verifyChallenge method

Future<String> verifyChallenge(Session session, { required UuidValue requestId, required String verificationCode, required Transaction transaction, })

Verifies a verification code against a SecretChallenge.

Throws:

• ChallengeRequestNotFoundException if the request is not found.
• ChallengeAlreadyUsedException if the challenge has already been used.
• ChallengeInvalidVerificationCodeException if the verification code is invalid.
• ChallengeExpiredException if the request has expired.
• ChallengeRateLimitExceededException if the rate limit is exceeded.

Returns the encoded completion token that can be used to complete the operation.

Implementation

Future<String> verifyChallenge(
  final Session session, {
  required final UuidValue requestId,
  required final String verificationCode,
  required final Transaction transaction,
}) async {
  final config = _verificationConfig;

  if (await config.hasTooManyAttempts(
    session,
    nonce: requestId,
  )) {
    throw ChallengeRateLimitExceededException();
  }

  final request = await config.getRequest(
    session,
    requestId,
    transaction: transaction,
  );
  if (request == null) {
    throw ChallengeRequestNotFoundException();
  }

  if (config.isAlreadyUsed(request)) {
    throw ChallengeAlreadyUsedException();
  }

  final challenge = config.getChallenge(request);

  if (!await _validateVerificationCode(
    verificationCode: verificationCode,
    challenge: challenge,
  )) {
    throw ChallengeInvalidVerificationCodeException();
  }

  if (config.isExpired(request)) {
    await config.onExpired(session, request);
    throw ChallengeExpiredException();
  }

  final completionTokenResult = await _createCompletionToken(
    session,
    requestId: requestId,
    transaction: transaction,
  );

  await config.linkCompletionToken(
    session,
    request,
    completionTokenResult.challenge,
    transaction: transaction,
  );

  return completionTokenResult.encodedToken;
}