Example usage for com.amazonaws.services.cognitoidp.model RespondToAuthChallengeRequest setSession

List of usage examples for com.amazonaws.services.cognitoidp.model RespondToAuthChallengeRequest setSession

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.services.cognitoidp.model.*
  5. RespondToAuthChallengeRequest
  6. setSession

Introduction

In this page you can find the example usage for com.amazonaws.services.cognitoidp.model RespondToAuthChallengeRequest setSession.

Prototype


public void setSession(String session)

Source Link

Document

The session which should be passed both ways in challenge-response calls to the service.

Usage

From source file:io.fineo.client.auth.cognito.CognitoUser.java

License:Open Source License

/**
 * Responds to an MFA challenge. This method creates a response to the challenge and calls the
 * internal method to respond to the authentication challenge.
 *
 * @param mfaCode                   REQUIRED: The MFA code received by the user.
 * @param challenge                 REQUIRED: Current challenge {@link RespondToAuthChallengeResult}.
 * @param callback                  REQUIRED: {@link AuthenticationHandler} callback.
 * @return {@link Runnable} for the next step in user authentication.
 *//* www.java  2s. co  m*/
public Runnable respondToMfaChallenge(final String mfaCode, final RespondToAuthChallengeResult challenge,
        final AuthenticationHandler callback, final boolean runInBackground) {
    final RespondToAuthChallengeRequest challengeResponse = new RespondToAuthChallengeRequest();
    Map<String, String> mfaParameters = new HashMap<String, String>();
    mfaParameters.put("SMS_MFA_CODE", mfaCode);
    mfaParameters.put("USERNAME", usernameInternal);
    mfaParameters.put("DEVICE_KEY", deviceKey);
    mfaParameters.put("SECRET_HASH", secretHash);
    challengeResponse.setClientId(clientId);
    challengeResponse.setSession(challenge.getSession());
    challengeResponse.setChallengeName(challenge.getChallengeName());
    challengeResponse.setChallengeResponses(mfaParameters);
    return respondToChallenge(challengeResponse, callback, runInBackground);
}

From source file:io.fineo.client.auth.cognito.CognitoUser.java

License:Open Source License

/**
 * Creates response for the second step of the SRP authentication.
 *
 * @param challenge                     REQUIRED: {@link InitiateAuthResult} contains next challenge.
 * @param authenticationDetails         REQUIRED: {@link AuthenticationDetails} user authentication details.
 * @param authenticationHelper          REQUIRED: Internal helper class for SRP calculations.
 * @return {@link RespondToAuthChallengeRequest}.
 *//*w  w  w. ja  va 2 s .co m*/
private RespondToAuthChallengeRequest userSrpAuthRequest(InitiateAuthResult challenge,
        AuthenticationDetails authenticationDetails, AuthenticationHelper authenticationHelper) {
    this.usernameInternal = challenge.getChallengeParameters().get("USERNAME");
    this.deviceKey = devices.getDeviceKey(usernameInternal, getUserPoolId());
    secretHash = CognitoSecretHash.getSecretHash(usernameInternal, clientId, clientSecret);

    BigInteger B = new BigInteger(challenge.getChallengeParameters().get("SRP_B"), 16);
    if (B.mod(AuthenticationHelper.N).equals(BigInteger.ZERO)) {
        throw new CognitoInternalErrorException("SRP error, B cannot be zero");
    }

    BigInteger salt = new BigInteger(challenge.getChallengeParameters().get("SALT"), 16);
    byte[] key = authenticationHelper.getPasswordAuthenticationKey(usernameInternal,
            authenticationDetails.getPassword(), B, salt);

    Date timestamp = new Date();
    byte[] hmac;
    try {
        Mac mac = Mac.getInstance("HmacSHA256");
        SecretKeySpec keySpec = new SecretKeySpec(key, "HmacSHA256");
        mac.init(keySpec);
        mac.update(pool.getUserPoolId().split("_", 2)[1].getBytes(StringUtils.UTF8));
        mac.update(usernameInternal.getBytes(StringUtils.UTF8));
        byte[] secretBlock = Base64.decode(challenge.getChallengeParameters().get("SECRET_BLOCK"));
        mac.update(secretBlock);
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("EEE MMM d HH:mm:ss z yyyy", Locale.US);
        simpleDateFormat.setTimeZone(new SimpleTimeZone(SimpleTimeZone.UTC_TIME, "UTC"));
        String dateString = simpleDateFormat.format(timestamp);
        byte[] dateBytes = dateString.getBytes(StringUtils.UTF8);
        hmac = mac.doFinal(dateBytes);
    } catch (Exception e) {
        throw new CognitoInternalErrorException("SRP error", e);
    }

    SimpleDateFormat formatTimestamp = new SimpleDateFormat("EEE MMM d HH:mm:ss z yyyy", Locale.US);
    formatTimestamp.setTimeZone(new SimpleTimeZone(SimpleTimeZone.UTC_TIME, "UTC"));

    Map<String, String> srpAuthResponses = new HashMap<String, String>();
    srpAuthResponses.put("PASSWORD_CLAIM_SECRET_BLOCK", challenge.getChallengeParameters().get("SECRET_BLOCK"));
    srpAuthResponses.put("PASSWORD_CLAIM_SIGNATURE", new String(Base64.encode(hmac), StandardCharsets.UTF_8));
    srpAuthResponses.put("TIMESTAMP", formatTimestamp.format(timestamp));
    srpAuthResponses.put("USERNAME", usernameInternal);
    srpAuthResponses.put("USER_ID_FOR_SRP", usernameInternal);
    srpAuthResponses.put("DEVICE_KEY", deviceKey);
    srpAuthResponses.put("SECRET_HASH", secretHash);

    RespondToAuthChallengeRequest authChallengeRequest = new RespondToAuthChallengeRequest();
    authChallengeRequest.setChallengeName(challenge.getChallengeName());
    authChallengeRequest.setClientId(clientId);
    authChallengeRequest.setSession(challenge.getSession());
    authChallengeRequest.setChallengeResponses(srpAuthResponses);

    return authChallengeRequest;
}