use of com.amazonaws.services.cognitoidentityprovider.model.ConfirmDeviceResult in project aws-sdk-android by aws-amplify.
the class CognitoUser method confirmDevice.
/**
* The method confirms a device. If this device can be remembered and if
* this is a new device, a new device key is generated at the end of a
* successful authentication. SRP verification is performed by the service,
* during the next authentication attempts, to identify this device. This
* method generates the necessary tokens to enable the device SRP
* verification.
*
* @param deviceMetadata REQUIRED: Metadata for the new device.
*/
private ConfirmDeviceResult confirmDevice(final NewDeviceMetadataType deviceMetadata) {
final Map<String, String> deviceSrpVerifiers = CognitoDeviceHelper.generateVerificationParameters(deviceMetadata.getDeviceKey(), deviceMetadata.getDeviceGroupKey());
ConfirmDeviceResult confirmDeviceResult = new ConfirmDeviceResult();
confirmDeviceResult.setUserConfirmationNecessary(false);
try {
confirmDeviceResult = confirmDeviceInternal(getCachedSession(), deviceMetadata.getDeviceKey(), deviceSrpVerifiers.get("verifier"), deviceSrpVerifiers.get("salt"), CognitoDeviceHelper.getDeviceName());
} catch (final Exception e) {
LOGGER.error("Device confirmation failed: ", e);
return null;
}
CognitoDeviceHelper.cacheDeviceKey(usernameInternal, pool.getUserPoolId(), deviceMetadata.getDeviceKey(), context);
CognitoDeviceHelper.cacheDeviceVerifier(usernameInternal, pool.getUserPoolId(), deviceSrpVerifiers.get("secret"), context);
CognitoDeviceHelper.cacheDeviceGroupKey(usernameInternal, pool.getUserPoolId(), deviceMetadata.getDeviceGroupKey(), context);
return confirmDeviceResult;
}
use of com.amazonaws.services.cognitoidentityprovider.model.ConfirmDeviceResult in project aws-sdk-android by aws-amplify.
the class CognitoUser method handleChallenge.
/**
* Find the next step from the challenge. This is an important step in the
* generic authentication flow. After the responding to a challenge, the
* results are analyzed here to determine the next step in the
* authentication process. Like all other methods in this SDK, this is
* designed to work with Continuation objects. This method returns a
* {@link Runnable} with the code to be executed, for the next step, to the
* invoking Continuation. The possible steps are 1) Authentication was
* successful and we have the tokens, in this case we call
* {@code onSuccess()} to return the tokens. 2) User password is required,
* an AuthenticationContinuation is created. 3) MFA validation is required,
* a MultiFactorAuthenticationContinuation object is created. 4) Other
* generic challenge, the challenge details are passed to the user.
*
* @param challenge REQUIRED: Current challenge details,
* {@link RespondToAuthChallengeResult}.
* @param authenticationDetails OPTIONAL: This is used in the PASSWORD_VERIFIER challenge
* @param callback REQUIRED: {@link AuthenticationDetails} callback.
* @param runInBackground REQUIRED: Boolean to indicate the current
* threading.
* @return {@link Runnable} for the next step in user authentication.
*/
private Runnable handleChallenge(final Map<String, String> clientMetadata, final RespondToAuthChallengeResult challenge, final AuthenticationDetails authenticationDetails, final AuthenticationHandler callback, final boolean runInBackground) {
Runnable nextTask;
final CognitoUser cognitoUser = this;
nextTask = new Runnable() {
@Override
public void run() {
callback.onFailure(new CognitoInternalErrorException("Authentication failed due to an internal error"));
}
};
if (challenge == null) {
return nextTask;
}
updateInternalUsername(challenge.getChallengeParameters());
final String challengeName = challenge.getChallengeName();
if (challengeName == null) {
final CognitoUserSession cognitoUserSession = getCognitoUserSession(challenge.getAuthenticationResult());
cacheTokens(cognitoUserSession);
final NewDeviceMetadataType newDeviceMetadata = challenge.getAuthenticationResult().getNewDeviceMetadata();
if (newDeviceMetadata == null) {
nextTask = new Runnable() {
@Override
public void run() {
callback.onSuccess(cognitoUserSession, null);
}
};
} else {
final ConfirmDeviceResult confirmDeviceResult = confirmDevice(newDeviceMetadata);
if (confirmDeviceResult != null && confirmDeviceResult.isUserConfirmationNecessary()) {
final CognitoDevice newDevice = new CognitoDevice(newDeviceMetadata.getDeviceKey(), null, null, null, null, cognitoUser, context);
nextTask = new Runnable() {
@Override
public void run() {
callback.onSuccess(cognitoUserSession, newDevice);
}
};
} else {
nextTask = new Runnable() {
@Override
public void run() {
callback.onSuccess(cognitoUserSession, null);
}
};
}
}
} else if (CognitoServiceConstants.CHLG_TYPE_USER_PASSWORD_VERIFIER.equals(challengeName)) {
return new Runnable() {
@Override
public void run() {
callback.onFailure(new CognitoInternalErrorException("Authentication failed due to an internal error: " + "PASSWORD_VERIFIER challenge encountered not at the " + "start of authentication flow"));
}
};
} else if (CognitoServiceConstants.CHLG_TYPE_SMS_MFA.equals(challengeName) || CognitoServiceConstants.CHLG_TYPE_SOFTWARE_TOKEN_MFA.equals(challengeName)) {
final MultiFactorAuthenticationContinuation multiFactorAuthenticationContinuation = new MultiFactorAuthenticationContinuation(cognitoUser, context, challenge, runInBackground, callback);
multiFactorAuthenticationContinuation.setClientMetaData(clientMetadata);
nextTask = new Runnable() {
@Override
public void run() {
callback.getMFACode(multiFactorAuthenticationContinuation);
}
};
} else if (CognitoServiceConstants.CHLG_TYPE_SELECT_MFA_TYPE.equals(challengeName)) {
final ChooseMfaContinuation continuation = new ChooseMfaContinuation(cognitoUser, context, usernameInternal, clientId, secretHash, challenge, runInBackground, callback);
nextTask = new Runnable() {
@Override
public void run() {
callback.authenticationChallenge(continuation);
}
};
} else if (CognitoServiceConstants.CHLG_TYPE_MFA_SETUP.equals(challengeName)) {
final RegisterMfaContinuation continuation = new RegisterMfaContinuation(cognitoUser, context, usernameInternal, clientId, secretHash, challenge, runInBackground, callback);
nextTask = new Runnable() {
@Override
public void run() {
callback.authenticationChallenge(continuation);
}
};
} else if (CognitoServiceConstants.CHLG_TYPE_DEVICE_SRP_AUTH.equals(challengeName)) {
nextTask = deviceSrpAuthentication(clientMetadata, challenge, callback, runInBackground);
} else if (CognitoServiceConstants.CHLG_TYPE_NEW_PASSWORD_REQUIRED.equals(challengeName)) {
final NewPasswordContinuation newPasswordContinuation = new NewPasswordContinuation(cognitoUser, context, usernameInternal, clientId, CognitoSecretHash.getSecretHash(usernameInternal, clientId, clientSecret), challenge, runInBackground, callback);
nextTask = new Runnable() {
@Override
public void run() {
callback.authenticationChallenge(newPasswordContinuation);
}
};
} else {
final ChallengeContinuation challengeContinuation = new ChallengeContinuation(cognitoUser, context, usernameInternal, clientId, CognitoSecretHash.getSecretHash(usernameInternal, clientId, clientSecret), challenge, runInBackground, callback);
challengeContinuation.setClientMetaData(clientMetadata);
nextTask = new Runnable() {
@Override
public void run() {
callback.authenticationChallenge(challengeContinuation);
}
};
}
return nextTask;
}
Aggregations