AWS code-library documentation change
Summary
Added Swift SDK code example for AssociateSoftwareToken API to set up MFA authenticator
Security assessment
Demonstrates MFA secret generation and association process but doesn't fix any security issue. Expands documentation of MFA setup as a security feature.
Diff
diff --git a/code-library/latest/ug/cognito-identity-provider_example_cognito-identity-provider_AssociateSoftwareToken_section.md b/code-library/latest/ug/cognito-identity-provider_example_cognito-identity-provider_AssociateSoftwareToken_section.md index 04ab814a3..c2000db1c 100644 --- a//code-library/latest/ug/cognito-identity-provider_example_cognito-identity-provider_AssociateSoftwareToken_section.md +++ b//code-library/latest/ug/cognito-identity-provider_example_cognito-identity-provider_AssociateSoftwareToken_section.md @@ -285,0 +286,54 @@ There's more on GitHub. Find the complete example and learn how to set up and ru +Swift + + +**SDK for Swift** + + +###### Note + +There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/cognito-identity-provider#code-examples). + + + import AWSCognitoIdentityProvider + + /// Request and display an MFA secret token that the user should enter + /// into their authenticator to set it up for the user account. + /// + /// - Parameters: + /// - cipClient: The `CognitoIdentityProviderClient` to use. + /// - authSession: The authentication session to request an MFA secret + /// for. + /// + /// - Returns: A string containing the MFA secret token that should be + /// entered into the authenticator software. + func getSecretForAppMFA(cipClient: CognitoIdentityProviderClient, authSession: String?) async -> String? { + do { + let output = try await cipClient.associateSoftwareToken( + input: AssociateSoftwareTokenInput( + session: authSession + ) + ) + + guard let secretCode = output.secretCode else { + print("*** Unable to get the secret code") + return nil + } + + print("=====> Enter this token into Google Authenticator: \(secretCode)") + return output.session + } catch _ as SoftwareTokenMFANotFoundException { + print("*** The specified user pool isn't configured for MFA.") + return nil + } catch { + print("*** An unexpected error occurred getting the secret for the app's MFA.") + return nil + } + } + + + + * For API details, see [AssociateSoftwareToken](https://sdk.amazonaws.com/swift/api/awscognitoidentityprovider/latest/documentation/awscognitoidentityprovider/cognitoidentityproviderclient/associatesoftwaretoken\(input:\)) in _AWS SDK for Swift API reference_. + + + +