feat: implement review comments

lib/build/recipe/multifactorauth/index.d.ts

@@ -12,13 +12,13 @@ export default class Wrapper {
         factorId: string,
         userContext?: any
     ): Promise<boolean>;
-    static completeFactorInSession(
+    static markFactorAsCompleteInSession(
         session: SessionContainerInterface,
         factor: string,
         userContext?: any
     ): Promise<void>;
 }
 export declare let init: typeof Recipe.init;
-export declare let completeFactorInSession: typeof Wrapper.completeFactorInSession;
+export declare let markFactorAsCompleteInSession: typeof Wrapper.markFactorAsCompleteInSession;
 export { MultiFactorAuthClaim };
 export type { RecipeInterface, APIOptions, APIInterface };

lib/build/recipe/multifactorauth/index.js

@@ -19,7 +19,7 @@ var __importDefault =
         return mod && mod.__esModule ? mod : { default: mod };
     };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.MultiFactorAuthClaim = exports.completeFactorInSession = exports.init = void 0;
+exports.MultiFactorAuthClaim = exports.markFactorAsCompleteInSession = exports.init = void 0;
 const recipe_1 = __importDefault(require("./recipe"));
 const multiFactorAuthClaim_1 = require("./multiFactorAuthClaim");
 Object.defineProperty(exports, "MultiFactorAuthClaim", {
@@ -37,14 +37,46 @@ class Wrapper {
         });
     }
     static async isAllowedToSetupFactor(session, factorId, userContext) {
+        var _a;
+        let ctx = userContext !== null && userContext !== void 0 ? userContext : {};
+        const factorsSetup = await recipe_1.default
+            .getInstanceOrThrowError()
+            .recipeInterfaceImpl.getFactorsSetupForUser({
+                userId: session.getUserId(),
+                tenantId: session.getTenantId(),
+                userContext: ctx,
+            });
+        const mfaClaimValue = await session.getClaimValue(multiFactorAuthClaim_1.MultiFactorAuthClaim, ctx);
+        const completedFactors =
+            (_a = mfaClaimValue === null || mfaClaimValue === void 0 ? void 0 : mfaClaimValue.c) !== null &&
+            _a !== void 0
+                ? _a
+                : {};
+        const defaultMFARequirementsForUser = []; // TODO
+        const defaultMFARequirementsForTenant = []; // TODO
+        const requirements = await recipe_1.default
+            .getInstanceOrThrowError()
+            .recipeInterfaceImpl.getMFARequirementsForAuth({
+                session,
+                factorsSetUpByTheUser: factorsSetup,
+                defaultRequiredFactorsForUser: defaultMFARequirementsForUser,
+                defaultRequiredFactorsForTenant: defaultMFARequirementsForTenant,
+                completedFactors,
+                userContext: ctx,
+            });
         return recipe_1.default.getInstanceOrThrowError().recipeInterfaceImpl.isAllowedToSetupFactor({
-            factorId,
             session,
+            factorId,
+            completedFactors,
+            requirementsForAuth: requirements,
+            factorsSetUpByTheUser: factorsSetup,
+            defaultRequiredFactorsForUser: defaultMFARequirementsForUser,
+            defaultRequiredFactorsForTenant: defaultMFARequirementsForTenant,
             userContext,
         });
     }
-    static async completeFactorInSession(session, factor, userContext) {
-        return recipe_1.default.getInstanceOrThrowError().completeFactorInSession({
+    static async markFactorAsCompleteInSession(session, factor, userContext) {
+        return recipe_1.default.getInstanceOrThrowError().recipeInterfaceImpl.markFactorAsCompleteInSession({
             session,
             factor,
             userContext: userContext !== null && userContext !== void 0 ? userContext : {},
@@ -55,4 +87,4 @@ exports.default = Wrapper;
 Wrapper.init = recipe_1.default.init;
 Wrapper.MultiFactorAuthClaim = multiFactorAuthClaim_1.MultiFactorAuthClaim;
 exports.init = Wrapper.init;
-exports.completeFactorInSession = Wrapper.completeFactorInSession;
+exports.markFactorAsCompleteInSession = Wrapper.markFactorAsCompleteInSession;

lib/build/recipe/multifactorauth/recipe.d.ts

@@ -6,7 +6,6 @@ import STError from "../../error";
 import { APIHandled, HTTPMethod, NormalisedAppinfo, RecipeListFunction } from "../../types";
 import { ProviderInput } from "../thirdparty/types";
 import { APIInterface, RecipeInterface, TypeInput, TypeNormalisedInput } from "./types";
-import { SessionContainerInterface } from "../session/types";
 export default class Recipe extends RecipeModule {
     private static instance;
     static RECIPE_ID: string;
@@ -34,13 +33,4 @@ export default class Recipe extends RecipeModule {
     handleError: (err: STError, _: BaseRequest, __: BaseResponse) => Promise<void>;
     getAllCORSHeaders: () => string[];
     isErrorFromThisRecipe: (err: any) => err is STError;
-    completeFactorInSession({
-        session,
-        factor,
-        userContext,
-    }: {
-        session: SessionContainerInterface;
-        factor: string;
-        userContext: any;
-    }): Promise<void>;
 }

lib/build/recipe/multifactorauth/recipe.js

@@ -118,29 +118,6 @@ class Recipe extends recipeModule_1.default {
         }
         Recipe.instance = undefined;
     }
-    async completeFactorInSession({ session, factor, userContext }) {
-        const currentValue = await session.getClaimValue(multiFactorAuthClaim_1.MultiFactorAuthClaim);
-        const completed = Object.assign(
-            Object.assign({}, currentValue === null || currentValue === void 0 ? void 0 : currentValue.c),
-            { [factor]: Math.floor(Date.now() / 1000) }
-        );
-        const setupUserFactors = await this.recipeInterfaceImpl.getFactorsSetupForUser({
-            userId: session.getUserId(),
-            tenantId: session.getTenantId(),
-            userContext,
-        });
-        const requirements = await this.config.getMFARequirementsForAuth(
-            session,
-            setupUserFactors,
-            completed,
-            userContext
-        );
-        const next = multiFactorAuthClaim_1.MultiFactorAuthClaim.buildNextArray(completed, requirements);
-        await session.setClaimValue(multiFactorAuthClaim_1.MultiFactorAuthClaim, {
-            c: completed,
-            n: next,
-        });
-    }
 }
 exports.default = Recipe;
 Recipe.instance = undefined;

lib/build/recipe/multifactorauth/recipeImplementation.js

@@ -1,6 +1,30 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 function getRecipeInterface(_querier) {
-    return {};
+    return {
+        // markFactorAsCompleteInSession: async ({ session, factor, userContext }) => {
+        //     const currentValue = await session.getClaimValue(MultiFactorAuthClaim);
+        //     const completed = {
+        //         ...currentValue?.c,
+        //         [factor]: Math.floor(Date.now() / 1000),
+        //     };
+        //     const setupUserFactors = await this.recipeInterfaceImpl.getFactorsSetupForUser({
+        //         userId: session.getUserId(),
+        //         tenantId: session.getTenantId(),
+        //         userContext,
+        //     });
+        //     const requirements = await this.config.getMFARequirementsForAuth(
+        //         session,
+        //         setupUserFactors,
+        //         completed,
+        //         userContext
+        //     );
+        //     const next = MultiFactorAuthClaim.buildNextArray(completed, requirements);
+        //     await session.setClaimValue(MultiFactorAuthClaim, {
+        //         c: completed,
+        //         n: next,
+        //     });
+        // },
+    };
 }
 exports.default = getRecipeInterface;

lib/build/recipe/multifactorauth/types.d.ts

@@ -7,7 +7,6 @@ import { SessionContainerInterface } from "../session/types";
 export declare type MFARequirement =
     | {
           id: string;
-          maxAgeInSeconds?: number;
       }
     | string;
 export declare type MFARequirementList = (
@@ -25,19 +24,6 @@ export declare type MFAClaimValue = {
 };
 export declare type TypeInput = {
     firstFactors?: string[];
-    getMFARequirementsForAuth?: (
-        session: SessionContainer | undefined,
-        factorsSetUpByTheUser: string[],
-        completedFactors: Record<string, number>,
-        userContext: any
-    ) => Promise<MFARequirementList> | MFARequirementList;
-    getMFARequirementsForFactorSetup?: (
-        factorId: string,
-        session: SessionContainer,
-        factorsSetUpByTheUser: string[],
-        completedFactors: Record<string, number>,
-        userContext: any
-    ) => Promise<MFARequirementList> | MFARequirementList;
     override?: {
         functions?: (
             originalImplementation: RecipeInterface,
@@ -48,19 +34,6 @@ export declare type TypeInput = {
 };
 export declare type TypeNormalisedInput = {
     firstFactors?: string[];
-    getMFARequirementsForAuth: (
-        session: SessionContainer | undefined,
-        factorsSetUpByTheUser: string[],
-        completedFactors: Record<string, number>,
-        userContext: any
-    ) => Promise<MFARequirementList> | MFARequirementList;
-    getMFARequirementsForFactorSetup: (
-        factorId: string,
-        session: SessionContainer,
-        factorsSetUpByTheUser: string[],
-        completedFactors: Record<string, number>,
-        userContext: any
-    ) => Promise<MFARequirementList> | MFARequirementList;
     override: {
         functions: (
             originalImplementation: RecipeInterface,
@@ -71,10 +44,28 @@ export declare type TypeNormalisedInput = {
 };
 export declare type RecipeInterface = {
     isAllowedToSetupFactor: (input: {
-        session: SessionContainerInterface;
+        session: SessionContainer;
         factorId: string;
+        requirementsForAuth: MFARequirementList;
+        factorsSetUpByTheUser: string[];
+        defaultRequiredFactorsForUser: string[];
+        defaultRequiredFactorsForTenant: string[];
+        completedFactors: Record<string, number>;
         userContext: any;
     }) => Promise<boolean>;
+    getMFARequirementsForAuth: (input: {
+        session: SessionContainer;
+        factorsSetUpByTheUser: string[];
+        defaultRequiredFactorsForUser: string[];
+        defaultRequiredFactorsForTenant: string[];
+        completedFactors: Record<string, number>;
+        userContext: any;
+    }) => Promise<MFARequirementList> | MFARequirementList;
+    markFactorAsCompleteInSession: (input: {
+        session: SessionContainerInterface;
+        factor: string;
+        userContext?: any;
+    }) => Promise<void>;
     getFactorsSetupForUser: (input: { userId: string; tenantId: string; userContext: any }) => Promise<string[]>;
 };
 export declare type APIOptions = {
@@ -94,8 +85,8 @@ export declare type APIInterface = {
         | {
               status: "OK";
               factors: {
-                  canComplete: string[];
-                  canSetup: string[];
+                  isAlreadySetup: string[];
+                  isAllowedToSetup: string[];
               };
           }
         | GeneralErrorResponse

lib/build/recipe/multifactorauth/utils.js

@@ -16,7 +16,6 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.validateAndNormaliseUserInput = void 0;
 function validateAndNormaliseUserInput(config) {
-    var _a, _b;
     let override = Object.assign(
         {
             functions: (originalImplementation) => originalImplementation,
@@ -26,22 +25,6 @@ function validateAndNormaliseUserInput(config) {
     );
     return {
         firstFactors: config === null || config === void 0 ? void 0 : config.firstFactors,
-        getMFARequirementsForFactorSetup:
-            (_a = config === null || config === void 0 ? void 0 : config.getMFARequirementsForFactorSetup) !== null &&
-            _a !== void 0
-                ? _a
-                : () => {
-                      // TODO: the default should be 2FA if any secondary factors are set up, otherwise we only require the first factor to be completed
-                      return [];
-                  },
-        getMFARequirementsForAuth:
-            (_b = config === null || config === void 0 ? void 0 : config.getMFARequirementsForAuth) !== null &&
-            _b !== void 0
-                ? _b
-                : () => {
-                      // TODO: the default should be 2FA (so any 2 factors)
-                      return [];
-                  },
         override,
     };
 }

lib/ts/recipe/multifactorauth/index.ts

@@ -32,15 +32,38 @@ export default class Wrapper {
     }
 
     static async isAllowedToSetupFactor(session: SessionContainerInterface, factorId: string, userContext?: any) {
+        let ctx = userContext ?? {};
+        const factorsSetup = await Recipe.getInstanceOrThrowError().recipeInterfaceImpl.getFactorsSetupForUser({
+            userId: session.getUserId(),
+            tenantId: session.getTenantId(),
+            userContext: ctx,
+        });
+        const mfaClaimValue = await session.getClaimValue(MultiFactorAuthClaim, ctx);
+        const completedFactors = mfaClaimValue?.c ?? {};
+        const defaultMFARequirementsForUser: string[] = []; // TODO
+        const defaultMFARequirementsForTenant: string[] = []; // TODO
+        const requirements = await Recipe.getInstanceOrThrowError().recipeInterfaceImpl.getMFARequirementsForAuth({
+            session,
+            factorsSetUpByTheUser: factorsSetup,
+            defaultRequiredFactorsForUser: defaultMFARequirementsForUser,
+            defaultRequiredFactorsForTenant: defaultMFARequirementsForTenant,
+            completedFactors,
+            userContext: ctx,
+        });
         return Recipe.getInstanceOrThrowError().recipeInterfaceImpl.isAllowedToSetupFactor({
-            factorId,
             session,
+            factorId,
+            completedFactors,
+            requirementsForAuth: requirements,
+            factorsSetUpByTheUser: factorsSetup,
+            defaultRequiredFactorsForUser: defaultMFARequirementsForUser,
+            defaultRequiredFactorsForTenant: defaultMFARequirementsForTenant,
             userContext,
         });
     }
 
-    static async completeFactorInSession(session: SessionContainerInterface, factor: string, userContext?: any) {
-        return Recipe.getInstanceOrThrowError().completeFactorInSession({
+    static async markFactorAsCompleteInSession(session: SessionContainerInterface, factor: string, userContext?: any) {
+        return Recipe.getInstanceOrThrowError().recipeInterfaceImpl.markFactorAsCompleteInSession({
             session,
             factor,
             userContext: userContext ?? {},
@@ -50,7 +73,7 @@ export default class Wrapper {
 
 export let init = Wrapper.init;
 
-export let completeFactorInSession = Wrapper.completeFactorInSession;
+export let markFactorAsCompleteInSession = Wrapper.markFactorAsCompleteInSession;
 
 export { MultiFactorAuthClaim };
 export type { RecipeInterface, APIOptions, APIInterface };

lib/ts/recipe/multifactorauth/recipe.ts

@@ -28,7 +28,6 @@ import { MultiFactorAuthClaim } from "./multiFactorAuthClaim";
 import { APIInterface, RecipeInterface, TypeInput, TypeNormalisedInput } from "./types";
 import { validateAndNormaliseUserInput } from "./utils";
 import mfaInfoAPI from "./api/mfaInfo";
-import { SessionContainerInterface } from "../session/types";
 import SessionRecipe from "../session/recipe";
 import { PostSuperTokensInitCallbacks } from "../../postSuperTokensInitCallbacks";
 
@@ -150,39 +149,4 @@ export default class Recipe extends RecipeModule {
     isErrorFromThisRecipe = (err: any): err is STError => {
         return STError.isErrorFromSuperTokens(err) && err.fromRecipe === Recipe.RECIPE_ID;
     };
-
-    async completeFactorInSession({
-        session,
-        factor,
-        userContext,
-    }: {
-        session: SessionContainerInterface;
-        factor: string;
-        userContext: any;
-    }) {
-        const currentValue = await session.getClaimValue(MultiFactorAuthClaim);
-        const completed = {
-            ...currentValue?.c,
-            [factor]: Math.floor(Date.now() / 1000),
-        };
-
-        const setupUserFactors = await this.recipeInterfaceImpl.getFactorsSetupForUser({
-            userId: session.getUserId(),
-            tenantId: session.getTenantId(),
-            userContext,
-        });
-
-        const requirements = await this.config.getMFARequirementsForAuth(
-            session,
-            setupUserFactors,
-            completed,
-            userContext
-        );
-        const next = MultiFactorAuthClaim.buildNextArray(completed, requirements);
-
-        await session.setClaimValue(MultiFactorAuthClaim, {
-            c: completed,
-            n: next,
-        });
-    }
 }