Example usage for com.amazonaws.services.cognitoidp.model InitiateAuthResult getSession

List of usage examples for com.amazonaws.services.cognitoidp.model InitiateAuthResult getSession

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.services.cognitoidp.model.*
  5. InitiateAuthResult
  6. getSession

Introduction

In this page you can find the example usage for com.amazonaws.services.cognitoidp.model InitiateAuthResult getSession.

Prototype


public String getSession()

Source Link

Document

The session which should be passed both ways in challenge-response calls to the service.

Usage

From source file:io.fineo.client.auth.cognito.CognitoUser.java

License:Open Source License

/**
 * Creates response for the second step of the SRP authentication.
 *
 * @param challenge                     REQUIRED: {@link InitiateAuthResult} contains next challenge.
 * @param authenticationDetails         REQUIRED: {@link AuthenticationDetails} user authentication details.
 * @param authenticationHelper          REQUIRED: Internal helper class for SRP calculations.
 * @return {@link RespondToAuthChallengeRequest}.
 *//*from   w w w  . j av a2 s  .  c  o m*/
private RespondToAuthChallengeRequest userSrpAuthRequest(InitiateAuthResult challenge,
        AuthenticationDetails authenticationDetails, AuthenticationHelper authenticationHelper) {
    this.usernameInternal = challenge.getChallengeParameters().get("USERNAME");
    this.deviceKey = devices.getDeviceKey(usernameInternal, getUserPoolId());
    secretHash = CognitoSecretHash.getSecretHash(usernameInternal, clientId, clientSecret);

    BigInteger B = new BigInteger(challenge.getChallengeParameters().get("SRP_B"), 16);
    if (B.mod(AuthenticationHelper.N).equals(BigInteger.ZERO)) {
        throw new CognitoInternalErrorException("SRP error, B cannot be zero");
    }

    BigInteger salt = new BigInteger(challenge.getChallengeParameters().get("SALT"), 16);
    byte[] key = authenticationHelper.getPasswordAuthenticationKey(usernameInternal,
            authenticationDetails.getPassword(), B, salt);

    Date timestamp = new Date();
    byte[] hmac;
    try {
        Mac mac = Mac.getInstance("HmacSHA256");
        SecretKeySpec keySpec = new SecretKeySpec(key, "HmacSHA256");
        mac.init(keySpec);
        mac.update(pool.getUserPoolId().split("_", 2)[1].getBytes(StringUtils.UTF8));
        mac.update(usernameInternal.getBytes(StringUtils.UTF8));
        byte[] secretBlock = Base64.decode(challenge.getChallengeParameters().get("SECRET_BLOCK"));
        mac.update(secretBlock);
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("EEE MMM d HH:mm:ss z yyyy", Locale.US);
        simpleDateFormat.setTimeZone(new SimpleTimeZone(SimpleTimeZone.UTC_TIME, "UTC"));
        String dateString = simpleDateFormat.format(timestamp);
        byte[] dateBytes = dateString.getBytes(StringUtils.UTF8);
        hmac = mac.doFinal(dateBytes);
    } catch (Exception e) {
        throw new CognitoInternalErrorException("SRP error", e);
    }

    SimpleDateFormat formatTimestamp = new SimpleDateFormat("EEE MMM d HH:mm:ss z yyyy", Locale.US);
    formatTimestamp.setTimeZone(new SimpleTimeZone(SimpleTimeZone.UTC_TIME, "UTC"));

    Map<String, String> srpAuthResponses = new HashMap<String, String>();
    srpAuthResponses.put("PASSWORD_CLAIM_SECRET_BLOCK", challenge.getChallengeParameters().get("SECRET_BLOCK"));
    srpAuthResponses.put("PASSWORD_CLAIM_SIGNATURE", new String(Base64.encode(hmac), StandardCharsets.UTF_8));
    srpAuthResponses.put("TIMESTAMP", formatTimestamp.format(timestamp));
    srpAuthResponses.put("USERNAME", usernameInternal);
    srpAuthResponses.put("USER_ID_FOR_SRP", usernameInternal);
    srpAuthResponses.put("DEVICE_KEY", deviceKey);
    srpAuthResponses.put("SECRET_HASH", secretHash);

    RespondToAuthChallengeRequest authChallengeRequest = new RespondToAuthChallengeRequest();
    authChallengeRequest.setChallengeName(challenge.getChallengeName());
    authChallengeRequest.setClientId(clientId);
    authChallengeRequest.setSession(challenge.getSession());
    authChallengeRequest.setChallengeResponses(srpAuthResponses);

    return authChallengeRequest;
}

From source file:io.fineo.client.auth.cognito.CognitoUser.java

License:Open Source License

/**
 * Determines the next step from the challenge.
 * This takes an object of type {@link InitiateAuthResult} as parameter and creates an object of type
 * {@link RespondToAuthChallengeResult} and calls {@code handleChallenge(RespondToAuthChallengeResult challenge, final AuthenticationHandler callback)} method.
 *
 * @param authResult        REQUIRED: Result from the {@code initiateAuth(...)} method.
 * @param callback          REQUIRED: Callback for type {@link AuthenticationHandler}
 * @param runInBackground   REQUIRED: Boolean to indicate the current threading.
 * @return {@link Runnable} for the next step in user authentication.
 *//*w w w.j av  a 2s. co m*/
private Runnable handleChallenge(final InitiateAuthResult authResult, final AuthenticationHandler callback,
        final boolean runInBackground) {
    try {
        RespondToAuthChallengeResult challenge = new RespondToAuthChallengeResult();
        challenge.setChallengeName(authResult.getChallengeName());
        challenge.setSession(authResult.getSession());
        challenge.setAuthenticationResult(authResult.getAuthenticationResult());
        challenge.setChallengeParameters(authResult.getChallengeParameters());
        return handleChallenge(challenge, callback, runInBackground);
    } catch (final Exception e) {
        return new Runnable() {
            @Override
            public void run() {
                callback.onFailure(e);
            }
        };
    }
}