notp update user (#561)

Author: asafshen

descope/api/client.go

@@ -45,6 +45,7 @@ var (
 			signUpNOTP:                   "auth/notp/whatsapp/signup",
 			signInNOTP:                   "auth/notp/whatsapp/signin",
 			signUpOrInNOTP:               "auth/notp/whatsapp/signup-in",
+			updateUserNOTP:               "auth/notp/whatsapp/update",
 			getNOTPSession:               "auth/notp/pending-session",
 			verifyCode:                   "auth/otp/verify",
 			signUpPassword:               "auth/password/signup",
@@ -276,6 +277,7 @@ type authEndpoints struct {
 	signUpNOTP                   string
 	signInNOTP                   string
 	signUpOrInNOTP               string
+	updateUserNOTP               string
 	getNOTPSession               string
 	verifyCode                   string
 	signUpPassword               string
@@ -524,6 +526,10 @@ func (e *endpoints) SignUpOrInNOTP() string {
 	return path.Join(e.version, e.auth.signUpOrInNOTP)
 }
 
+func (e *endpoints) UpdateUserNOTP() string {
+	return path.Join(e.version, e.auth.updateUserNOTP)
+}
+
 func (e *endpoints) GetNOTPSession() string {
 	return path.Join(e.version, e.auth.getNOTPSession)
 }

descope/internal/auth/auth.go

@@ -962,6 +962,10 @@ func composeNOTPSignUpOrInURL() string {
 	return api.Routes.SignUpOrInNOTP()
 }
 
+func composeNOTPUpdateUserURL() string {
+	return api.Routes.UpdateUserNOTP()
+}
+
 func composeNOTPGetSession() string {
 	return api.Routes.GetNOTPSession()
 }

descope/internal/auth/notp.go

@@ -5,6 +5,7 @@ import (
 	"net/http"
 
 	"github.com/descope/go-sdk/descope"
+	"github.com/descope/go-sdk/descope/internal/utils"
 )
 
 type notp struct {
@@ -64,3 +65,23 @@ func (auth *notp) GetSession(ctx context.Context, pendingRef string, w http.Resp
 	}
 	return auth.generateAuthenticationInfo(httpResponse, w)
 }
+
+func (auth *notp) UpdateUser(ctx context.Context, loginID, phone string, updateOptions *descope.NOTPUpdateOptions, r *http.Request) (*descope.NOTPResponse, error) {
+	if loginID == "" {
+		return nil, utils.NewInvalidArgumentError("loginID")
+	}
+
+	pswd, err := getValidRefreshToken(r)
+	if err != nil {
+		return nil, err
+	}
+	if updateOptions == nil {
+		updateOptions = &descope.NOTPUpdateOptions{}
+	}
+
+	httpResponse, err := auth.client.DoPostRequest(ctx, composeNOTPUpdateUserURL(), newNOTPUpdateUserRequestBody(loginID, phone, updateOptions), nil, pswd)
+	if err != nil {
+		return nil, err
+	}
+	return getNOTPResponse(httpResponse)
+}

descope/internal/auth/notp_test.go

@@ -12,6 +12,7 @@ import (
 
 	"github.com/descope/go-sdk/descope"
 	"github.com/descope/go-sdk/descope/api"
+	"github.com/descope/go-sdk/descope/internal/utils"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
@@ -313,6 +314,7 @@ func TestSignUpNOTPNoUser(t *testing.T) {
 	_, err = a.NOTP().SignUp(context.Background(), phone, nil, nil)
 	require.NoError(t, err)
 }
+
 func TestSignUpOrInNOTPNoLoginID(t *testing.T) {
 	a, err := newTestAuth(nil, func(_ *http.Request) (*http.Response, error) {
 		return &http.Response{
@@ -324,3 +326,93 @@ func TestSignUpOrInNOTPNoLoginID(t *testing.T) {
 	_, err = a.NOTP().SignUpOrIn(context.Background(), "", nil)
 	require.NoError(t, err)
 }
+
+func TestUpdateUserNOTPEmptyLoginID(t *testing.T) {
+	a, err := newTestAuth(nil, func(_ *http.Request) (*http.Response, error) {
+		return nil, nil
+	})
+	require.NoError(t, err)
+	_, err = a.NOTP().UpdateUser(context.Background(), "", "", nil, nil)
+	require.Error(t, err)
+	require.ErrorContains(t, err, utils.NewInvalidArgumentError("loginID").Message)
+}
+
+func TestUpdateUserNOTPMissingRefreshToken(t *testing.T) {
+	a, err := newTestAuth(nil, func(_ *http.Request) (*http.Response, error) {
+		return nil, nil
+	})
+	require.NoError(t, err)
+	_, err = a.NOTP().UpdateUser(context.Background(), "login-id", "", nil, nil)
+	require.Error(t, err)
+	assert.ErrorIs(t, err, descope.ErrRefreshToken)
+}
+
+func TestUpdateUserNOTPWithoutOptions(t *testing.T) {
+	loginID := "943248329844"
+	phone := "+111111111111"
+	a, err := newTestAuth(nil, func(r *http.Request) (*http.Response, error) {
+		assert.EqualValues(t, composeNOTPUpdateUserURL(), r.URL.RequestURI())
+
+		body, err := readBodyMap(r)
+		require.NoError(t, err)
+		assert.EqualValues(t, loginID, body["loginId"])
+		assert.EqualValues(t, phone, body["phone"])
+		assert.Nil(t, body["addToLoginIDs"])
+		assert.Nil(t, body["onMergeUseExisting"])
+		assert.Nil(t, body["templateOptions"])
+		u, p := getProjectAndJwt(r)
+		assert.NotEmpty(t, u)
+		assert.NotEmpty(t, p)
+		resp := descope.NOTPResponse{}
+		respBytes, err := utils.Marshal(resp)
+		require.NoError(t, err)
+		return &http.Response{StatusCode: http.StatusOK, Body: io.NopCloser(bytes.NewBuffer(respBytes))}, nil
+	})
+	require.NoError(t, err)
+	r := &http.Request{Header: http.Header{}}
+	r.AddCookie(&http.Cookie{Name: descope.RefreshCookieName, Value: jwtTokenValid})
+	_, err = a.NOTP().UpdateUser(context.Background(), loginID, phone, nil, r)
+	require.NoError(t, err)
+}
+
+func TestUpdateUserNOTPWithOptions(t *testing.T) {
+	loginID := "943248329844"
+	phone := "+111111111111"
+	options := &descope.NOTPUpdateOptions{
+		AddToLoginIDs:      true,
+		OnMergeUseExisting: true,
+		ProviderID:         "provider-id",
+		TemplateOptions: map[string]string{
+			"key1": "value1",
+		},
+		Templates: &descope.NOTPTemplates{
+			VerifyTemplateID:  "verify-template-id",
+			SuccessTemplateID: "success-template-id",
+			ErrorTemplateID:   "error-template-id",
+		},
+	}
+	a, err := newTestAuth(nil, func(r *http.Request) (*http.Response, error) {
+		assert.EqualValues(t, composeNOTPUpdateUserURL(), r.URL.RequestURI())
+
+		body, err := readBodyMap(r)
+		require.NoError(t, err)
+		assert.EqualValues(t, loginID, body["loginId"])
+		assert.EqualValues(t, phone, body["phone"])
+		assert.EqualValues(t, true, body["addToLoginIDs"])
+		assert.EqualValues(t, true, body["onMergeUseExisting"])
+		assert.NotEmpty(t, body["templates"])
+		assert.NotEmpty(t, body["templateOptions"])
+		u, p := getProjectAndJwt(r)
+		assert.NotEmpty(t, u)
+		assert.NotEmpty(t, p)
+		resp := descope.NOTPResponse{}
+		respBytes, err := utils.Marshal(resp)
+		require.NoError(t, err)
+		return &http.Response{StatusCode: http.StatusOK, Body: io.NopCloser(bytes.NewBuffer(respBytes))}, nil
+	})
+	require.NoError(t, err)
+	r := &http.Request{Header: http.Header{}}
+	r.AddCookie(&http.Cookie{Name: descope.RefreshCookieName, Value: jwtTokenValid})
+	_, err = a.NOTP().UpdateUser(context.Background(), loginID, phone, options, r)
+	require.NoError(t, err)
+}

descope/internal/auth/utils.go

@@ -85,6 +85,17 @@ type notpAuthenticationRequestBody struct {
 	LoginOptions               *descope.LoginOptions `json:"loginOptions,omitempty"`
 }
 
+type notpUpdateUserRequestBody struct {
+	LoginID            string                 `json:"loginId,omitempty"`
+	Phone              string                 `json:"phone,omitempty"`
+	AddToLoginIDs      bool                   `json:"addToLoginIDs,omitempty"`
+	OnMergeUseExisting bool                   `json:"onMergeUseExisting,omitempty"`
+	ProviderID         string                 `json:"providerId,omitempty"`
+	Templates          *descope.NOTPTemplates `json:"templates,omitempty"`
+	TemplateOptions    map[string]string      `json:"templateOptions,omitempty"`
+	Locale             string                 `json:"locale,omitempty"`
+}
+
 type otpUpdateEmailRequestBody struct {
 	*descope.UpdateOptions `json:",inline"`
 	LoginID                string `json:"loginId,omitempty"`
@@ -181,6 +192,19 @@ func newNOTPAuthenticationSignUpRequestBody(loginID string, user *descope.User,
 	return res
 }
 
+func newNOTPUpdateUserRequestBody(loginID string, phone string, options *descope.NOTPUpdateOptions) *notpUpdateUserRequestBody {
+	return &notpUpdateUserRequestBody{
+		LoginID:            loginID,
+		Phone:              phone,
+		AddToLoginIDs:      options.AddToLoginIDs,
+		OnMergeUseExisting: options.OnMergeUseExisting,
+		ProviderID:         options.ProviderID,
+		Templates:          options.Templates,
+		TemplateOptions:    options.TemplateOptions,
+		Locale:             options.Locale,
+	}
+}
+
 func newOTPUpdatePhoneRequestBody(loginID, phone string, updateOptions *descope.UpdateOptions) *otpUpdatePhoneRequestBody {
 	return &otpUpdatePhoneRequestBody{LoginID: loginID, Phone: phone, UpdateOptions: updateOptions}
 }

descope/sdk/auth.go

@@ -159,6 +159,9 @@ type NOTP interface {
 	// GetSession - Use to get a session that was generated by SignIn/SignUp/SignUpOrIn request.
 	// This function will return a proper JWT only after Verify succeed for this sign-in/sign-up/sign-up-or-in.
 	GetSession(ctx context.Context, pendingRef string, w http.ResponseWriter) (*descope.AuthenticationInfo, error)
+
+	// UpdateUser - Use to update user details with NOTP (WhatsApp) authentication.
+	UpdateUser(ctx context.Context, loginID, phone string, updateOptions *descope.NOTPUpdateOptions, request *http.Request) (*descope.NOTPResponse, error)
 }
 
 type Password interface {

descope/tests/mocks/auth/authenticationmock.go

@@ -316,6 +316,10 @@ type MockNOTP struct {
 	GetSessionAssert   func(pendingRef string, w http.ResponseWriter)
 	GetSessionResponse *descope.AuthenticationInfo
 	GetSessionError    error
+
+	UpdateUserAssert   func(loginID, phone string, updateOptions *descope.NOTPUpdateOptions, r *http.Request)
+	UpdateUserError    error
+	UpdateUserResponse *descope.NOTPResponse
 }
 
 func (m *MockNOTP) SignIn(_ context.Context, loginID string, r *http.Request, loginOptions *descope.LoginOptions) (*descope.NOTPResponse, error) {
@@ -346,6 +350,13 @@ func (m *MockNOTP) GetSession(_ context.Context, pendingRef string, w http.Respo
 	return m.GetSessionResponse, m.GetSessionError
 }
 
+func (m *MockNOTP) UpdateUser(_ context.Context, loginID, phone string, updateOptions *descope.NOTPUpdateOptions, r *http.Request) (*descope.NOTPResponse, error) {
+	if m.UpdateUserAssert != nil {
+		m.UpdateUserAssert(loginID, phone, updateOptions, r)
+	}
+	return m.UpdateUserResponse, m.UpdateUserError
+}
+
 // Mock Password
 
 type MockPassword struct {

descope/types.go

@@ -608,6 +608,21 @@ type UpdateOptions struct {
 	ProviderID         string            `json:"providerId,omitempty"`
 }
 
+type NOTPTemplates struct {
+	VerifyTemplateID  string `json:"verifyTemplateId,omitempty"`
+	SuccessTemplateID string `json:"successTemplateId,omitempty"`
+	ErrorTemplateID   string `json:"errorTemplateId,omitempty"`
+}
+
+type NOTPUpdateOptions struct {
+	AddToLoginIDs      bool              `json:"addToLoginIDs,omitempty"`
+	OnMergeUseExisting bool              `json:"onMergeUseExisting,omitempty"`
+	TemplateOptions    map[string]string `json:"templateOptions,omitempty"` // for providing messaging template options (templates that are being sent via email / text message)
+	ProviderID         string            `json:"providerId,omitempty"`
+	Templates          *NOTPTemplates    `json:"templates,omitempty"`
+	Locale             string            `json:"locale,omitempty"` // locale for the message
+}
+
 type AccessKeyResponse struct {
 	ID           string              `json:"id,omitempty"`
 	Name         string              `json:"name,omitempty"`