Examples with NewDeviceMetadataType com.amazonaws.services.cognitoidentityprovider.model.NewDeviceMetadataType used on opensource projects

Example 1 with NewDeviceMetadataType

use of com.amazonaws.services.cognitoidentityprovider.model.NewDeviceMetadataType in project aws-sdk-android by aws-amplify.

the class CognitoUser method handleChallenge.

/**
 * Find the next step from the challenge. This is an important step in the
 * generic authentication flow. After the responding to a challenge, the
 * results are analyzed here to determine the next step in the
 * authentication process. Like all other methods in this SDK, this is
 * designed to work with Continuation objects. This method returns a
 * {@link Runnable} with the code to be executed, for the next step, to the
 * invoking Continuation. The possible steps are 1) Authentication was
 * successful and we have the tokens, in this case we call
 * {@code onSuccess()} to return the tokens. 2) User password is required,
 * an AuthenticationContinuation is created. 3) MFA validation is required,
 * a MultiFactorAuthenticationContinuation object is created. 4) Other
 * generic challenge, the challenge details are passed to the user.
 *
 * @param challenge REQUIRED: Current challenge details,
 *            {@link RespondToAuthChallengeResult}.
 * @param authenticationDetails OPTIONAL: This is used in the PASSWORD_VERIFIER challenge
 * @param callback REQUIRED: {@link AuthenticationDetails} callback.
 * @param runInBackground REQUIRED: Boolean to indicate the current
 *            threading.
 * @return {@link Runnable} for the next step in user authentication.
 */
private Runnable handleChallenge(final Map<String, String> clientMetadata, final RespondToAuthChallengeResult challenge, final AuthenticationDetails authenticationDetails, final AuthenticationHandler callback, final boolean runInBackground) {
    Runnable nextTask;
    final CognitoUser cognitoUser = this;
    nextTask = new Runnable() {

        @Override
        public void run() {
            callback.onFailure(new CognitoInternalErrorException("Authentication failed due to an internal error"));
        }
    };
    if (challenge == null) {
        return nextTask;
    }
    updateInternalUsername(challenge.getChallengeParameters());
    final String challengeName = challenge.getChallengeName();
    if (challengeName == null) {
        final CognitoUserSession cognitoUserSession = getCognitoUserSession(challenge.getAuthenticationResult());
        cacheTokens(cognitoUserSession);
        final NewDeviceMetadataType newDeviceMetadata = challenge.getAuthenticationResult().getNewDeviceMetadata();
        if (newDeviceMetadata == null) {
            nextTask = new Runnable() {

                @Override
                public void run() {
                    callback.onSuccess(cognitoUserSession, null);
                }
            };
        } else {
            final ConfirmDeviceResult confirmDeviceResult = confirmDevice(newDeviceMetadata);
            if (confirmDeviceResult != null && confirmDeviceResult.isUserConfirmationNecessary()) {
                final CognitoDevice newDevice = new CognitoDevice(newDeviceMetadata.getDeviceKey(), null, null, null, null, cognitoUser, context);
                nextTask = new Runnable() {

                    @Override
                    public void run() {
                        callback.onSuccess(cognitoUserSession, newDevice);
                    }
                };
            } else {
                nextTask = new Runnable() {

                    @Override
                    public void run() {
                        callback.onSuccess(cognitoUserSession, null);
                    }
                };
            }
        }
    } else if (CognitoServiceConstants.CHLG_TYPE_USER_PASSWORD_VERIFIER.equals(challengeName)) {
        return new Runnable() {

            @Override
            public void run() {
                callback.onFailure(new CognitoInternalErrorException("Authentication failed due to an internal error: " + "PASSWORD_VERIFIER challenge encountered not at the " + "start of authentication flow"));
            }
        };
    } else if (CognitoServiceConstants.CHLG_TYPE_SMS_MFA.equals(challengeName) || CognitoServiceConstants.CHLG_TYPE_SOFTWARE_TOKEN_MFA.equals(challengeName)) {
        final MultiFactorAuthenticationContinuation multiFactorAuthenticationContinuation = new MultiFactorAuthenticationContinuation(cognitoUser, context, challenge, runInBackground, callback);
        multiFactorAuthenticationContinuation.setClientMetaData(clientMetadata);
        nextTask = new Runnable() {

            @Override
            public void run() {
                callback.getMFACode(multiFactorAuthenticationContinuation);
            }
        };
    } else if (CognitoServiceConstants.CHLG_TYPE_SELECT_MFA_TYPE.equals(challengeName)) {
        final ChooseMfaContinuation continuation = new ChooseMfaContinuation(cognitoUser, context, usernameInternal, clientId, secretHash, challenge, runInBackground, callback);
        nextTask = new Runnable() {

            @Override
            public void run() {
                callback.authenticationChallenge(continuation);
            }
        };
    } else if (CognitoServiceConstants.CHLG_TYPE_MFA_SETUP.equals(challengeName)) {
        final RegisterMfaContinuation continuation = new RegisterMfaContinuation(cognitoUser, context, usernameInternal, clientId, secretHash, challenge, runInBackground, callback);
        nextTask = new Runnable() {

            @Override
            public void run() {
                callback.authenticationChallenge(continuation);
            }
        };
    } else if (CognitoServiceConstants.CHLG_TYPE_DEVICE_SRP_AUTH.equals(challengeName)) {
        nextTask = deviceSrpAuthentication(clientMetadata, challenge, callback, runInBackground);
    } else if (CognitoServiceConstants.CHLG_TYPE_NEW_PASSWORD_REQUIRED.equals(challengeName)) {
        final NewPasswordContinuation newPasswordContinuation = new NewPasswordContinuation(cognitoUser, context, usernameInternal, clientId, CognitoSecretHash.getSecretHash(usernameInternal, clientId, clientSecret), challenge, runInBackground, callback);
        nextTask = new Runnable() {

            @Override
            public void run() {
                callback.authenticationChallenge(newPasswordContinuation);
            }
        };
    } else {
        final ChallengeContinuation challengeContinuation = new ChallengeContinuation(cognitoUser, context, usernameInternal, clientId, CognitoSecretHash.getSecretHash(usernameInternal, clientId, clientSecret), challenge, runInBackground, callback);
        challengeContinuation.setClientMetaData(clientMetadata);
        nextTask = new Runnable() {

            @Override
            public void run() {
                callback.authenticationChallenge(challengeContinuation);
            }
        };
    }
    return nextTask;
}

Example 2 with NewDeviceMetadataType

use of com.amazonaws.services.cognitoidentityprovider.model.NewDeviceMetadataType in project aws-sdk-android by aws-amplify.

the class CognitoIdentityProviderSignInUserTest method init.

@Before
public void init() throws Exception {
    // Initialization function
    MockitoAnnotations.initMocks(this);
    testPool = new CognitoUserPool(appContext, TEST_USER_POOL, TEST_CLIENT_ID, TEST_CLIENT_SECRET, mockCSIClient);
    testUser = testPool.getUser(TEST_USER_NAME);
    String challengeNameNull = null;
    // Set challenge (response from service) for user SRP auth
    Map<String, String> initUserSRPAuthchallengeParameters = new HashMap<String, String>();
    initUserSRPAuthchallengeParameters.put("SRP_B", BigInteger.valueOf(3).toString(16));
    initUserSRPAuthchallengeParameters.put("SALT", BigInteger.valueOf(3).toString(16));
    initUserSRPAuthchallengeParameters.put("SECRET_BLOCK", "TEST_SECRET_BLOCK");
    initUserSRPAuthchallengeParameters.put("USER_ID_FOR_SRP", TEST_USER_NAME);
    initUserSRPAuthchallengeParameters.put("USERNAME", TEST_USER_NAME);
    TEST_VALID_INITIATE_USER_SRP_AUTH_RESPONSE = new InitiateAuthResult();
    TEST_VALID_INITIATE_USER_SRP_AUTH_RESPONSE.setChallengeName("PASSWORD_VERIFIER");
    TEST_VALID_INITIATE_USER_SRP_AUTH_RESPONSE.setSession("DummySession");
    TEST_VALID_INITIATE_USER_SRP_AUTH_RESPONSE.setChallengeParameters(initUserSRPAuthchallengeParameters);
    TEST_VALID_INITIATE_USER_SRP_AUTH_RESPONSE.setAuthenticationResult(null);
    // Set challenge (response from service) for user MFA challenge
    Map<String, String> mfaChallengeParameters = new HashMap<String, String>();
    mfaChallengeParameters.put("username", TEST_USER_NAME);
    mfaChallengeParameters.put("CODE_DELIVERY_DESTINATION", TEST_CODE_DESTINA);
    mfaChallengeParameters.put("CODE_DELIVERY_DELIVERY_MEDIUM", TEST_CODE_DEL_MED);
    TEST_VALID_MFA_CHALLENGE_RESPONSE = new RespondToAuthChallengeResult();
    TEST_VALID_MFA_CHALLENGE_RESPONSE.setChallengeName("SMS_MFA");
    TEST_VALID_MFA_CHALLENGE_RESPONSE.setSession("DummyMFASession");
    TEST_VALID_MFA_CHALLENGE_RESPONSE.setChallengeParameters(mfaChallengeParameters);
    TEST_VALID_MFA_CHALLENGE_RESPONSE.setAuthenticationResult(null);
    // Set challenge (response from service) for device authentication
    Map<String, String> deviceAuthChallengeParameters = new HashMap<String, String>();
    deviceAuthChallengeParameters.put("username", TEST_USER_NAME);
    TEST_VALID_DEVICE_AUTH_RESPONSE = new RespondToAuthChallengeResult();
    TEST_VALID_DEVICE_AUTH_RESPONSE.setChallengeName("DEVICE_SRP_AUTH");
    TEST_VALID_DEVICE_AUTH_RESPONSE.setChallengeParameters(deviceAuthChallengeParameters);
    TEST_VALID_DEVICE_AUTH_RESPONSE.setAuthenticationResult(null);
    // Set challenge (response from service) for device SRP verification
    Map<String, String> deviceSRPChallengeParameters = new HashMap<String, String>();
    deviceSRPChallengeParameters.put("SRP_B", BigInteger.valueOf(3).toString(16));
    deviceSRPChallengeParameters.put("SALT", BigInteger.valueOf(3).toString(16));
    deviceSRPChallengeParameters.put("SECRET_BLOCK", "TEST_SECRET_BLOCK");
    deviceSRPChallengeParameters.put("USERNAME", TEST_USER_NAME);
    TEST_VALID_DEVICE_SRP_RESPONSE = new RespondToAuthChallengeResult();
    TEST_VALID_DEVICE_SRP_RESPONSE.setChallengeName("DEVICE_SRP_AUTH");
    TEST_VALID_DEVICE_SRP_RESPONSE.setChallengeParameters(deviceSRPChallengeParameters);
    TEST_VALID_DEVICE_SRP_RESPONSE.setAuthenticationResult(null);
    // Set challenge (response from service) with tokens and no device - for when authentication is successful
    AuthenticationResultType tokensWithoutDevice = new AuthenticationResultType();
    tokensWithoutDevice.setAccessToken(getValidJWT(3600L));
    tokensWithoutDevice.setIdToken(getValidJWT(3600L));
    tokensWithoutDevice.setRefreshToken(TEST_NEW_RTOKEN);
    tokensWithoutDevice.setTokenType("DUMMY");
    tokensWithoutDevice.setExpiresIn(10);
    tokensWithoutDevice.setNewDeviceMetadata(null);
    TEST_VALID_SUCCESSFUL_AUTH_RESPONSE = new RespondToAuthChallengeResult();
    TEST_VALID_SUCCESSFUL_AUTH_RESPONSE.setChallengeName(challengeNameNull);
    TEST_VALID_SUCCESSFUL_AUTH_RESPONSE.setChallengeParameters(null);
    TEST_VALID_SUCCESSFUL_AUTH_RESPONSE.setAuthenticationResult(tokensWithoutDevice);
    // Set challenge (response from service) with tokens and new device - for when authentication is successful
    NewDeviceMetadataType newUserDevice = new NewDeviceMetadataType();
    newUserDevice.setDeviceKey(TEST_DEVICE_KEY);
    newUserDevice.setDeviceGroupKey(TEST_DEV_GRP_KEY);
    AuthenticationResultType tokensWithNewDevice = new AuthenticationResultType();
    tokensWithNewDevice.setAccessToken(getValidJWT(3600L));
    tokensWithNewDevice.setIdToken(getValidJWT(3600L));
    tokensWithNewDevice.setRefreshToken(TEST_NEW_RTOKEN);
    tokensWithNewDevice.setTokenType("DUMMY");
    tokensWithNewDevice.setExpiresIn(10);
    tokensWithNewDevice.setNewDeviceMetadata(newUserDevice);
    TEST_VALID_SUCCESSFUL_AUTH_WITH_NEW_DEVICE_RESPONSE = new RespondToAuthChallengeResult();
    TEST_VALID_SUCCESSFUL_AUTH_WITH_NEW_DEVICE_RESPONSE.setChallengeName(challengeNameNull);
    TEST_VALID_SUCCESSFUL_AUTH_WITH_NEW_DEVICE_RESPONSE.setChallengeParameters(null);
    TEST_VALID_SUCCESSFUL_AUTH_WITH_NEW_DEVICE_RESPONSE.setAuthenticationResult(tokensWithNewDevice);
    // Set challenge (response from service) for user SRP auth
    Map<String, String> initUserPasswordAuthchallengeParameters = new HashMap<String, String>();
    initUserSRPAuthchallengeParameters.put("USER_ID_FOR_SRP", TEST_USER_NAME);
    initUserSRPAuthchallengeParameters.put("USERNAME", TEST_USER_NAME);
    TEST_VALID_INITIATE_USER_PASSWORD_AUTH_RESPONSE = new InitiateAuthResult();
    TEST_VALID_INITIATE_USER_PASSWORD_AUTH_RESPONSE.setChallengeName("PASSWORD_VERIFIER");
    TEST_VALID_INITIATE_USER_PASSWORD_AUTH_RESPONSE.setSession("DummySession");
    TEST_VALID_INITIATE_USER_PASSWORD_AUTH_RESPONSE.setChallengeParameters(initUserPasswordAuthchallengeParameters);
    TEST_VALID_INITIATE_USER_PASSWORD_AUTH_RESPONSE.setAuthenticationResult(tokensWithoutDevice);
    awsKeyValueStorageUtility = getAWSKeyValueStorageUtility(testPool);
}