Search in sources :

Example 1 with ConfirmDeviceResult

use of com.amazonaws.services.cognitoidentityprovider.model.ConfirmDeviceResult in project aws-sdk-android by aws-amplify.

the class CognitoUser method confirmDevice.

/**
 * The method confirms a device. If this device can be remembered and if
 * this is a new device, a new device key is generated at the end of a
 * successful authentication. SRP verification is performed by the service,
 * during the next authentication attempts, to identify this device. This
 * method generates the necessary tokens to enable the device SRP
 * verification.
 *
 * @param deviceMetadata REQUIRED: Metadata for the new device.
 */
private ConfirmDeviceResult confirmDevice(final NewDeviceMetadataType deviceMetadata) {
    final Map<String, String> deviceSrpVerifiers = CognitoDeviceHelper.generateVerificationParameters(deviceMetadata.getDeviceKey(), deviceMetadata.getDeviceGroupKey());
    ConfirmDeviceResult confirmDeviceResult = new ConfirmDeviceResult();
    confirmDeviceResult.setUserConfirmationNecessary(false);
    try {
        confirmDeviceResult = confirmDeviceInternal(getCachedSession(), deviceMetadata.getDeviceKey(), deviceSrpVerifiers.get("verifier"), deviceSrpVerifiers.get("salt"), CognitoDeviceHelper.getDeviceName());
    } catch (final Exception e) {
        LOGGER.error("Device confirmation failed: ", e);
        return null;
    }
    CognitoDeviceHelper.cacheDeviceKey(usernameInternal, pool.getUserPoolId(), deviceMetadata.getDeviceKey(), context);
    CognitoDeviceHelper.cacheDeviceVerifier(usernameInternal, pool.getUserPoolId(), deviceSrpVerifiers.get("secret"), context);
    CognitoDeviceHelper.cacheDeviceGroupKey(usernameInternal, pool.getUserPoolId(), deviceMetadata.getDeviceGroupKey(), context);
    return confirmDeviceResult;
}
Also used : ConfirmDeviceResult(com.amazonaws.services.cognitoidentityprovider.model.ConfirmDeviceResult) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) CognitoInternalErrorException(com.amazonaws.mobileconnectors.cognitoidentityprovider.exceptions.CognitoInternalErrorException) UserNotFoundException(com.amazonaws.services.cognitoidentityprovider.model.UserNotFoundException) CognitoParameterInvalidException(com.amazonaws.mobileconnectors.cognitoidentityprovider.exceptions.CognitoParameterInvalidException) NotAuthorizedException(com.amazonaws.services.cognitoidentityprovider.model.NotAuthorizedException) ResourceNotFoundException(com.amazonaws.services.cognitoidentityprovider.model.ResourceNotFoundException) InvalidParameterException(com.amazonaws.services.cognitoidentityprovider.model.InvalidParameterException) CognitoNotAuthorizedException(com.amazonaws.mobileconnectors.cognitoidentityprovider.exceptions.CognitoNotAuthorizedException)

Example 2 with ConfirmDeviceResult

use of com.amazonaws.services.cognitoidentityprovider.model.ConfirmDeviceResult in project aws-sdk-android by aws-amplify.

the class CognitoUser method handleChallenge.

/**
 * Find the next step from the challenge. This is an important step in the
 * generic authentication flow. After the responding to a challenge, the
 * results are analyzed here to determine the next step in the
 * authentication process. Like all other methods in this SDK, this is
 * designed to work with Continuation objects. This method returns a
 * {@link Runnable} with the code to be executed, for the next step, to the
 * invoking Continuation. The possible steps are 1) Authentication was
 * successful and we have the tokens, in this case we call
 * {@code onSuccess()} to return the tokens. 2) User password is required,
 * an AuthenticationContinuation is created. 3) MFA validation is required,
 * a MultiFactorAuthenticationContinuation object is created. 4) Other
 * generic challenge, the challenge details are passed to the user.
 *
 * @param challenge REQUIRED: Current challenge details,
 *            {@link RespondToAuthChallengeResult}.
 * @param authenticationDetails OPTIONAL: This is used in the PASSWORD_VERIFIER challenge
 * @param callback REQUIRED: {@link AuthenticationDetails} callback.
 * @param runInBackground REQUIRED: Boolean to indicate the current
 *            threading.
 * @return {@link Runnable} for the next step in user authentication.
 */
private Runnable handleChallenge(final Map<String, String> clientMetadata, final RespondToAuthChallengeResult challenge, final AuthenticationDetails authenticationDetails, final AuthenticationHandler callback, final boolean runInBackground) {
    Runnable nextTask;
    final CognitoUser cognitoUser = this;
    nextTask = new Runnable() {

        @Override
        public void run() {
            callback.onFailure(new CognitoInternalErrorException("Authentication failed due to an internal error"));
        }
    };
    if (challenge == null) {
        return nextTask;
    }
    updateInternalUsername(challenge.getChallengeParameters());
    final String challengeName = challenge.getChallengeName();
    if (challengeName == null) {
        final CognitoUserSession cognitoUserSession = getCognitoUserSession(challenge.getAuthenticationResult());
        cacheTokens(cognitoUserSession);
        final NewDeviceMetadataType newDeviceMetadata = challenge.getAuthenticationResult().getNewDeviceMetadata();
        if (newDeviceMetadata == null) {
            nextTask = new Runnable() {

                @Override
                public void run() {
                    callback.onSuccess(cognitoUserSession, null);
                }
            };
        } else {
            final ConfirmDeviceResult confirmDeviceResult = confirmDevice(newDeviceMetadata);
            if (confirmDeviceResult != null && confirmDeviceResult.isUserConfirmationNecessary()) {
                final CognitoDevice newDevice = new CognitoDevice(newDeviceMetadata.getDeviceKey(), null, null, null, null, cognitoUser, context);
                nextTask = new Runnable() {

                    @Override
                    public void run() {
                        callback.onSuccess(cognitoUserSession, newDevice);
                    }
                };
            } else {
                nextTask = new Runnable() {

                    @Override
                    public void run() {
                        callback.onSuccess(cognitoUserSession, null);
                    }
                };
            }
        }
    } else if (CognitoServiceConstants.CHLG_TYPE_USER_PASSWORD_VERIFIER.equals(challengeName)) {
        return new Runnable() {

            @Override
            public void run() {
                callback.onFailure(new CognitoInternalErrorException("Authentication failed due to an internal error: " + "PASSWORD_VERIFIER challenge encountered not at the " + "start of authentication flow"));
            }
        };
    } else if (CognitoServiceConstants.CHLG_TYPE_SMS_MFA.equals(challengeName) || CognitoServiceConstants.CHLG_TYPE_SOFTWARE_TOKEN_MFA.equals(challengeName)) {
        final MultiFactorAuthenticationContinuation multiFactorAuthenticationContinuation = new MultiFactorAuthenticationContinuation(cognitoUser, context, challenge, runInBackground, callback);
        multiFactorAuthenticationContinuation.setClientMetaData(clientMetadata);
        nextTask = new Runnable() {

            @Override
            public void run() {
                callback.getMFACode(multiFactorAuthenticationContinuation);
            }
        };
    } else if (CognitoServiceConstants.CHLG_TYPE_SELECT_MFA_TYPE.equals(challengeName)) {
        final ChooseMfaContinuation continuation = new ChooseMfaContinuation(cognitoUser, context, usernameInternal, clientId, secretHash, challenge, runInBackground, callback);
        nextTask = new Runnable() {

            @Override
            public void run() {
                callback.authenticationChallenge(continuation);
            }
        };
    } else if (CognitoServiceConstants.CHLG_TYPE_MFA_SETUP.equals(challengeName)) {
        final RegisterMfaContinuation continuation = new RegisterMfaContinuation(cognitoUser, context, usernameInternal, clientId, secretHash, challenge, runInBackground, callback);
        nextTask = new Runnable() {

            @Override
            public void run() {
                callback.authenticationChallenge(continuation);
            }
        };
    } else if (CognitoServiceConstants.CHLG_TYPE_DEVICE_SRP_AUTH.equals(challengeName)) {
        nextTask = deviceSrpAuthentication(clientMetadata, challenge, callback, runInBackground);
    } else if (CognitoServiceConstants.CHLG_TYPE_NEW_PASSWORD_REQUIRED.equals(challengeName)) {
        final NewPasswordContinuation newPasswordContinuation = new NewPasswordContinuation(cognitoUser, context, usernameInternal, clientId, CognitoSecretHash.getSecretHash(usernameInternal, clientId, clientSecret), challenge, runInBackground, callback);
        nextTask = new Runnable() {

            @Override
            public void run() {
                callback.authenticationChallenge(newPasswordContinuation);
            }
        };
    } else {
        final ChallengeContinuation challengeContinuation = new ChallengeContinuation(cognitoUser, context, usernameInternal, clientId, CognitoSecretHash.getSecretHash(usernameInternal, clientId, clientSecret), challenge, runInBackground, callback);
        challengeContinuation.setClientMetaData(clientMetadata);
        nextTask = new Runnable() {

            @Override
            public void run() {
                callback.authenticationChallenge(challengeContinuation);
            }
        };
    }
    return nextTask;
}
Also used : NewDeviceMetadataType(com.amazonaws.services.cognitoidentityprovider.model.NewDeviceMetadataType) ConfirmDeviceResult(com.amazonaws.services.cognitoidentityprovider.model.ConfirmDeviceResult) CognitoInternalErrorException(com.amazonaws.mobileconnectors.cognitoidentityprovider.exceptions.CognitoInternalErrorException) MultiFactorAuthenticationContinuation(com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.MultiFactorAuthenticationContinuation) ChooseMfaContinuation(com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.ChooseMfaContinuation) ChallengeContinuation(com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.ChallengeContinuation) RegisterMfaContinuation(com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.RegisterMfaContinuation) NewPasswordContinuation(com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.NewPasswordContinuation)

Aggregations

CognitoInternalErrorException (com.amazonaws.mobileconnectors.cognitoidentityprovider.exceptions.CognitoInternalErrorException)2 ConfirmDeviceResult (com.amazonaws.services.cognitoidentityprovider.model.ConfirmDeviceResult)2 ChallengeContinuation (com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.ChallengeContinuation)1 ChooseMfaContinuation (com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.ChooseMfaContinuation)1 MultiFactorAuthenticationContinuation (com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.MultiFactorAuthenticationContinuation)1 NewPasswordContinuation (com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.NewPasswordContinuation)1 RegisterMfaContinuation (com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.RegisterMfaContinuation)1 CognitoNotAuthorizedException (com.amazonaws.mobileconnectors.cognitoidentityprovider.exceptions.CognitoNotAuthorizedException)1 CognitoParameterInvalidException (com.amazonaws.mobileconnectors.cognitoidentityprovider.exceptions.CognitoParameterInvalidException)1 InvalidParameterException (com.amazonaws.services.cognitoidentityprovider.model.InvalidParameterException)1 NewDeviceMetadataType (com.amazonaws.services.cognitoidentityprovider.model.NewDeviceMetadataType)1 NotAuthorizedException (com.amazonaws.services.cognitoidentityprovider.model.NotAuthorizedException)1 ResourceNotFoundException (com.amazonaws.services.cognitoidentityprovider.model.ResourceNotFoundException)1 UserNotFoundException (com.amazonaws.services.cognitoidentityprovider.model.UserNotFoundException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1