Authentication - Feature - Immutable attributes checking

[n10000k]

Is your feature request related to a problem? Please describe.

On cognitoUser.completeNewPasswordChallenge the second function variable is the users attributes, what I've done is on the callback for cognitoUser.authenticateUser: newPasswordRequired returns the attributes, I set them in my state. However due to cognitoUser.completeNewPasswordChallenge accepting attributes back that are immutable, email_verified etc, I think the challenge response from cognito in ChallengeParameters should have an array of immutableAttributes that way we can check any attributes aren't immutable before they get sent back to to Cognito for challenges, updating attributes etc? I think this would flow a lot easier.

Describe the solution you'd like
Array of immutableAttributes from the Cognito endpoint after you invoke a login, you will get a challenge such as NEW_PASSWORD_REQUIRED. Then within the package we check against immutable attributes and remove them.

Describe alternatives you've considered
Manual checking outside the package, but this could be a check already done within the package for ease.

Additional context
Example usage currently:

  signIn(
    { state: State, commit, dispatch }: ActionContext<State, null>,
    credentials: Credentials
  ) {
    commit("setUserPool");
    commit("setCognitoDetails", credentials);
    return new Promise((resolve, reject) => {
      state.cognitoUser.authenticateUser(state.authDetails, {
        onSuccess: (result: any) => {
          console.log("sign in success");
          commit("setTokens", result);
          commit("signIn");
          router.push("/profile");
          dispatch("getUserAttributes");
          dispatch("setLogoutTimer", 3600);
          resolve();
        },
        onFailure: (err: { code: string }) => {
          switch (err.code) {
            case "UserNotFoundException":
            case "NotAuthorizedException":
              reject({
                code: err.code,
                message: "Incorrect username or password"
              });
              break;
            case "UserNotConfirmedException":
              reject({
                code: err.code,
                message: "User registration not confirmed"
              });
              break;
            case "LimitExceededException":
              reject({
                code: err.code,
                message: "Login attempts limit exceeded, please try after later"
              });
              break;
            default:
              reject({
                code: err.code,
                message: "An error occured"
              });
              break;
          }
        },
        newPasswordRequired: (attributes: any) => {
          commit("setAttributes", attributes);
          reject({
            code: "NEW_PASSWORD_REQUIRED",
            message: "Please set a new password"
          });
        }
      });
    });
  },
  completeNewPasswordChallenge(
    { state: State }: ActionContext<State, null>,
    password: string
  ) {
    return new Promise((resolve, reject) => {
      // Checks here would be need to make sure the state attributes saved from the above callback don't contain immutable attributes or will return 400 bad request from cognito
      state.cognitoUser.completeNewPasswordChallenge(
        password,
        state.attributes,
        {
          onSuccess: (res: any) => {
            console.log(res);
            resolve();
          },
          onFailure: (err: any) => {
            console.log(err);
            reject({
              code: err.code,
              message: err.message
            });
          }
        }
      );
    });
  },

Purposed change (when array added to Cognito endpoint) is to add the validation check to :

amplify-js/packages/amazon-cognito-identity-js/src/CognitoUser.js

Line 604 in 958f61e

const finalUserAttributes = {};