10007 DOD: Move cognito specific functions to user gateway

web-api/src/business/useCases/auth/changePasswordInteractor.test.ts

@@ -1,5 +1,4 @@
 import {
-  AuthFlowType,
   ChallengeNameType,
   CodeMismatchException,
   ExpiredCodeException,
@@ -66,7 +65,7 @@ describe('changePasswordInteractor', () => {
       };
 
       applicationContext
-        .getCognito()
+        .getUserGateway()
         .initiateAuth.mockResolvedValue(mockInitiateAuthResponse);
 
       applicationContext
@@ -85,7 +84,7 @@ describe('changePasswordInteractor', () => {
         AuthenticationResult: {},
       };
       applicationContext
-        .getCognito()
+        .getUserGateway()
         .initiateAuth.mockResolvedValue(mockInitiateAuthResponse);
 
       await expect(
@@ -97,16 +96,12 @@ describe('changePasswordInteractor', () => {
         }),
       ).rejects.toThrow('User is not in `FORCE_CHANGE_PASSWORD` state');
 
-      expect(applicationContext.getCognito().initiateAuth).toHaveBeenCalledWith(
-        {
-          AuthFlow: AuthFlowType.USER_PASSWORD_AUTH,
-          AuthParameters: {
-            PASSWORD: mockPassword,
-            USERNAME: mockEmail,
-          },
-          ClientId: applicationContext.environment.cognitoClientId,
-        },
-      );
+      expect(
+        applicationContext.getUserGateway().initiateAuth,
+      ).toHaveBeenCalledWith(applicationContext, {
+        email: mockEmail,
+        password: mockPassword,
+      });
     });
 
     it('should update the user`s password in persistence when they are in NEW_PASSWORD_REQUIRED state and their change password request is valid', async () => {
@@ -279,7 +274,7 @@ describe('changePasswordInteractor', () => {
       });
 
       applicationContext
-        .getCognito()
+        .getUserGateway()
         .initiateAuth.mockResolvedValue(mockInitiateAuthResponse);
     });
 
@@ -314,16 +309,12 @@ describe('changePasswordInteractor', () => {
         Password: mockPassword,
         Username: mockEmail,
       });
-      expect(applicationContext.getCognito().initiateAuth).toHaveBeenCalledWith(
-        {
-          AuthFlow: AuthFlowType.USER_PASSWORD_AUTH,
-          AuthParameters: {
-            PASSWORD: mockPassword,
-            USERNAME: mockEmail,
-          },
-          ClientId: applicationContext.environment.cognitoClientId,
-        },
-      );
+      expect(
+        applicationContext.getUserGateway().initiateAuth,
+      ).toHaveBeenCalledWith(applicationContext, {
+        email: mockEmail,
+        password: mockPassword,
+      });
       expect(result).toEqual({
         accessToken: mockToken,
         idToken: mockToken,
@@ -332,7 +323,7 @@ describe('changePasswordInteractor', () => {
     });
 
     it('should throw an error if initiate auth does not return the correct tokens', async () => {
-      applicationContext.getCognito().initiateAuth.mockResolvedValue({});
+      applicationContext.getUserGateway().initiateAuth.mockResolvedValue({});
 
       await expect(
         changePasswordInteractor(applicationContext, {
@@ -343,21 +334,17 @@ describe('changePasswordInteractor', () => {
         }),
       ).rejects.toThrow(`Unable to change password for email: ${mockEmail}`);
 
-      expect(applicationContext.getCognito().initiateAuth).toHaveBeenCalledWith(
-        {
-          AuthFlow: AuthFlowType.USER_PASSWORD_AUTH,
-          AuthParameters: {
-            PASSWORD: mockPassword,
-            USERNAME: mockEmail,
-          },
-          ClientId: applicationContext.environment.cognitoClientId,
-        },
-      );
+      expect(
+        applicationContext.getUserGateway().initiateAuth,
+      ).toHaveBeenCalledWith(applicationContext, {
+        email: mockEmail,
+        password: mockPassword,
+      });
     });
 
     it('should throw an InvalidRequest error if initiateAuth returns a CodeMismatchException', async () => {
       applicationContext
-        .getCognito()
+        .getUserGateway()
         .initiateAuth.mockRejectedValueOnce(
           new CodeMismatchException({ $metadata: {}, message: '' }),
         );
@@ -371,21 +358,17 @@ describe('changePasswordInteractor', () => {
         }),
       ).rejects.toThrow('Forgot password code is expired or incorrect');
 
-      expect(applicationContext.getCognito().initiateAuth).toHaveBeenCalledWith(
-        {
-          AuthFlow: AuthFlowType.USER_PASSWORD_AUTH,
-          AuthParameters: {
-            PASSWORD: mockPassword,
-            USERNAME: mockEmail,
-          },
-          ClientId: applicationContext.environment.cognitoClientId,
-        },
-      );
+      expect(
+        applicationContext.getUserGateway().initiateAuth,
+      ).toHaveBeenCalledWith(applicationContext, {
+        email: mockEmail,
+        password: mockPassword,
+      });
     });
 
     it('should throw an InvalidRequest error if initiateAuth returns a ExpiredCodeException', async () => {
       applicationContext
-        .getCognito()
+        .getUserGateway()
         .initiateAuth.mockRejectedValueOnce(
           new ExpiredCodeException({ $metadata: {}, message: '' }),
         );
@@ -399,16 +382,12 @@ describe('changePasswordInteractor', () => {
         }),
       ).rejects.toThrow('Forgot password code is expired or incorrect');
 
-      expect(applicationContext.getCognito().initiateAuth).toHaveBeenCalledWith(
-        {
-          AuthFlow: AuthFlowType.USER_PASSWORD_AUTH,
-          AuthParameters: {
-            PASSWORD: mockPassword,
-            USERNAME: mockEmail,
-          },
-          ClientId: applicationContext.environment.cognitoClientId,
-        },
-      );
+      expect(
+        applicationContext.getUserGateway().initiateAuth,
+      ).toHaveBeenCalledWith(applicationContext, {
+        email: mockEmail,
+        password: mockPassword,
+      });
     });
   });
 });

web-api/src/business/useCases/auth/changePasswordInteractor.ts

@@ -1,7 +1,4 @@
-import {
-  AuthFlowType,
-  ChallengeNameType,
-} from '@aws-sdk/client-cognito-identity-provider';
+import { ChallengeNameType } from '@aws-sdk/client-cognito-identity-provider';
 import { ChangePasswordForm } from '@shared/business/entities/ChangePasswordForm';
 import { InvalidEntityError, NotFoundError } from '@web-api/errors/errors';
 import { MESSAGE_TYPES } from '@web-api/gateways/worker/workerRouter';
@@ -47,14 +44,10 @@ export const changePasswordInteractor = async (
 
     if (tempPassword) {
       const initiateAuthResult = await applicationContext
-        .getCognito()
-        .initiateAuth({
-          AuthFlow: AuthFlowType.USER_PASSWORD_AUTH,
-          AuthParameters: {
-            PASSWORD: tempPassword,
-            USERNAME: email,
-          },
-          ClientId: applicationContext.environment.cognitoClientId,
+        .getUserGateway()
+        .initiateAuth(applicationContext, {
+          email,
+          password: tempPassword,
         });
 
       if (
@@ -135,14 +128,12 @@ export const changePasswordInteractor = async (
         Username: email,
       });
 
-      const result = await applicationContext.getCognito().initiateAuth({
-        AuthFlow: AuthFlowType.USER_PASSWORD_AUTH,
-        AuthParameters: {
-          PASSWORD: password,
-          USERNAME: email,
-        },
-        ClientId: applicationContext.environment.cognitoClientId,
-      });
+      const result = await applicationContext
+        .getUserGateway()
+        .initiateAuth(applicationContext, {
+          email,
+          password,
+        });
 
       if (
         !result.AuthenticationResult?.AccessToken ||

web-api/src/business/useCases/auth/loginInteractor.test.ts

@@ -22,7 +22,7 @@ describe('loginInteractor', () => {
       ChallengeName: ChallengeNameType.NEW_PASSWORD_REQUIRED,
     };
     applicationContext
-      .getCognito()
+      .getUserGateway()
       .initiateAuth.mockResolvedValue(mockNewPasswordRequiredResponse);
 
     await expect(
@@ -41,7 +41,7 @@ describe('loginInteractor', () => {
       message: '',
     });
     applicationContext
-      .getCognito()
+      .getUserGateway()
       .initiateAuth.mockRejectedValue(mockWrongEmailOrPasswordError);
 
     await expect(
@@ -60,7 +60,7 @@ describe('loginInteractor', () => {
       message: 'Password attempts exceeded',
     });
     applicationContext
-      .getCognito()
+      .getUserGateway()
       .initiateAuth.mockRejectedValue(mockTooManyAttemptsError);
 
     await expect(
@@ -79,7 +79,7 @@ describe('loginInteractor', () => {
       message: '',
     });
     applicationContext
-      .getCognito()
+      .getUserGateway()
       .initiateAuth.mockRejectedValue(mockWrongEmailOrPasswordError);
 
     await expect(
@@ -97,7 +97,7 @@ describe('loginInteractor', () => {
       'Totally unexpected, unhandled error.',
     );
     applicationContext
-      .getCognito()
+      .getUserGateway()
       .initiateAuth.mockRejectedValue(mockWrongEmailOrPasswordError);
 
     await expect(
@@ -108,11 +108,11 @@ describe('loginInteractor', () => {
     ).rejects.toThrow(mockWrongEmailOrPasswordError);
   });
 
-  it('should throw an error if initiateAuth does not return access, id, and refresh tokens', async () => {
+  it('should throw an error when initiateAuth does not return access, id, and refresh tokens', async () => {
     const mockEmail = '[email protected]';
     const mockPassword = 'MyPa$Sword!';
     applicationContext
-      .getCognito()
+      .getUserGateway()
       .initiateAuth.mockResolvedValue({ AuthenticationResult: {} });
 
     await expect(
@@ -131,7 +131,7 @@ describe('loginInteractor', () => {
       message: '',
     });
     applicationContext
-      .getCognito()
+      .getUserGateway()
       .initiateAuth.mockRejectedValue(mockWrongEmailOrPasswordError);
     applicationContext.getUserGateway().getUserByEmail.mockResolvedValue({
       email: mockEmail,
@@ -154,7 +154,7 @@ describe('loginInteractor', () => {
       message: '',
     });
     applicationContext
-      .getCognito()
+      .getUserGateway()
       .initiateAuth.mockRejectedValue(mockWrongEmailOrPasswordError);
     applicationContext
       .getUserGateway()
@@ -182,7 +182,7 @@ describe('loginInteractor', () => {
       },
     };
     applicationContext
-      .getCognito()
+      .getUserGateway()
       .initiateAuth.mockResolvedValue(mockSuccessFullLoginResponse);
 
     const result = await loginInteractor(applicationContext, {

web-api/src/business/useCases/auth/loginInteractor.ts

@@ -1,7 +1,4 @@
-import {
-  AuthFlowType,
-  ChallengeNameType,
-} from '@aws-sdk/client-cognito-identity-provider';
+import { ChallengeNameType } from '@aws-sdk/client-cognito-identity-provider';
 import {
   InvalidRequest,
   NotFoundError,
@@ -15,14 +12,9 @@ export const loginInteractor = async (
   { email, password }: { email: string; password: string },
 ): Promise<{ idToken: string; accessToken: string; refreshToken: string }> => {
   try {
-    const result = await applicationContext.getCognito().initiateAuth({
-      AuthFlow: AuthFlowType.USER_PASSWORD_AUTH,
-      AuthParameters: {
-        PASSWORD: password,
-        USERNAME: email,
-      },
-      ClientId: applicationContext.environment.cognitoClientId,
-    });
+    const result = await applicationContext
+      .getUserGateway()
+      .initiateAuth(applicationContext, { email, password });
 
     if (result?.ChallengeName === ChallengeNameType.NEW_PASSWORD_REQUIRED) {
       const PasswordChangeError = new Error('NewPasswordRequired');

web-api/src/business/useCases/auth/renewIdTokenInteractor.test.ts

@@ -10,7 +10,7 @@ describe('renewIdTokenInteractor', () => {
       message: 'Refresh token is expired',
     });
     applicationContext
-      .getPersistenceGateway()
+      .getUserGateway()
       .renewIdToken.mockRejectedValue(mockError);
 
     await expect(
@@ -23,7 +23,7 @@ describe('renewIdTokenInteractor', () => {
   it('should rethrow when an error occurs that is not recognized', async () => {
     const mockError = new Error('Cognito exploded!!!');
     applicationContext
-      .getPersistenceGateway()
+      .getUserGateway()
       .renewIdToken.mockRejectedValue(mockError);
 
     await expect(
@@ -35,16 +35,14 @@ describe('renewIdTokenInteractor', () => {
 
   it('should make a call to get an id token and refresh token', async () => {
     const expectedRefresh = 'sometoken';
-    applicationContext.getPersistenceGateway().renewIdToken.mockResolvedValue({
-      idToken: 'abc',
-    });
+    applicationContext.getUserGateway().renewIdToken.mockResolvedValue('abc');
 
     const result = await renewIdTokenInteractor(applicationContext, {
       refreshToken: expectedRefresh,
     });
 
     expect(
-      applicationContext.getPersistenceGateway().renewIdToken.mock.calls[0][1],
+      applicationContext.getUserGateway().renewIdToken.mock.calls[0][1],
     ).toEqual({ refreshToken: expectedRefresh });
     expect(result).toEqual({
       idToken: 'abc',

web-api/src/business/useCases/auth/renewIdTokenInteractor.ts

@@ -8,8 +8,8 @@ export const renewIdTokenInteractor = async (
   idToken: string;
 }> => {
   try {
-    const { idToken } = await applicationContext
-      .getPersistenceGateway()
+    const idToken = await applicationContext
+      .getUserGateway()
       .renewIdToken(applicationContext, { refreshToken });
 
     return {

web-api/src/gateways/user/initiateAuth.ts

@@ -0,0 +1,18 @@
+import { AuthFlowType } from '@aws-sdk/client-cognito-identity-provider';
+import { ServerApplicationContext } from '@web-api/applicationContext';
+
+export async function initiateAuth(
+  applicationContext: ServerApplicationContext,
+  { email, password }: { email: string; password: string },
+) {
+  const result = await applicationContext.getCognito().initiateAuth({
+    AuthFlow: AuthFlowType.USER_PASSWORD_AUTH,
+    AuthParameters: {
+      PASSWORD: password,
+      USERNAME: email,
+    },
+    ClientId: applicationContext.environment.cognitoClientId,
+  });
+
+  return result;
+}