Add required attributes when pushing new password back to server

README.md

@@ -150,6 +150,17 @@ export default class CurrentUserService extends Service {
 }
 ```
 
+If the Cognito User Pool has required attributes on a new user, you need to set these on the user before completing the login process by calling `authenticate` again.
+```
+var state = // state comes from authentication failure with NEW_PASSWORD_REQUIRED
+// state.user.challengeParam.required_attributes is an array of required Cognito attributes that you must populate, eg 'given_name'
+state.user.challengeParam.userAttributes.given_name = 'Bryan'; // obvs, get this from an input
+await this.session.authenticate('authenticator:cognito', {
+  password: newPassword,
+  state: this.model,
+});.
+```
+
 You can see examples of usages of these API methods in the 
 [full-featured dummy app](https://github.com/paulcwatts/ember-cognito/blob/master/tests/dummy/app).
 

addon/authenticators/cognito.js

@@ -51,7 +51,14 @@ export default class CognitoAuthenticator extends Base {
   }
 
   async _handleNewPasswordRequired({ password, state: { user } }) {
-    const user2 = await this.auth.completeNewPassword(user, password);
+    var attributes = {};
+    var userAttributes = user.challengeParam?.userAttributes;
+    if (userAttributes && user.challengeParam?.requiredAttributes) {
+      user.challengeParam?.requiredAttributes.forEach((name) => {
+        attributes[name] = userAttributes[name];
+      });
+    }
+    const user2 = await this.auth.completeNewPassword(user, password, attributes);
     return this._handleSignIn(user2);
   }
 

tests/unit/authenticators/cognito-test.js

@@ -152,6 +152,59 @@ module('Unit | Authenticator | cognito', function (hooks) {
     );
   });
 
+  test('authenticateUser, newPasswordRequired, with required attributes', async function (assert) {
+    assert.expect(9);
+
+    const service = this.owner.lookup('authenticator:cognito');
+    let user = newUser('testuser');
+    user.challengeName = 'NEW_PASSWORD_REQUIRED';
+    user.challengeParam = {
+      requiredAttributes: ['given_name', 'family_name'],
+      userAttributes: {
+        not_to_be_sent: 'never',
+        given_name: '',
+        family_name: ''
+      }
+    };
+    await mockAuth(MockAuth.create({ _authenticatedUser: user }));
+
+    var attributesSentToServer = {};
+    // mock call to cognito server
+    service.auth.completeNewPassword = (user, _password, attributes) => {
+      attributesSentToServer = attributes;
+      return user;
+    }
+
+    let state;
+    try {
+      await service.authenticate({
+        username: 'testuser',
+        password: 'password',
+      });
+      assert.ok(false, 'Should not resolve');
+    } catch (err) {
+      state = err.state;
+      assert.strictEqual(err.state.name, 'newPasswordRequired');
+    }
+    user.challengeName = undefined;
+    user.challengeParam.userAttributes.given_name = 'Bryan';
+    user.challengeParam.userAttributes.family_name = 'Crotaz';
+    // Call authenticate again with the state and the new password.
+    let data = await service.authenticate({ password: 'newPassword', state });
+    assert.ok(attributesSentToServer);
+    assert.strictEqual(attributesSentToServer.given_name, 'Bryan');
+    assert.strictEqual(attributesSentToServer.family_name, 'Crotaz');
+    assert.strictEqual(attributesSentToServer.not_to_be_sent, undefined);
+    assert.strictEqual(data.poolId, 'us-east-1_TEST');
+    assert.strictEqual(data.clientId, 'TEST');
+    assert.ok(service.cognito.user, 'The cognito service user is populated.');
+    assert.strictEqual(
+      service.cognito.user.username,
+      'testuser',
+      'The username is set correctly.'
+    );
+  });
+
   test('authenticateUser, newPasswordRequired failure', async function (assert) {
     assert.expect(2);