fix(auth)!: Fetch Auth Session offline behavior

packages/auth/amplify_auth_cognito/example/integration_test/custom_authorizer_test.dart

@@ -115,9 +115,7 @@ void main() {
               final cognitoPlugin = Amplify.Auth.getPlugin(
                 AmplifyAuthCognito.pluginKey,
               );
-              final session = await cognitoPlugin.fetchAuthSession(
-                options: const CognitoSessionOptions(getAWSCredentials: true),
-              );
+              final session = await cognitoPlugin.fetchAuthSession();
               expect(session.credentials, isNotNull);
 
               final restApi = config.api!.awsPlugin!.values
@@ -170,9 +168,7 @@ void main() {
               final cognitoPlugin = Amplify.Auth.getPlugin(
                 AmplifyAuthCognito.pluginKey,
               );
-              final session = await cognitoPlugin.fetchAuthSession(
-                options: const CognitoSessionOptions(getAWSCredentials: true),
-              );
+              final session = await cognitoPlugin.fetchAuthSession();
               expect(session.credentials, isNotNull);
 
               final restApi = config.api!.awsPlugin!.values
@@ -226,9 +222,7 @@ void main() {
               final cognitoPlugin = Amplify.Auth.getPlugin(
                 AmplifyAuthCognito.pluginKey,
               );
-              final session = await cognitoPlugin.fetchAuthSession(
-                options: const CognitoSessionOptions(getAWSCredentials: true),
-              );
+              final session = await cognitoPlugin.fetchAuthSession();
               expect(session.credentials, isNotNull);
 
               final restOperation = Amplify.API.post(

packages/auth/amplify_auth_cognito/example/integration_test/federated_sign_in_test.dart

@@ -105,9 +105,7 @@ void main() {
 
     asyncTest('replaces unauthenticated identity', (_) async {
       // Get unauthenticated identity
-      final unauthSession = await cognitoPlugin.fetchAuthSession(
-        options: const CognitoSessionOptions(getAWSCredentials: true),
-      );
+      final unauthSession = await cognitoPlugin.fetchAuthSession();
 
       final authSession = await federateToIdentityPool();
       expect(
@@ -124,9 +122,7 @@ void main() {
 
     asyncTest('can specify identity ID', (_) async {
       // Get unauthenticated identity (doesn't matter, just need identity ID)
-      final unauthSession = await cognitoPlugin.fetchAuthSession(
-        options: const CognitoSessionOptions(getAWSCredentials: true),
-      );
+      final unauthSession = await cognitoPlugin.fetchAuthSession();
       final identityId = unauthSession.identityId!;
 
       final signInResult = await cognitoPlugin.signIn(
@@ -176,7 +172,7 @@ void main() {
     });
 
     asyncTest('can clear federation', (_) async {
-      await federateToIdentityPool();
+      final federateToIdentityPoolResult = await federateToIdentityPool();
 
       await expectLater(
         cognitoPlugin.clearFederationToIdentityPool(),
@@ -186,13 +182,13 @@ void main() {
       final clearedSession = await cognitoPlugin.fetchAuthSession();
       expect(
         clearedSession.identityId,
-        isNull,
-        reason: 'Should clear session',
+        isNot(federateToIdentityPoolResult.identityId),
+        reason: 'Should clear session and refetch',
       );
       expect(
         clearedSession.credentials,
-        isNull,
-        reason: 'Should clear session',
+        isNot(federateToIdentityPoolResult.credentials),
+        reason: 'Should clear session and refetch',
       );
     });
 

packages/auth/amplify_auth_cognito/example/integration_test/fetch_auth_session_test.dart

@@ -19,64 +19,60 @@ void main() {
     final username = generateUsername();
     final password = generatePassword();
 
-    setUpAll(() async {
-      await configureAuth();
+    group('unauthenticated access enabled', () {
+      setUpAll(() async {
+        await configureAuth();
 
-      await adminCreateUser(
-        username,
-        password,
-        autoConfirm: true,
-        verifyAttributes: true,
-      );
-    });
-
-    tearDownAll(Amplify.reset);
-
-    setUp(() async {
-      await signOutUser();
-      final res = await Amplify.Auth.signIn(
-        username: username,
-        password: password,
-      );
-      expect(res.isSignedIn, isTrue);
-    });
+        await adminCreateUser(
+          username,
+          password,
+          autoConfirm: true,
+          verifyAttributes: true,
+        );
+      });
 
-    asyncTest(
-      'should return user credentials if getAWSCredentials is true',
-      (_) async {
-        final res = await Amplify.Auth.fetchAuthSession(
-          options: const CognitoSessionOptions(getAWSCredentials: true),
-        ) as CognitoAuthSession;
+      tearDownAll(Amplify.reset);
 
+      setUp(() async {
+        await signOutUser();
+        final res = await Amplify.Auth.signIn(
+          username: username,
+          password: password,
+        );
         expect(res.isSignedIn, isTrue);
-        expect(isValidUserSub(res.userSub), isTrue);
-        expect(isValidIdentityId(res.identityId), isTrue);
-        expect(isValidAWSCredentials(res.credentials), isTrue);
-        expect(isValidAWSCognitoUserPoolTokens(res.userPoolTokens), isTrue);
-      },
-    );
-
-    asyncTest(
-      'should return user credentials without getAWSCredentials',
-      (_) async {
-        final res = await Amplify.Auth.fetchAuthSession() as CognitoAuthSession;
+      });
 
-        expect(res.isSignedIn, isTrue);
-        expect(isValidUserSub(res.userSub), isTrue);
-        expect(isValidIdentityId(res.identityId), isTrue);
-        expect(isValidAWSCredentials(res.credentials), isTrue);
-        expect(isValidAWSCognitoUserPoolTokens(res.userPoolTokens), isTrue);
-      },
-    );
+      asyncTest(
+        'should return user credentials',
+        (_) async {
+          final res =
+              await Amplify.Auth.fetchAuthSession() as CognitoAuthSession;
+          expect(res.isSignedIn, isTrue);
+          expect(isValidUserSub(res.userSub), isTrue);
+          expect(isValidIdentityId(res.identityId), isTrue);
+          expect(isValidAWSCredentials(res.credentials), isTrue);
+          expect(isValidAWSCognitoUserPoolTokens(res.userPoolTokens), isTrue);
+        },
+      );
 
-    asyncTest(
-      'should return isSignedIn as false if the user is signed out',
-      (_) async {
-        await Amplify.Auth.signOut();
+      group('user is signed out', () {
+        asyncTest(
+          'should return isSignedIn as false with credentials present',
+          (_) async {
+            await Amplify.Auth.signOut();
+            final res =
+                await Amplify.Auth.fetchAuthSession() as CognitoAuthSession;
+            expect(res.isSignedIn, isFalse);
+            expect(res.userPoolTokens, isNull);
+            expect(res.userSub, isNull);
+            expect(isValidIdentityId(res.identityId), isTrue);
+            expect(isValidAWSCredentials(res.credentials), isTrue);
+          },
+        );
+      });
+    });
 
-        final res = await Amplify.Auth.fetchAuthSession();
-        expect(res.isSignedIn, isFalse);
-      },
-    );
+    // TODO(Jordan-Nelson): add tests for unauthenticated access NOT enabled
+    // and user pool only.
   });
 }

packages/auth/amplify_auth_cognito/example/integration_test/sign_in_sign_out_test.dart

@@ -94,9 +94,8 @@ void main() {
 
     asyncTest('identity ID should be the same between sessions', (_) async {
       // Get unauthenticated identity
-      final unauthSession = await Amplify.Auth.fetchAuthSession(
-        options: const CognitoSessionOptions(getAWSCredentials: true),
-      ) as CognitoAuthSession;
+      final unauthSession =
+          await Amplify.Auth.fetchAuthSession() as CognitoAuthSession;
 
       // Sign in
       {
@@ -108,9 +107,8 @@ void main() {
       }
 
       // Get authenticated identity
-      final authSession = await Amplify.Auth.fetchAuthSession(
-        options: const CognitoSessionOptions(getAWSCredentials: true),
-      ) as CognitoAuthSession;
+      final authSession =
+          await Amplify.Auth.fetchAuthSession() as CognitoAuthSession;
       final authenticatedIdentity = authSession.identityId;
       expect(
         authenticatedIdentity,
@@ -132,9 +130,8 @@ void main() {
         expect(signInRes.nextStep.signInStep, 'DONE');
       }
 
-      final newSession = await Amplify.Auth.fetchAuthSession(
-        options: const CognitoSessionOptions(getAWSCredentials: true),
-      ) as CognitoAuthSession;
+      final newSession =
+          await Amplify.Auth.fetchAuthSession() as CognitoAuthSession;
       expect(
         newSession.identityId,
         authenticatedIdentity,

packages/auth/amplify_auth_cognito/example/lib/main.dart

@@ -163,9 +163,7 @@ class _HomeScreenState extends State<HomeScreen> {
   }
 
   Future<void> _fetchAuthSession() async {
-    final authSession = await Amplify.Auth.fetchAuthSession(
-      options: const CognitoSessionOptions(getAWSCredentials: true),
-    ) as CognitoAuthSession;
+    final authSession = await Amplify.Auth.fetchAuthSession();
     _logger.info(
       prettyPrintJson(authSession.toJson()),
     );

packages/auth/amplify_auth_cognito/lib/src/auth_plugin_impl.dart

@@ -195,13 +195,9 @@ class _NativeAmplifyAuthCognito
   final CognitoAuthStateMachine _stateMachine;
 
   @override
-  Future<NativeAuthSession> fetchAuthSession(
-    bool getAwsCredentials,
-  ) async {
+  Future<NativeAuthSession> fetchAuthSession() async {
     try {
-      final authSession = await _basePlugin.fetchAuthSession(
-        options: CognitoSessionOptions(getAWSCredentials: getAwsCredentials),
-      );
+      final authSession = await _basePlugin.fetchAuthSession();
       final nativeAuthSession = NativeAuthSession(
         isSignedIn: authSession.isSignedIn,
         userSub: authSession.userSub,

packages/auth/amplify_auth_cognito/pigeons/native_auth_plugin.dart

@@ -35,7 +35,7 @@ abstract class NativeAuthPlugin {
   void exchange(Map<String, String> params);
 
   @async
-  NativeAuthSession fetchAuthSession(bool getAwsCredentials);
+  NativeAuthSession fetchAuthSession();
 }
 
 @HostApi()

packages/auth/amplify_auth_cognito_android/android/src/main/kotlin/com/amazonaws/amplify/amplify_auth_cognito/NativeAuthPlugin.kt

@@ -77,7 +77,7 @@ class NativeAuthPlugin(
             return
         }
         MainScope().launch {
-            nativePlugin.fetchAuthSession(true) { session ->
+            nativePlugin.fetchAuthSession() { session ->
                 val couldNotFetchException = UnknownException("Could not fetch")
                 val userPoolTokens = if (session.userPoolTokens != null) {
                     val tokens = FlutterFactory.createAWSCognitoUserPoolTokens(

packages/auth/amplify_auth_cognito_android/android/src/test/kotlin/com/amazonaws/amplify/amplify_auth_cognito/NativeAuthPluginTests.kt

@@ -10,6 +10,7 @@ import org.junit.Test
 import org.mockito.kotlin.any
 import org.mockito.kotlin.argumentCaptor
 import org.mockito.kotlin.check
+import org.mockito.kotlin.eq
 import org.mockito.kotlin.mock
 import org.mockito.kotlin.verify
 
@@ -20,9 +21,9 @@ internal class NativeAuthPluginTests {
         val nativeAuthPlugin = NativeAuthPluginBindingsPigeon.NativeAuthPlugin(mockBinaryMessenger)
         val mockCallback =
             mock<NativeAuthPluginBindingsPigeon.NativeAuthPlugin.Reply<NativeAuthPluginBindingsPigeon.NativeAuthSession>>()
-        nativeAuthPlugin.fetchAuthSession(true, mockCallback)
+        nativeAuthPlugin.fetchAuthSession(mockCallback)
         val callback = argumentCaptor<BinaryMessenger.BinaryReply>()
-        verify(mockBinaryMessenger).send(any(), any(), callback.capture())
+        verify(mockBinaryMessenger).send(any(), eq(null), callback.capture())
         val codec = NativeAuthPluginBindingsPigeon.NativeAuthPlugin.getCodec()
         val authSession = NativeAuthPluginBindingsPigeon.NativeAuthSession.Builder().apply {
             setIsSignedIn(isSignedIn)

packages/auth/amplify_auth_cognito_dart/example/lib/common.dart

@@ -75,11 +75,7 @@ Future<void> changePassword({
 }
 
 Future<CognitoAuthSession> fetchAuthSession() async {
-  final res = await Amplify.Auth.fetchAuthSession(
-    options: const CognitoSessionOptions(
-      getAWSCredentials: true,
-    ),
-  );
+  final res = await Amplify.Auth.fetchAuthSession();
   return res as CognitoAuthSession;
 }
 

packages/auth/amplify_auth_cognito_dart/example/web/components/app_component.dart

@@ -84,11 +84,8 @@ class AppComponent extends StatefulComponent {
       AuthState startingAuthState;
 
       try {
-        final session = await Amplify.Auth.fetchAuthSession(
-          options: const CognitoSessionOptions(
-            getAWSCredentials: true,
-          ),
-        ) as CognitoAuthSession;
+        final session =
+            await Amplify.Auth.fetchAuthSession() as CognitoAuthSession;
         startingAuthState =
             session.isSignedIn ? AuthState.authenticated : AuthState.login;
       } on Exception {

packages/auth/amplify_auth_cognito_dart/lib/src/auth_plugin_impl.dart

@@ -1066,7 +1066,7 @@ class AmplifyAuthCognitoDart extends AuthPluginInterface<
       // Try to refresh AWS credentials since Cognito requests will require
       // them.
       await fetchAuthSession(
-        options: const CognitoSessionOptions(getAWSCredentials: true),
+        options: const CognitoSessionOptions(),
       );
       if (options.globalSignOut) {
         // Revokes the refresh token