Example usage for com.amazonaws.services.cognitoidp.model RespondToAuthChallengeRequest RespondToAuthChallengeRequest

List of usage examples for com.amazonaws.services.cognitoidp.model RespondToAuthChallengeRequest RespondToAuthChallengeRequest

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.services.cognitoidp.model.*
  5. RespondToAuthChallengeRequest
  6. RespondToAuthChallengeRequest

Introduction

In this page you can find the example usage for com.amazonaws.services.cognitoidp.model RespondToAuthChallengeRequest RespondToAuthChallengeRequest.

Prototype

RespondToAuthChallengeRequest

Source Link

Usage

From source file:io.fineo.client.auth.cognito.CognitoUser.java

License:Open Source License

/**
 * Responds to an MFA challenge. This method creates a response to the challenge and calls the
 * internal method to respond to the authentication challenge.
 *
 * @param mfaCode                   REQUIRED: The MFA code received by the user.
 * @param challenge                 REQUIRED: Current challenge {@link RespondToAuthChallengeResult}.
 * @param callback                  REQUIRED: {@link AuthenticationHandler} callback.
 * @return {@link Runnable} for the next step in user authentication.
 *//*from   w  w  w  .ja v  a2 s.c  o  m*/
public Runnable respondToMfaChallenge(final String mfaCode, final RespondToAuthChallengeResult challenge,
        final AuthenticationHandler callback, final boolean runInBackground) {
    final RespondToAuthChallengeRequest challengeResponse = new RespondToAuthChallengeRequest();
    Map<String, String> mfaParameters = new HashMap<String, String>();
    mfaParameters.put("SMS_MFA_CODE", mfaCode);
    mfaParameters.put("USERNAME", usernameInternal);
    mfaParameters.put("DEVICE_KEY", deviceKey);
    mfaParameters.put("SECRET_HASH", secretHash);
    challengeResponse.setClientId(clientId);
    challengeResponse.setSession(challenge.getSession());
    challengeResponse.setChallengeName(challenge.getChallengeName());
    challengeResponse.setChallengeResponses(mfaParameters);
    return respondToChallenge(challengeResponse, callback, runInBackground);
}

From source file:io.fineo.client.auth.cognito.CognitoUser.java

License:Open Source License

/**
 * Creates response for the second step of the SRP authentication.
 *
 * @param challenge                     REQUIRED: {@link InitiateAuthResult} contains next challenge.
 * @param authenticationDetails         REQUIRED: {@link AuthenticationDetails} user authentication details.
 * @param authenticationHelper          REQUIRED: Internal helper class for SRP calculations.
 * @return {@link RespondToAuthChallengeRequest}.
 *//*ww w. j a  va  2  s.co m*/
private RespondToAuthChallengeRequest userSrpAuthRequest(InitiateAuthResult challenge,
        AuthenticationDetails authenticationDetails, AuthenticationHelper authenticationHelper) {
    this.usernameInternal = challenge.getChallengeParameters().get("USERNAME");
    this.deviceKey = devices.getDeviceKey(usernameInternal, getUserPoolId());
    secretHash = CognitoSecretHash.getSecretHash(usernameInternal, clientId, clientSecret);

    BigInteger B = new BigInteger(challenge.getChallengeParameters().get("SRP_B"), 16);
    if (B.mod(AuthenticationHelper.N).equals(BigInteger.ZERO)) {
        throw new CognitoInternalErrorException("SRP error, B cannot be zero");
    }

    BigInteger salt = new BigInteger(challenge.getChallengeParameters().get("SALT"), 16);
    byte[] key = authenticationHelper.getPasswordAuthenticationKey(usernameInternal,
            authenticationDetails.getPassword(), B, salt);

    Date timestamp = new Date();
    byte[] hmac;
    try {
        Mac mac = Mac.getInstance("HmacSHA256");
        SecretKeySpec keySpec = new SecretKeySpec(key, "HmacSHA256");
        mac.init(keySpec);
        mac.update(pool.getUserPoolId().split("_", 2)[1].getBytes(StringUtils.UTF8));
        mac.update(usernameInternal.getBytes(StringUtils.UTF8));
        byte[] secretBlock = Base64.decode(challenge.getChallengeParameters().get("SECRET_BLOCK"));
        mac.update(secretBlock);
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("EEE MMM d HH:mm:ss z yyyy", Locale.US);
        simpleDateFormat.setTimeZone(new SimpleTimeZone(SimpleTimeZone.UTC_TIME, "UTC"));
        String dateString = simpleDateFormat.format(timestamp);
        byte[] dateBytes = dateString.getBytes(StringUtils.UTF8);
        hmac = mac.doFinal(dateBytes);
    } catch (Exception e) {
        throw new CognitoInternalErrorException("SRP error", e);
    }

    SimpleDateFormat formatTimestamp = new SimpleDateFormat("EEE MMM d HH:mm:ss z yyyy", Locale.US);
    formatTimestamp.setTimeZone(new SimpleTimeZone(SimpleTimeZone.UTC_TIME, "UTC"));

    Map<String, String> srpAuthResponses = new HashMap<String, String>();
    srpAuthResponses.put("PASSWORD_CLAIM_SECRET_BLOCK", challenge.getChallengeParameters().get("SECRET_BLOCK"));
    srpAuthResponses.put("PASSWORD_CLAIM_SIGNATURE", new String(Base64.encode(hmac), StandardCharsets.UTF_8));
    srpAuthResponses.put("TIMESTAMP", formatTimestamp.format(timestamp));
    srpAuthResponses.put("USERNAME", usernameInternal);
    srpAuthResponses.put("USER_ID_FOR_SRP", usernameInternal);
    srpAuthResponses.put("DEVICE_KEY", deviceKey);
    srpAuthResponses.put("SECRET_HASH", secretHash);

    RespondToAuthChallengeRequest authChallengeRequest = new RespondToAuthChallengeRequest();
    authChallengeRequest.setChallengeName(challenge.getChallengeName());
    authChallengeRequest.setClientId(clientId);
    authChallengeRequest.setSession(challenge.getSession());
    authChallengeRequest.setChallengeResponses(srpAuthResponses);

    return authChallengeRequest;
}