List of usage examples for com.amazonaws.services.cognitoidp.model RespondToAuthChallengeRequest setChallengeResponses
public void setChallengeResponses(java.util.Map<String, String> challengeResponses)
The challenge responses.
From source file:io.fineo.client.auth.cognito.CognitoUser.java
License:Open Source License
/** * Responds to an MFA challenge. This method creates a response to the challenge and calls the * internal method to respond to the authentication challenge. * * @param mfaCode REQUIRED: The MFA code received by the user. * @param challenge REQUIRED: Current challenge {@link RespondToAuthChallengeResult}. * @param callback REQUIRED: {@link AuthenticationHandler} callback. * @return {@link Runnable} for the next step in user authentication. *///from w w w. j av a 2 s. co m public Runnable respondToMfaChallenge(final String mfaCode, final RespondToAuthChallengeResult challenge, final AuthenticationHandler callback, final boolean runInBackground) { final RespondToAuthChallengeRequest challengeResponse = new RespondToAuthChallengeRequest(); Map<String, String> mfaParameters = new HashMap<String, String>(); mfaParameters.put("SMS_MFA_CODE", mfaCode); mfaParameters.put("USERNAME", usernameInternal); mfaParameters.put("DEVICE_KEY", deviceKey); mfaParameters.put("SECRET_HASH", secretHash); challengeResponse.setClientId(clientId); challengeResponse.setSession(challenge.getSession()); challengeResponse.setChallengeName(challenge.getChallengeName()); challengeResponse.setChallengeResponses(mfaParameters); return respondToChallenge(challengeResponse, callback, runInBackground); }
From source file:io.fineo.client.auth.cognito.CognitoUser.java
License:Open Source License
/** * This method sends the challenge response to the Cognito IDP service. The call to the Cognito IDP * service returns a new challenge and a different method is called to process the challenge. * Restarts authentication if the service cannot find a device-key. * * @param challengeResponse REQUIRED: {@link RespondToAuthChallengeRequest} contains * response for the current challenge. * @param callback REQUIRED: {@link AuthenticationHandler} callback. * @param runInBackground REQUIRED: Boolean to indicate the current threading. * @return {@link Runnable} for the next step in user authentication. *//*from w w w . j a va2s . c o m*/ public Runnable respondToChallenge(final RespondToAuthChallengeRequest challengeResponse, final AuthenticationHandler callback, final boolean runInBackground) { try { if (challengeResponse != null && challengeResponse.getChallengeResponses() != null) { Map<String, String> challengeResponses = challengeResponse.getChallengeResponses(); challengeResponses.put("DEVICE_KEY", deviceKey); challengeResponse.setChallengeResponses(challengeResponses); } RespondToAuthChallengeResult challenge = cognitoIdentityProviderClient .respondToAuthChallenge(challengeResponse); return handleChallenge(challenge, callback, runInBackground); } catch (final ResourceNotFoundException rna) { final CognitoUser cognitoUser = this; if (rna.getMessage().contains("Device")) { return clearCache(cognitoUser, runInBackground, callback); } else { return new Runnable() { @Override public void run() { callback.onFailure(rna); } }; } } catch (final Exception e) { return new Runnable() { @Override public void run() { callback.onFailure(e); } }; } }
From source file:io.fineo.client.auth.cognito.CognitoUser.java
License:Open Source License
/** * Creates response for the second step of the SRP authentication. * * @param challenge REQUIRED: {@link InitiateAuthResult} contains next challenge. * @param authenticationDetails REQUIRED: {@link AuthenticationDetails} user authentication details. * @param authenticationHelper REQUIRED: Internal helper class for SRP calculations. * @return {@link RespondToAuthChallengeRequest}. *//*from w ww.j a v a2s . c o m*/ private RespondToAuthChallengeRequest userSrpAuthRequest(InitiateAuthResult challenge, AuthenticationDetails authenticationDetails, AuthenticationHelper authenticationHelper) { this.usernameInternal = challenge.getChallengeParameters().get("USERNAME"); this.deviceKey = devices.getDeviceKey(usernameInternal, getUserPoolId()); secretHash = CognitoSecretHash.getSecretHash(usernameInternal, clientId, clientSecret); BigInteger B = new BigInteger(challenge.getChallengeParameters().get("SRP_B"), 16); if (B.mod(AuthenticationHelper.N).equals(BigInteger.ZERO)) { throw new CognitoInternalErrorException("SRP error, B cannot be zero"); } BigInteger salt = new BigInteger(challenge.getChallengeParameters().get("SALT"), 16); byte[] key = authenticationHelper.getPasswordAuthenticationKey(usernameInternal, authenticationDetails.getPassword(), B, salt); Date timestamp = new Date(); byte[] hmac; try { Mac mac = Mac.getInstance("HmacSHA256"); SecretKeySpec keySpec = new SecretKeySpec(key, "HmacSHA256"); mac.init(keySpec); mac.update(pool.getUserPoolId().split("_", 2)[1].getBytes(StringUtils.UTF8)); mac.update(usernameInternal.getBytes(StringUtils.UTF8)); byte[] secretBlock = Base64.decode(challenge.getChallengeParameters().get("SECRET_BLOCK")); mac.update(secretBlock); SimpleDateFormat simpleDateFormat = new SimpleDateFormat("EEE MMM d HH:mm:ss z yyyy", Locale.US); simpleDateFormat.setTimeZone(new SimpleTimeZone(SimpleTimeZone.UTC_TIME, "UTC")); String dateString = simpleDateFormat.format(timestamp); byte[] dateBytes = dateString.getBytes(StringUtils.UTF8); hmac = mac.doFinal(dateBytes); } catch (Exception e) { throw new CognitoInternalErrorException("SRP error", e); } SimpleDateFormat formatTimestamp = new SimpleDateFormat("EEE MMM d HH:mm:ss z yyyy", Locale.US); formatTimestamp.setTimeZone(new SimpleTimeZone(SimpleTimeZone.UTC_TIME, "UTC")); Map<String, String> srpAuthResponses = new HashMap<String, String>(); srpAuthResponses.put("PASSWORD_CLAIM_SECRET_BLOCK", challenge.getChallengeParameters().get("SECRET_BLOCK")); srpAuthResponses.put("PASSWORD_CLAIM_SIGNATURE", new String(Base64.encode(hmac), StandardCharsets.UTF_8)); srpAuthResponses.put("TIMESTAMP", formatTimestamp.format(timestamp)); srpAuthResponses.put("USERNAME", usernameInternal); srpAuthResponses.put("USER_ID_FOR_SRP", usernameInternal); srpAuthResponses.put("DEVICE_KEY", deviceKey); srpAuthResponses.put("SECRET_HASH", secretHash); RespondToAuthChallengeRequest authChallengeRequest = new RespondToAuthChallengeRequest(); authChallengeRequest.setChallengeName(challenge.getChallengeName()); authChallengeRequest.setClientId(clientId); authChallengeRequest.setSession(challenge.getSession()); authChallengeRequest.setChallengeResponses(srpAuthResponses); return authChallengeRequest; }