rename mfa

Niranjan Jayakar · Niranjan Jayakar · commit 24fb3cfbb706 · 2020-03-17T13:00:32.000Z
diff --git a/packages/@aws-cdk/aws-cognito/README.md b/packages/@aws-cdk/aws-cognito/README.md
@@ -188,8 +188,8 @@ configure an MFA token and use it for sign in. It also allows for the users to u
 ```ts
 new UserPool(this, 'myuserpool', {
   // ...
-  mfaEnforcement: MfaEnforcement.REQUIRED,
-  mfaToken: {
+  mfa: Mfa.REQUIRED,
+  mfaSecondFactor: {
     sms: true,
     otp: true,
   },
diff --git a/packages/@aws-cdk/aws-cognito/lib/user-pool.ts b/packages/@aws-cdk/aws-cognito/lib/user-pool.ts
@@ -307,7 +307,7 @@ export interface UserInvitationConfig {
  * The different ways in which a user pool's MFA enforcement can be configured.
  * @see https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html
  */
-export enum MfaEnforcement {
+export enum Mfa {
   /** Users are not required to use MFA for sign in, and cannot configure one. */
   OFF = 'OFF',
   /** Users are not required to use MFA for sign in, but can configure one if they so choose to. */
@@ -320,7 +320,7 @@ export enum MfaEnforcement {
  * The different ways in which a user pool can obtain their MFA token for sign in.
  * @see https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html
  */
-export interface MfaTypes {
+export interface MfaSecondFactor {
   /**
    * The MFA token is sent to the user via SMS to their verified phone numbers
    * @see https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa-sms-text-message.html
@@ -468,17 +468,17 @@ export interface UserPoolProps {
   /**
    * Configure on whether users of this user pool can or are required use MFA to sign in.
    *
-   * @default MfaEnforcement.OFF
+   * @default Mfa.OFF
    */
-  readonly mfaEnforcement?: MfaEnforcement;
+  readonly mfa?: Mfa;
 
   /**
    * Configure the MFA types that users can use in this user pool. Ignored if `mfaEnforcement` is set to `OFF`.
    *
    * @default - { sms: true, oneTimePassword: false }, if `mfaEnforcement` is set to `OPTIONAL` or `REQUIRED`.
    * { sms: false, oneTimePassword: false }, otherwise
    */
-  readonly mfaTypes?: MfaTypes;
+  readonly mfaSecondFactor?: MfaSecondFactor;
 
   /**
    * Password policy for this user pool.
@@ -629,7 +629,7 @@ export class UserPool extends Resource implements IUserPool {
       emailVerificationSubject,
       smsVerificationMessage,
       verificationMessageTemplate,
-      mfaConfiguration: props.mfaEnforcement,
+      mfaConfiguration: props.mfa,
       enabledMfas: this.mfaConfiguration(props),
       policies: passwordPolicy !== undefined ? { passwordPolicy } : undefined,
       emailConfiguration: undefinedIfNoKeys({
@@ -837,18 +837,18 @@ export class UserPool extends Resource implements IUserPool {
   }
 
   private mfaConfiguration(props: UserPoolProps): string[] | undefined {
-    if (props.mfaEnforcement === undefined || props.mfaEnforcement === MfaEnforcement.OFF) {
+    if (props.mfa === undefined || props.mfa === Mfa.OFF) {
       // since default is OFF, treat undefined and OFF the same way
       return undefined;
-    } else if (props.mfaTypes === undefined &&
-      (props.mfaEnforcement === MfaEnforcement.OPTIONAL || props.mfaEnforcement === MfaEnforcement.REQUIRED)) {
+    } else if (props.mfaSecondFactor === undefined &&
+      (props.mfa === Mfa.OPTIONAL || props.mfa === Mfa.REQUIRED)) {
         return [ 'SMS_MFA' ];
     } else {
       const enabledMfas = [];
-      if (props.mfaTypes!.sms) {
+      if (props.mfaSecondFactor!.sms) {
         enabledMfas.push('SMS_MFA');
       }
-      if (props.mfaTypes!.otp) {
+      if (props.mfaSecondFactor!.otp) {
         enabledMfas.push('SOFTWARE_TOKEN_MFA');
       }
       return enabledMfas;
diff --git a/packages/@aws-cdk/aws-cognito/test/integ.user-pool-explicit-props.ts b/packages/@aws-cdk/aws-cognito/test/integ.user-pool-explicit-props.ts
@@ -1,5 +1,5 @@
 import { App, Duration, Stack } from '@aws-cdk/core';
-import { MfaEnforcement, UserPool } from '../lib';
+import { Mfa, UserPool } from '../lib';
 
 const app = new App();
 const stack = new Stack(app, 'integ-user-pool');
@@ -25,8 +25,8 @@ new UserPool(stack, 'myuserpool', {
     email: true,
     phone: true,
   },
-  mfaEnforcement: MfaEnforcement.REQUIRED,
-  mfaTypes: {
+  mfa: Mfa.REQUIRED,
+  mfaSecondFactor: {
     sms: true,
     otp: true,
   },
diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts b/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts
@@ -3,7 +3,7 @@ import { ABSENT } from '@aws-cdk/assert/lib/assertions/have-resource';
 import { Role } from '@aws-cdk/aws-iam';
 import * as lambda from '@aws-cdk/aws-lambda';
 import { Duration, Stack, Tag } from '@aws-cdk/core';
-import { MfaEnforcement, UserPool, VerificationEmailStyle } from '../lib';
+import { Mfa, UserPool, VerificationEmailStyle } from '../lib';
 
 describe('User Pool', () => {
   test('default setup', () => {
@@ -444,15 +444,15 @@ describe('User Pool', () => {
     // WHEN
     new UserPool(stack, 'Pool1', {
       userPoolName: 'Pool1',
-      mfaTypes: {
+      mfaSecondFactor: {
         sms: true,
         otp: true,
       }
     });
     new UserPool(stack, 'Pool2', {
       userPoolName: 'Pool2',
-      mfaEnforcement: MfaEnforcement.OFF,
-      mfaTypes: {
+      mfa: Mfa.OFF,
+      mfaSecondFactor: {
         sms: true,
         otp: true,
       }
@@ -478,11 +478,11 @@ describe('User Pool', () => {
     // WHEN
     new UserPool(stack, 'Pool1', {
       userPoolName: 'Pool1',
-      mfaEnforcement: MfaEnforcement.OPTIONAL,
+      mfa: Mfa.OPTIONAL,
     });
     new UserPool(stack, 'Pool2', {
       userPoolName: 'Pool2',
-      mfaEnforcement: MfaEnforcement.REQUIRED,
+      mfa: Mfa.REQUIRED,
     });
 
     // THEN
@@ -504,8 +504,8 @@ describe('User Pool', () => {
 
     // WHEN
     new UserPool(stack, 'Pool', {
-      mfaEnforcement: MfaEnforcement.REQUIRED,
-      mfaTypes: {
+      mfa: Mfa.REQUIRED,
+      mfaSecondFactor: {
         sms: true,
         otp: true,
       }
