remove startMfaSignIn step for TOTP.

prameshj · prameshj · commit 0232c0e24fea · 2023-02-17T18:12:58.000-08:00
TOTP only needs a finalize step.
diff --git a/packages/auth/src/api/authentication/mfa.ts b/packages/auth/src/api/authentication/mfa.ts
@@ -51,27 +51,13 @@ export interface StartPhoneMfaSignInRequest {
   };
   tenantId?: string;
 }
-export interface StartTotpMfaSignInRequest {
-  mfaPendingCredential: string;
-  mfaEnrollmentId: string;
-  totpSignInInfo: {
-    verificationCode: string;
-  };
-  tenantId?: string;
-}
 
 export interface StartPhoneMfaSignInResponse {
   phoneResponseInfo: {
     sessionInfo: string;
   };
 }
 
-export interface StartTotpMfaSignInResponse {
-  totpSignInInfo: {
-    verificationCode: string;
-  };
-}
-
 export function startSignInPhoneMfa(
   auth: Auth,
   request: StartPhoneMfaSignInRequest
@@ -87,27 +73,15 @@ export function startSignInPhoneMfa(
   );
 }
 
-export function startSignInTotpMfa(
-  auth: Auth,
-  request: StartTotpMfaSignInRequest
-): Promise<StartTotpMfaSignInResponse> {
-  return _performApiRequest<
-    StartTotpMfaSignInRequest,
-    StartTotpMfaSignInResponse
-  >(
-    auth,
-    HttpMethod.POST,
-    Endpoint.START_MFA_SIGN_IN,
-    _addTidIfNecessary(auth, request)
-  );
-}
-
 export interface FinalizePhoneMfaSignInRequest {
   mfaPendingCredential: string;
   phoneVerificationInfo: SignInWithPhoneNumberRequest;
   tenantId?: string;
 }
 
+// TOTP MFA Sign in only has a finalize phase. Phone MFA has a start phase to initiate sending an
+// SMS and a finalize phase to complete sign in. With TOTP, the user already has the OTP in the
+// TOTP/Authenticator app.
 export interface FinalizeTotpMfaSignInRequest {
   mfaPendingCredential: string;
   totpVerificationInfo: { verificationCode: string };
diff --git a/packages/auth/src/mfa/assertions/totp.test.ts b/packages/auth/src/mfa/assertions/totp.test.ts
@@ -26,7 +26,6 @@ import { MultiFactorSessionImpl } from '../../mfa/mfa_session';
 import { StartTotpMfaEnrollmentResponse } from '../../api/account_management/mfa';
 import {
   FinalizeMfaResponse,
-  StartTotpMfaSignInResponse
 } from '../../api/authentication/mfa';
 import {
   TotpMultiFactorAssertionImpl,
@@ -215,7 +214,6 @@ describe('core/mfa/totp/assertions/TotpMultiFactorAssertionImpl', () => {
 describe('Testing signin Flow', () => {
   let auth: TestAuth;
   let assertion: MultiFactorAssertionImpl;
-  let totpSignInResponse: StartTotpMfaSignInResponse;
   let session: MultiFactorSessionImpl;
   beforeEach(async () => {
     mockFetch.setUp();
@@ -227,24 +225,21 @@ describe('Testing signin Flow', () => {
   afterEach(mockFetch.tearDown);
 
   it('should finalize mfa signin for totp', async () => {
-    totpSignInResponse = {
-      verificationCode: '123456',
+    const mockResponse: FinalizeMfaResponse = {
       idToken: 'final-id-token',
       refreshToken: 'refresh-token'
-    } as any;
+    };
+    const mock = mockEndpoint(
+      Endpoint.FINALIZE_MFA_SIGN_IN,
+      mockResponse
+    );
     assertion = TotpMultiFactorGenerator.assertionForSignIn(
       'enrollment-id',
       '123456'
     ) as any;
-
-    const mock = mockEndpoint(
-      Endpoint.FINALIZE_MFA_SIGN_IN,
-      totpSignInResponse
-    );
-
     const response = await assertion._process(auth, session);
 
-    expect(response).to.eql(totpSignInResponse);
+    expect(response).to.eql(mockResponse);
 
     expect(mock.calls[0].request).to.eql({
       mfaPendingCredential: 'mfa-pending-credential',
@@ -256,12 +251,6 @@ describe('Testing signin Flow', () => {
   });
 
   it('should throw Firebase Error if enrollment-id is undefined', async () => {
-    let _response: FinalizeMfaResponse;
-    totpSignInResponse = {
-      verificationCode: '123456',
-      idToken: 'final-id-token',
-      refreshToken: 'refresh-token'
-    } as any;
     assertion = TotpMultiFactorGenerator.assertionForSignIn(
       undefined as any,
       '123456'
@@ -273,12 +262,6 @@ describe('Testing signin Flow', () => {
   });
 
   it('should throw Firebase Error if otp is undefined', async () => {
-    let _response: FinalizeMfaResponse;
-    totpSignInResponse = {
-      verificationCode: '123456',
-      idToken: 'final-id-token',
-      refreshToken: 'refresh-token'
-    } as any;
     assertion = TotpMultiFactorGenerator.assertionForSignIn(
       'enrollment-id',
       undefined as any
diff --git a/packages/auth/src/mfa/mfa_info.ts b/packages/auth/src/mfa/mfa_info.ts
@@ -48,7 +48,6 @@ export abstract class MultiFactorInfoImpl implements MultiFactorInfo {
     if ('phoneInfo' in enrollment) {
       return PhoneMultiFactorInfoImpl._fromServerResponse(auth, enrollment);
     } else if ('totpInfo' in enrollment) {
-      // TODO(prameshj) ensure that this field is set by the backend once the tracking bug is fixed.
       return TotpMultiFactorInfoImpl._fromServerResponse(auth, enrollment);
     }
     return _fail(auth, AuthErrorCode.INTERNAL_ERROR);

Original file line number	Diff line number	Diff line change
`@@ -48,7 +48,6 @@ export abstract class MultiFactorInfoImpl implements MultiFactorInfo {`
`48`	`48`	`if ('phoneInfo' in enrollment) {`
`49`	`49`	`return PhoneMultiFactorInfoImpl._fromServerResponse(auth, enrollment);`
`50`	`50`	`} else if ('totpInfo' in enrollment) {`
`51`		`- // TODO(prameshj) ensure that this field is set by the backend once the tracking bug is fixed.`
`52`	`51`	`return TotpMultiFactorInfoImpl._fromServerResponse(auth, enrollment);`
`53`	`52`	`}`
`54`	`53`	`return _fail(auth, AuthErrorCode.INTERNAL_ERROR);`