List of usage examples for com.amazonaws.services.cognitoidp.model RespondToAuthChallengeRequest setSession
public void setSession(String session)
The session which should be passed both ways in challenge-response calls to the service.
From source file:io.fineo.client.auth.cognito.CognitoUser.java
License:Open Source License
/** * Responds to an MFA challenge. This method creates a response to the challenge and calls the * internal method to respond to the authentication challenge. * * @param mfaCode REQUIRED: The MFA code received by the user. * @param challenge REQUIRED: Current challenge {@link RespondToAuthChallengeResult}. * @param callback REQUIRED: {@link AuthenticationHandler} callback. * @return {@link Runnable} for the next step in user authentication. *//* www.java 2s. co m*/ public Runnable respondToMfaChallenge(final String mfaCode, final RespondToAuthChallengeResult challenge, final AuthenticationHandler callback, final boolean runInBackground) { final RespondToAuthChallengeRequest challengeResponse = new RespondToAuthChallengeRequest(); Map<String, String> mfaParameters = new HashMap<String, String>(); mfaParameters.put("SMS_MFA_CODE", mfaCode); mfaParameters.put("USERNAME", usernameInternal); mfaParameters.put("DEVICE_KEY", deviceKey); mfaParameters.put("SECRET_HASH", secretHash); challengeResponse.setClientId(clientId); challengeResponse.setSession(challenge.getSession()); challengeResponse.setChallengeName(challenge.getChallengeName()); challengeResponse.setChallengeResponses(mfaParameters); return respondToChallenge(challengeResponse, callback, runInBackground); }
From source file:io.fineo.client.auth.cognito.CognitoUser.java
License:Open Source License
/** * Creates response for the second step of the SRP authentication. * * @param challenge REQUIRED: {@link InitiateAuthResult} contains next challenge. * @param authenticationDetails REQUIRED: {@link AuthenticationDetails} user authentication details. * @param authenticationHelper REQUIRED: Internal helper class for SRP calculations. * @return {@link RespondToAuthChallengeRequest}. *//*w w w. ja va 2 s .co m*/ private RespondToAuthChallengeRequest userSrpAuthRequest(InitiateAuthResult challenge, AuthenticationDetails authenticationDetails, AuthenticationHelper authenticationHelper) { this.usernameInternal = challenge.getChallengeParameters().get("USERNAME"); this.deviceKey = devices.getDeviceKey(usernameInternal, getUserPoolId()); secretHash = CognitoSecretHash.getSecretHash(usernameInternal, clientId, clientSecret); BigInteger B = new BigInteger(challenge.getChallengeParameters().get("SRP_B"), 16); if (B.mod(AuthenticationHelper.N).equals(BigInteger.ZERO)) { throw new CognitoInternalErrorException("SRP error, B cannot be zero"); } BigInteger salt = new BigInteger(challenge.getChallengeParameters().get("SALT"), 16); byte[] key = authenticationHelper.getPasswordAuthenticationKey(usernameInternal, authenticationDetails.getPassword(), B, salt); Date timestamp = new Date(); byte[] hmac; try { Mac mac = Mac.getInstance("HmacSHA256"); SecretKeySpec keySpec = new SecretKeySpec(key, "HmacSHA256"); mac.init(keySpec); mac.update(pool.getUserPoolId().split("_", 2)[1].getBytes(StringUtils.UTF8)); mac.update(usernameInternal.getBytes(StringUtils.UTF8)); byte[] secretBlock = Base64.decode(challenge.getChallengeParameters().get("SECRET_BLOCK")); mac.update(secretBlock); SimpleDateFormat simpleDateFormat = new SimpleDateFormat("EEE MMM d HH:mm:ss z yyyy", Locale.US); simpleDateFormat.setTimeZone(new SimpleTimeZone(SimpleTimeZone.UTC_TIME, "UTC")); String dateString = simpleDateFormat.format(timestamp); byte[] dateBytes = dateString.getBytes(StringUtils.UTF8); hmac = mac.doFinal(dateBytes); } catch (Exception e) { throw new CognitoInternalErrorException("SRP error", e); } SimpleDateFormat formatTimestamp = new SimpleDateFormat("EEE MMM d HH:mm:ss z yyyy", Locale.US); formatTimestamp.setTimeZone(new SimpleTimeZone(SimpleTimeZone.UTC_TIME, "UTC")); Map<String, String> srpAuthResponses = new HashMap<String, String>(); srpAuthResponses.put("PASSWORD_CLAIM_SECRET_BLOCK", challenge.getChallengeParameters().get("SECRET_BLOCK")); srpAuthResponses.put("PASSWORD_CLAIM_SIGNATURE", new String(Base64.encode(hmac), StandardCharsets.UTF_8)); srpAuthResponses.put("TIMESTAMP", formatTimestamp.format(timestamp)); srpAuthResponses.put("USERNAME", usernameInternal); srpAuthResponses.put("USER_ID_FOR_SRP", usernameInternal); srpAuthResponses.put("DEVICE_KEY", deviceKey); srpAuthResponses.put("SECRET_HASH", secretHash); RespondToAuthChallengeRequest authChallengeRequest = new RespondToAuthChallengeRequest(); authChallengeRequest.setChallengeName(challenge.getChallengeName()); authChallengeRequest.setClientId(clientId); authChallengeRequest.setSession(challenge.getSession()); authChallengeRequest.setChallengeResponses(srpAuthResponses); return authChallengeRequest; }