use of com.amazonaws.services.cognitoidentityprovider.model.NotAuthorizedException in project aws-sdk-android by aws-amplify.
the class CognitoUser method getCachedSession.
/**
* Call this method for valid, cached tokens for this user.
*
* @return Valid, cached tokens {@link CognitoUserSession}. {@code null}
* otherwise.
*/
protected CognitoUserSession getCachedSession() {
synchronized (GET_CACHED_SESSION_LOCK) {
if (userId == null) {
throw new CognitoNotAuthorizedException("User-ID is null");
}
if (cipSession != null) {
if (cipSession.isValidForThreshold()) {
cacheLastAuthUser();
return cipSession;
}
}
final CognitoUserSession cognitoUserSessionFromStore = readCachedTokens();
if (cognitoUserSessionFromStore.isValidForThreshold()) {
cipSession = cognitoUserSessionFromStore;
cacheLastAuthUser();
return cipSession;
}
if (cognitoUserSessionFromStore.getRefreshToken() != null) {
try {
cipSession = refreshSession(cognitoUserSessionFromStore);
cacheTokens(cipSession);
return cipSession;
} catch (final NotAuthorizedException nae) {
clearCachedTokens();
throw new CognitoNotAuthorizedException("User is not authenticated", nae);
} catch (final UserNotFoundException unfe) {
clearCachedTokens();
throw new CognitoNotAuthorizedException("User does not exist", unfe);
} catch (final Exception e) {
throw new CognitoInternalErrorException("Failed to authenticate user", e);
}
}
throw new CognitoNotAuthorizedException("User is not authenticated");
}
}
use of com.amazonaws.services.cognitoidentityprovider.model.NotAuthorizedException in project aws-sdk-android by aws-amplify.
the class NotAuthorizedExceptionUnmarshaller method unmarshall.
@Override
public AmazonServiceException unmarshall(JsonErrorResponse error) throws Exception {
NotAuthorizedException e = (NotAuthorizedException) super.unmarshall(error);
e.setErrorCode("NotAuthorizedException");
return e;
}
use of com.amazonaws.services.cognitoidentityprovider.model.NotAuthorizedException in project aws-sdk-android by aws-amplify.
the class CognitoUser method deviceSrpAuthentication.
/**
* Performs device SRP authentication to identify remembered devices.
* Restarts authentication if the device verification does not succeed.
*
* @param clientMetadata A map of custom key-value pairs that is passed to the lambda function for
* custom workflow.
* @param challenge REQUIRED: {@link RespondToAuthChallengeResult}, contains
* the current challenge.
* @param callback REQUIRED: {@link AuthenticationHandler} callback.
* @param runInBackground REQUIRED: Boolean to indicate the current
* threading.
* @return {@link Runnable} for the next step in user authentication.
*/
private Runnable deviceSrpAuthentication(final Map<String, String> clientMetadata, final RespondToAuthChallengeResult challenge, final AuthenticationHandler callback, final boolean runInBackground) {
final String deviceSecret = CognitoDeviceHelper.getDeviceSecret(usernameInternal, pool.getUserPoolId(), context);
final String deviceGroupKey = CognitoDeviceHelper.getDeviceGroupKey(usernameInternal, pool.getUserPoolId(), context);
final AuthenticationHelper authenticationHelper = new AuthenticationHelper(deviceGroupKey);
final RespondToAuthChallengeRequest devicesAuthRequest = initiateDevicesAuthRequest(clientMetadata, challenge, authenticationHelper);
try {
final RespondToAuthChallengeResult initiateDeviceAuthResult = cognitoIdentityProviderClient.respondToAuthChallenge(devicesAuthRequest);
if (CognitoServiceConstants.CHLG_TYPE_DEVICE_PASSWORD_VERIFIER.equals(initiateDeviceAuthResult.getChallengeName())) {
final RespondToAuthChallengeRequest challengeResponse = deviceSrpAuthRequest(clientMetadata, initiateDeviceAuthResult, deviceSecret, deviceGroupKey, authenticationHelper);
final RespondToAuthChallengeResult deviceSRPAuthResult = cognitoIdentityProviderClient.respondToAuthChallenge(challengeResponse);
return handleChallenge(clientMetadata, deviceSRPAuthResult, null, callback, runInBackground);
} else {
return handleChallenge(clientMetadata, initiateDeviceAuthResult, null, callback, runInBackground);
}
} catch (final NotAuthorizedException na) {
final CognitoUser cognitoUser = this;
CognitoDeviceHelper.clearCachedDevice(usernameInternal, pool.getUserPoolId(), context);
return new Runnable() {
@Override
public void run() {
final AuthenticationContinuation authenticationContinuation = new AuthenticationContinuation(cognitoUser, context, runInBackground, callback);
authenticationContinuation.setClientMetaData(clientMetadata);
callback.getAuthenticationDetails(authenticationContinuation, cognitoUser.getUserId());
}
};
} catch (final Exception e) {
return new Runnable() {
@Override
public void run() {
callback.onFailure(e);
}
};
}
}
use of com.amazonaws.services.cognitoidentityprovider.model.NotAuthorizedException in project aws-sdk-android by aws-amplify.
the class AWSMobileClientTest method testRevokeTokenWithSignedInUser.
@Test
public void testRevokeTokenWithSignedInUser() throws Exception {
auth.signIn(username, PASSWORD, null);
assertTrue("isSignedIn is true", auth.isSignedIn());
final AtomicReference<Boolean> tokenRevoked = new AtomicReference<Boolean>(false);
final CountDownLatch revokeTokenLatch = new CountDownLatch(2);
final CognitoUser user = userPool.getCurrentUser();
user.getSession(new AuthenticationHandler() {
@Override
public void onSuccess(CognitoUserSession userSession, CognitoDevice newDevice) {
revokeTokenLatch.countDown();
}
@Override
public void getAuthenticationDetails(AuthenticationContinuation authenticationContinuation, String userId) {
}
@Override
public void getMFACode(MultiFactorAuthenticationContinuation continuation) {
}
@Override
public void authenticationChallenge(ChallengeContinuation continuation) {
}
@Override
public void onFailure(Exception exception) {
exception.printStackTrace();
fail("Sign in failed.");
}
});
user.getDetails(new GetDetailsHandler() {
@Override
public void onSuccess(CognitoUserDetails cognitoUserDetails) {
revokeTokenLatch.countDown();
}
@Override
public void onFailure(Exception exception) {
exception.printStackTrace();
fail("Get user details failed.");
}
});
try {
user.revokeTokens();
tokenRevoked.set(true);
} catch (Exception e) {
e.printStackTrace();
}
revokeTokenLatch.await(5, TimeUnit.SECONDS);
assertTrue(tokenRevoked.get());
user.getDetails(new GetDetailsHandler() {
@Override
public void onSuccess(CognitoUserDetails cognitoUserDetails) {
fail("Request to get user details should fail with NotAuthorizedException after token is revoked.");
}
@Override
public void onFailure(Exception exception) {
assertTrue(exception instanceof NotAuthorizedException);
}
});
}
Aggregations