 +
			token = federatedInfo.token;
788 +
		} else {
789 +
			const currentUser = await Auth.currentAuthenticatedUser();
790 +
			if (currentUser) {
791 +
				token = currentUser.token;
792 +
			}
793 +
		}
794 +
		if (!token) {
786 795
			throw new Error('No federated jwt');
787 796
		}
788 797
		return {
789 -
			Authorization: federatedInfo.token,
798 +
			Authorization: token,
790 799
			host,
791 800
		};
792 801
	}

@@ -23,7 +23,7 @@
Loading
23 23
        <div v-bind:class="amplifyUI.inputLabel">{{$Amplify.I18n.get('Password')}} *</div>
24 24
        <input  v-bind:class="amplifyUI.input" v-model="password" type="password" :placeholder="$Amplify.I18n.get('Enter your password')" v-on:keyup.enter="signIn" v-bind:data-test="auth.signIn.passwordInput" />
25 25
        <div v-bind:class="amplifyUI.hint">
26 -
          {{$Amplify.I18n.get('Forget your password? ')}}
26 +
          {{$Amplify.I18n.get('Forgot your password? ')}}
27 27
          <a v-bind:class="amplifyUI.a" v-on:click="forgot" v-bind:data-test="auth.signIn.forgotPasswordLink">{{$Amplify.I18n.get('Reset password')}}</a>
28 28
        </div>
29 29
      </div>

@@ -1,2 +1,2 @@
Loading
1 1
// generated by genversion
2 -
export const version = '3.5.5';
2 +
export const version = '3.7.0';

@@ -1,4 +1,4 @@
Loading
1 -
import { browserOrNode } from '@aws-amplify/core';
1 +
import { browserOrNode, isWebWorker } from '@aws-amplify/core';
2 2
import Observable, { ZenObservable } from 'zen-observable-ts';
3 3
4 4
type NetworkStatus = {
@@ -16,7 +16,11 @@
Loading
16 16
		}
17 17
18 18
		return new Observable(observer => {
19 -
			observer.next({ online: window.navigator.onLine });
19 +
			const online = isWebWorker()
20 +
				? self.navigator.onLine
21 +
				: window.navigator.onLine;
22 +
23 +
			observer.next({ online });
20 24
21 25
			const notifyOnline = () => observer.next({ online: true });
22 26
			const notifyOffline = () => observer.next({ online: false });

@@ -15,7 +15,7 @@
Loading
15 15
import { I18n, isEmpty, ConsoleLogger as Logger } from '@aws-amplify/core';
16 16
import { Auth } from '@aws-amplify/auth';
17 17
18 -
import { AuthPiece, IAuthPieceProps, IAuthPieceState  } from './AuthPiece';
18 +
import { AuthPiece, IAuthPieceProps, IAuthPieceState } from './AuthPiece';
19 19
import { FederatedButtons } from './FederatedSignIn';
20 20
import { SignUp } from './SignUp';
21 21
import { ForgotPassword } from './ForgotPassword';
@@ -176,7 +176,7 @@
Loading
176 176
							/>
177 177
							{!hideForgotPassword && (
178 178
								<Hint theme={theme}>
179 -
									{I18n.get('Forget your password? ')}
179 +
									{I18n.get('Forgot your password? ')}
180 180
									<Link
181 181
										theme={theme}
182 182
										onClick={() => this.changeState('forgotPassword')}

@@ -15,7 +15,6 @@
Loading
15 15
16 16
import {
17 17
	Amplify,
18 -
	browserOrNode,
19 18
	ConsoleLogger as Logger,
20 19
	INTERNAL_AWS_APPSYNC_PUBSUB_PROVIDER,
21 20
	INTERNAL_AWS_APPSYNC_REALTIME_PUBSUB_PROVIDER,
@@ -23,7 +22,6 @@
Loading
23 22
import { PubSubProvider, PubSubOptions, ProvidertOptions } from './types';
24 23
import { AWSAppSyncProvider, AWSAppSyncRealTimeProvider } from './Providers';
25 24
26 -
const { isNode } = browserOrNode();
27 25
const logger = new Logger('PubSub');
28 26
29 27
export class PubSubClass {
@@ -153,8 +151,10 @@
Loading
153 151
		topics: string[] | string,
154 152
		options?: ProvidertOptions
155 153
	): Observable<any> {
156 -
		if (isNode) {
157 -
			throw new Error('Subscriptions are not supported in Node');
154 +
		if (this._options && this._options.ssr) {
155 +
			throw new Error(
156 +
				'Subscriptions are not supported for Server-Side Rendering (SSR)'
157 +
			);
158 158
		}
159 159
160 160
		logger.debug('subscribe options', options);

@@ -139,13 +139,22 @@
Loading
139 139
				}
140 140
				break;
141 141
			case 'OPENID_CONNECT':
142 -
				const federatedInfo = await this.Cache.getItem('federatedInfo');
143 -
144 -
				if (!federatedInfo || !federatedInfo.token) {
142 +
				let token;
143 +
				// backwards compatibility
144 +
				const federatedInfo = await Cache.getItem('federatedInfo');
145 +
				if (federatedInfo) {
146 +
					token = federatedInfo.token;
147 +
				} else {
148 +
					const currentUser = await Auth.currentAuthenticatedUser();
149 +
					if (currentUser) {
150 +
						token = currentUser.token;
151 +
					}
152 +
				}
153 +
				if (!token) {
145 154
					throw new Error('No federated jwt');
146 155
				}
147 156
				headers = {
148 -
					Authorization: federatedInfo.token,
157 +
					Authorization: token,
149 158
				};
150 159
				break;
151 160
			case 'AMAZON_COGNITO_USER_POOLS':

@@ -154,8 +154,7 @@
Loading
154 154
}
155 155
156 156
export function getAuthorizationRules(
157 -
	modelDefinition: SchemaModel,
158 -
	transformerOpType: TransformerMutationType
157 +
	modelDefinition: SchemaModel
159 158
): AuthorizationRule[] {
160 159
	// Searching for owner authorization on attributes
161 160
	const authConfig = []
@@ -171,49 +170,54 @@
Loading
171 170
		const {
172 171
			identityClaim = 'cognito:username',
173 172
			ownerField = 'owner',
174 -
			operations = ['create', 'update', 'delete'],
173 +
			operations = ['create', 'update', 'delete', 'read'],
175 174
			provider = 'userPools',
176 175
			groupClaim = 'cognito:groups',
177 176
			allow: authStrategy = 'iam',
178 177
			groups = [],
179 178
		} = rule;
180 179
181 -
		const isOperationAuthorized = operations.find(
182 -
			operation => operation.toLowerCase() === transformerOpType.toLowerCase()
183 -
		);
184 -
185 -
		if (isOperationAuthorized) {
186 -
			const rule: AuthorizationRule = {
187 -
				identityClaim,
188 -
				ownerField,
189 -
				provider,
190 -
				groupClaim,
191 -
				authStrategy,
192 -
				groups,
193 -
				areSubscriptionsPublic: false,
194 -
			};
195 -
196 -
			if (authStrategy === 'owner') {
197 -
				// look for the subscription level override
198 -
				// only pay attention to the public level
199 -
				const modelConfig = (<typeof modelDefinition.attributes>[])
200 -
					.concat(modelDefinition.attributes)
201 -
					.find(attr => attr && attr.type === 'model');
202 -
203 -
				// find the subscriptions level. ON is default
204 -
				const { properties: { subscriptions: { level = 'on' } = {} } = {} } =
205 -
					modelConfig || {};
206 -
207 -
				rule.areSubscriptionsPublic = level === 'public';
208 -
			}
180 +
		const isReadAuthorized = operations.includes('read');
181 +
		const isOwnerAuth = authStrategy === 'owner';
182 +
183 +
		if (!isReadAuthorized && !isOwnerAuth) {
184 +
			return;
185 +
		}
209 186
187 +
		const authRule: AuthorizationRule = {
188 +
			identityClaim,
189 +
			ownerField,
190 +
			provider,
191 +
			groupClaim,
192 +
			authStrategy,
193 +
			groups,
194 +
			areSubscriptionsPublic: false,
195 +
		};
196 +
197 +
		if (isOwnerAuth) {
198 +
			// look for the subscription level override
199 +
			// only pay attention to the public level
200 +
			const modelConfig = (<typeof modelDefinition.attributes>[])
201 +
				.concat(modelDefinition.attributes)
202 +
				.find(attr => attr && attr.type === 'model');
203 +
204 +
			// find the subscriptions level. ON is default
205 +
			const { properties: { subscriptions: { level = 'on' } = {} } = {} } =
206 +
				modelConfig || {};
207 +
208 +
			// treat subscriptions as public for owner auth with unprotected reads
209 +
			// when `read` is omitted from `operations`
210 +
			authRule.areSubscriptionsPublic =
211 +
				!operations.includes('read') || level === 'public';
212 +
		}
213 +
214 +
		if (isOwnerAuth) {
210 215
			// owner rules has least priority
211 -
			if (authStrategy === 'owner') {
212 -
				resultRules.push(rule);
213 -
			} else {
214 -
				resultRules.unshift(rule);
215 -
			}
216 +
			resultRules.push(authRule);
217 +
			return;
216 218
		}
219 +
220 +
		resultRules.unshift(authRule);
217 221
	});
218 222
219 223
	return resultRules;

@@ -61,7 +61,6 @@
Loading
61 61
		const { authMode, isOwner, ownerField, ownerValue } =
62 62
			this.getAuthorizationInfo(
63 63
				model,
64 -
				transformerMutationType,
65 64
				userCredentials,
66 65
				cognitoTokenPayload,
67 66
				oidcTokenPayload
@@ -79,7 +78,6 @@
Loading
79 78
80 79
	private getAuthorizationInfo(
81 80
		model: SchemaModel,
82 -
		transformerMutationType: TransformerMutationType,
83 81
		userCredentials: USER_CREDENTIALS,
84 82
		cognitoTokenPayload: { [field: string]: any } = {},
85 83
		oidcTokenPayload: { [field: string]: any } = {}
@@ -90,7 +88,7 @@
Loading
90 88
		ownerValue?: string;
91 89
	} {
92 90
		let result;
93 -
		const rules = getAuthorizationRules(model, transformerMutationType);
91 +
		const rules = getAuthorizationRules(model);
94 92
95 93
		// check if has apiKey and public authorization
96 94
		const apiKeyAuth = rules.find(
@@ -131,7 +129,7 @@
Loading
131 129
		);
132 130
133 131
		const validCognitoGroup = groupAuthRules.find(groupAuthRule => {
134 -
			// validate token agains groupClaim
132 +
			// validate token against groupClaim
135 133
			const userGroups: string[] =
136 134
				cognitoTokenPayload[groupAuthRule.groupClaim] || [];
137 135
@@ -153,11 +151,11 @@
Loading
153 151
		);
154 152
155 153
		const validOidcGroup = groupAuthRules.find(groupAuthRule => {
156 -
			// validate token agains groupClaim
154 +
			// validate token against groupClaim
157 155
			const userGroups: string[] =
158 156
				oidcTokenPayload[groupAuthRule.groupClaim] || [];
159 157
160 -
			userGroups.find(userGroup => {
158 +
			return userGroups.find(userGroup => {
161 159
				return groupAuthRule.groups.find(group => group === userGroup);
162 160
			});
163 161
		});
@@ -258,15 +256,26 @@
Loading
258 256
				}
259 257
260 258
				try {
261 -
					// retrieving token info from OIDC
259 +
					let token;
260 +
					// backwards compatibility
262 261
					const federatedInfo = await Cache.getItem('federatedInfo');
263 -
					const { token } = federatedInfo;
264 -
					const payload = token.split('.')[1];
265 -
266 -
					oidcTokenPayload = JSON.parse(
267 -
						Buffer.from(payload, 'base64').toString('utf8')
268 -
					);
262 +
					if (federatedInfo) {
263 +
						token = federatedInfo.token;
264 +
					} else {
265 +
						const currentUser = await Auth.currentAuthenticatedUser();
266 +
						if (currentUser) {
267 +
							token = currentUser.token;
268 +
						}
269 +
					}
270 +
271 +
					if (token) {
272 +
						const payload = token.split('.')[1];
273 +
						oidcTokenPayload = JSON.parse(
274 +
							Buffer.from(payload, 'base64').toString('utf8')
275 +
						);
276 +
					}
269 277
				} catch (err) {
278 +
					logger.debug('error getting OIDC JWT', err);
270 279
					// best effort to get oidc jwt
271 280
				}
272 281

@@ -1251,9 +1251,15 @@
Loading
1251 1251
		}
1252 1252
1253 1253
		try {
1254 -
			federatedUser = JSON.parse(
1254 +
			const federatedInfo = JSON.parse(
1255 1255
				this._storage.getItem('aws-amplify-federatedInfo')
1256 -
			).user;
1256 +
			);
1257 +
			if (federatedInfo) {
1258 +
				federatedUser = {
1259 +
					...federatedInfo.user,
1260 +
					token: federatedInfo.token,
1261 +
				};
1262 +
			}
1257 1263
		} catch (e) {
1258 1264
			logger.debug('cannot load federated user from auth storage');
1259 1265
		}
@@ -1401,15 +1407,18 @@
Loading
1401 1407
		clientMetadata: ClientMetaData = this._config.clientMetadata
1402 1408
	): Promise<void> {
1403 1409
		return new Promise((resolve, reject) => {
1404 -
			user.getAttributeVerificationCode(attr, {
1405 -
				onSuccess() {
1406 -
					return resolve();
1407 -
				},
1408 -
				onFailure(err) {
1409 -
					return reject(err);
1410 +
			user.getAttributeVerificationCode(
1411 +
				attr,
1412 +
				{
1413 +
					onSuccess() {
1414 +
						return resolve();
1415 +
					},
1416 +
					onFailure(err) {
1417 +
						return reject(err);
1418 +
					},
1410 1419
				},
1411 -
				clientMetadata,
1412 -
			});
1420 +
				clientMetadata
1421 +
			);
1413 1422
		});
1414 1423
	}
1415 1424
Files Coverage
packages 73.28%
Project Totals (213 files) 73.28%
1
codecov:
2
  notify:
3
    after_n_builds: 1
4

5
coverage:
6
  status:
7
    project: off
8
    patch: off
9
    changes:
10
      default:
11
        target: 82%
12
        if_not_found: success
Sunburst
The inner-most circle is the entire project, moving away from the center are folders then, finally, a single file. The size and color of each slice is representing the number of statements and the coverage, respectively.
Icicle
The top section represents the entire project. Proceeding with folders and finally individual files. The size and color of each slice is representing the number of statements and the coverage, respectively.
Grid
Each block represents a single file in the project. The size and color of each block is represented by the number of statements and the coverage, respectively.
Loading