From fc3611811e8a8209c23b9be84505071f4c025e59 Mon Sep 17 00:00:00 2001 From: alexesprit Date: Fri, 14 May 2021 19:44:49 +0300 Subject: [PATCH 1/2] Add method to verify OTP sent to email --- src/auth/index.js | 51 ++++++++++++++++++++++++ test/auth/authentication-client.tests.js | 36 +++++++++++++++++ 2 files changed, 87 insertions(+) diff --git a/src/auth/index.js b/src/auth/index.js index d2afb1c1a..dc6186d02 100644 --- a/src/auth/index.js +++ b/src/auth/index.js @@ -193,6 +193,57 @@ AuthenticationClient.prototype.requestEmailCode = function(data, cb) { return this.passwordless.sendEmail(data, cb); }; +/** + * Verify the given OTP which was sent on the given email. + * + * @method verifyEmailCode + * @memberOf module:auth.AuthenticationClient.prototype + * + * @example + * Given the user credentials (`email` and `otp`), authenticates + * with the provider using the `/oauth/token` endpoint. Upon successful + * authentication, returns a JSON object containing the `access_token` and + * `id_token`. + * + * + * var data = { + * username: '{EMAIL}' + * otp: '{VERIFICATION_CODE}' + * }; + * + * auth0.verifyEmailCode(data, function (err) { + * if (err) { + * // Handle error. + * } + * }); + * + * @example + * The user data object has the following structure. + * + * + * { + * id_token: String, + * access_token: String, + * token_type: String + * } + * + * @param {Object} data Credentials object. + * @param {String} data.email Email. + * @param {String} data.otp Verification code. + * @param {Function} [cb] Method callback. + * + * @return {Promise|undefined} + */ +AuthenticationClient.prototype.verifyEmailCode = function(data, cb) { + var translatedData = { + username: data.email || data.username, + realm: 'email', + otp: data.otp + }; + + return this.passwordless.signIn(translatedData, cb); +}; + /** * Start passwordless flow sending an SMS. * diff --git a/test/auth/authentication-client.tests.js b/test/auth/authentication-client.tests.js index b02a9c1e6..79437f333 100644 --- a/test/auth/authentication-client.tests.js +++ b/test/auth/authentication-client.tests.js @@ -221,4 +221,40 @@ describe('AuthenticationClient', function() { this.client.verifySMSCode({ phone_number: '123', password: 'code' }, this.callback); }); }); + + describe(`verifyEmailCode`, () => { + before(function() { + this.client = new AuthenticationClient({ token: 'token', domain: 'auth0.com' }); + this.passwordlessMock = sinon.mock(this.client.passwordless); + this.callback = function() {}; + }); + it('should call signIn with otp if provided', function() { + this.passwordlessMock + .expects('signIn') + .once() + .withExactArgs( + { + username: '123', + realm: 'email', + otp: 'code' + }, + this.callback + ); + this.client.verifyEmailCode({ email: '123', otp: 'code' }, this.callback); + }); + it('should call signIn with otp if provided', function() { + this.passwordlessMock + .expects('signIn') + .once() + .withExactArgs( + { + username: '123', + realm: 'email', + otp: 'code' + }, + this.callback + ); + this.client.verifyEmailCode({ username: '123', otp: 'code' }, this.callback); + }); + }); }); From 18e2a67543023954456be1ca83526c9ef0a788e3 Mon Sep 17 00:00:00 2001 From: alexesprit Date: Mon, 17 May 2021 20:55:00 +0300 Subject: [PATCH 2/2] Use only `email` property in `verifyEmailCode` method --- src/auth/index.js | 4 ++-- test/auth/authentication-client.tests.js | 14 -------------- 2 files changed, 2 insertions(+), 16 deletions(-) diff --git a/src/auth/index.js b/src/auth/index.js index dc6186d02..e0f35409d 100644 --- a/src/auth/index.js +++ b/src/auth/index.js @@ -207,7 +207,7 @@ AuthenticationClient.prototype.requestEmailCode = function(data, cb) { * * * var data = { - * username: '{EMAIL}' + * email: '{EMAIL}', * otp: '{VERIFICATION_CODE}' * }; * @@ -236,7 +236,7 @@ AuthenticationClient.prototype.requestEmailCode = function(data, cb) { */ AuthenticationClient.prototype.verifyEmailCode = function(data, cb) { var translatedData = { - username: data.email || data.username, + username: data.email, realm: 'email', otp: data.otp }; diff --git a/test/auth/authentication-client.tests.js b/test/auth/authentication-client.tests.js index 79437f333..4f0a744e9 100644 --- a/test/auth/authentication-client.tests.js +++ b/test/auth/authentication-client.tests.js @@ -242,19 +242,5 @@ describe('AuthenticationClient', function() { ); this.client.verifyEmailCode({ email: '123', otp: 'code' }, this.callback); }); - it('should call signIn with otp if provided', function() { - this.passwordlessMock - .expects('signIn') - .once() - .withExactArgs( - { - username: '123', - realm: 'email', - otp: 'code' - }, - this.callback - ); - this.client.verifyEmailCode({ username: '123', otp: 'code' }, this.callback); - }); }); });