use of com.amazonaws.services.cognitoidentityprovider.model.RespondToAuthChallengeResult in project aws-sdk-android by aws-amplify.
the class CognitoUser method handleChallenge.
/**
* Determines the next step from the challenge. This takes an object of type
* {@link InitiateAuthResult} as parameter and creates an object of type
* {@link RespondToAuthChallengeResult} and calls
* {@code handleChallenge(RespondToAuthChallengeResult challenge, final AuthenticationHandler callback)}
* method.
*
* @param clientMetadata A map of custom key-value pairs that is passed to the lambda function for
* custom workflow.
* @param authResult REQUIRED: Result from the {@code initiateAuth(...)}
* method.
* @param callback REQUIRED: Callback for type {@link AuthenticationHandler}
* @param runInBackground REQUIRED: Boolean to indicate the current
* threading.
* @return {@link Runnable} for the next step in user authentication.
*/
private Runnable handleChallenge(final Map<String, String> clientMetadata, final InitiateAuthResult authResult, final AuthenticationDetails authenticationDetails, final AuthenticationHandler callback, final boolean runInBackground) {
try {
final RespondToAuthChallengeResult challenge = new RespondToAuthChallengeResult();
challenge.setChallengeName(authResult.getChallengeName());
challenge.setSession(authResult.getSession());
challenge.setAuthenticationResult(authResult.getAuthenticationResult());
challenge.setChallengeParameters(authResult.getChallengeParameters());
return handleChallenge(clientMetadata, challenge, authenticationDetails, callback, runInBackground);
} catch (final Exception e) {
return new Runnable() {
@Override
public void run() {
callback.onFailure(e);
}
};
}
}
use of com.amazonaws.services.cognitoidentityprovider.model.RespondToAuthChallengeResult in project aws-sdk-android by aws-amplify.
the class CognitoIdentityProviderSignInUserTest method init.
@Before
public void init() throws Exception {
// Initialization function
MockitoAnnotations.initMocks(this);
testPool = new CognitoUserPool(appContext, TEST_USER_POOL, TEST_CLIENT_ID, TEST_CLIENT_SECRET, mockCSIClient);
testUser = testPool.getUser(TEST_USER_NAME);
String challengeNameNull = null;
// Set challenge (response from service) for user SRP auth
Map<String, String> initUserSRPAuthchallengeParameters = new HashMap<String, String>();
initUserSRPAuthchallengeParameters.put("SRP_B", BigInteger.valueOf(3).toString(16));
initUserSRPAuthchallengeParameters.put("SALT", BigInteger.valueOf(3).toString(16));
initUserSRPAuthchallengeParameters.put("SECRET_BLOCK", "TEST_SECRET_BLOCK");
initUserSRPAuthchallengeParameters.put("USER_ID_FOR_SRP", TEST_USER_NAME);
initUserSRPAuthchallengeParameters.put("USERNAME", TEST_USER_NAME);
TEST_VALID_INITIATE_USER_SRP_AUTH_RESPONSE = new InitiateAuthResult();
TEST_VALID_INITIATE_USER_SRP_AUTH_RESPONSE.setChallengeName("PASSWORD_VERIFIER");
TEST_VALID_INITIATE_USER_SRP_AUTH_RESPONSE.setSession("DummySession");
TEST_VALID_INITIATE_USER_SRP_AUTH_RESPONSE.setChallengeParameters(initUserSRPAuthchallengeParameters);
TEST_VALID_INITIATE_USER_SRP_AUTH_RESPONSE.setAuthenticationResult(null);
// Set challenge (response from service) for user MFA challenge
Map<String, String> mfaChallengeParameters = new HashMap<String, String>();
mfaChallengeParameters.put("username", TEST_USER_NAME);
mfaChallengeParameters.put("CODE_DELIVERY_DESTINATION", TEST_CODE_DESTINA);
mfaChallengeParameters.put("CODE_DELIVERY_DELIVERY_MEDIUM", TEST_CODE_DEL_MED);
TEST_VALID_MFA_CHALLENGE_RESPONSE = new RespondToAuthChallengeResult();
TEST_VALID_MFA_CHALLENGE_RESPONSE.setChallengeName("SMS_MFA");
TEST_VALID_MFA_CHALLENGE_RESPONSE.setSession("DummyMFASession");
TEST_VALID_MFA_CHALLENGE_RESPONSE.setChallengeParameters(mfaChallengeParameters);
TEST_VALID_MFA_CHALLENGE_RESPONSE.setAuthenticationResult(null);
// Set challenge (response from service) for device authentication
Map<String, String> deviceAuthChallengeParameters = new HashMap<String, String>();
deviceAuthChallengeParameters.put("username", TEST_USER_NAME);
TEST_VALID_DEVICE_AUTH_RESPONSE = new RespondToAuthChallengeResult();
TEST_VALID_DEVICE_AUTH_RESPONSE.setChallengeName("DEVICE_SRP_AUTH");
TEST_VALID_DEVICE_AUTH_RESPONSE.setChallengeParameters(deviceAuthChallengeParameters);
TEST_VALID_DEVICE_AUTH_RESPONSE.setAuthenticationResult(null);
// Set challenge (response from service) for device SRP verification
Map<String, String> deviceSRPChallengeParameters = new HashMap<String, String>();
deviceSRPChallengeParameters.put("SRP_B", BigInteger.valueOf(3).toString(16));
deviceSRPChallengeParameters.put("SALT", BigInteger.valueOf(3).toString(16));
deviceSRPChallengeParameters.put("SECRET_BLOCK", "TEST_SECRET_BLOCK");
deviceSRPChallengeParameters.put("USERNAME", TEST_USER_NAME);
TEST_VALID_DEVICE_SRP_RESPONSE = new RespondToAuthChallengeResult();
TEST_VALID_DEVICE_SRP_RESPONSE.setChallengeName("DEVICE_SRP_AUTH");
TEST_VALID_DEVICE_SRP_RESPONSE.setChallengeParameters(deviceSRPChallengeParameters);
TEST_VALID_DEVICE_SRP_RESPONSE.setAuthenticationResult(null);
// Set challenge (response from service) with tokens and no device - for when authentication is successful
AuthenticationResultType tokensWithoutDevice = new AuthenticationResultType();
tokensWithoutDevice.setAccessToken(getValidJWT(3600L));
tokensWithoutDevice.setIdToken(getValidJWT(3600L));
tokensWithoutDevice.setRefreshToken(TEST_NEW_RTOKEN);
tokensWithoutDevice.setTokenType("DUMMY");
tokensWithoutDevice.setExpiresIn(10);
tokensWithoutDevice.setNewDeviceMetadata(null);
TEST_VALID_SUCCESSFUL_AUTH_RESPONSE = new RespondToAuthChallengeResult();
TEST_VALID_SUCCESSFUL_AUTH_RESPONSE.setChallengeName(challengeNameNull);
TEST_VALID_SUCCESSFUL_AUTH_RESPONSE.setChallengeParameters(null);
TEST_VALID_SUCCESSFUL_AUTH_RESPONSE.setAuthenticationResult(tokensWithoutDevice);
// Set challenge (response from service) with tokens and new device - for when authentication is successful
NewDeviceMetadataType newUserDevice = new NewDeviceMetadataType();
newUserDevice.setDeviceKey(TEST_DEVICE_KEY);
newUserDevice.setDeviceGroupKey(TEST_DEV_GRP_KEY);
AuthenticationResultType tokensWithNewDevice = new AuthenticationResultType();
tokensWithNewDevice.setAccessToken(getValidJWT(3600L));
tokensWithNewDevice.setIdToken(getValidJWT(3600L));
tokensWithNewDevice.setRefreshToken(TEST_NEW_RTOKEN);
tokensWithNewDevice.setTokenType("DUMMY");
tokensWithNewDevice.setExpiresIn(10);
tokensWithNewDevice.setNewDeviceMetadata(newUserDevice);
TEST_VALID_SUCCESSFUL_AUTH_WITH_NEW_DEVICE_RESPONSE = new RespondToAuthChallengeResult();
TEST_VALID_SUCCESSFUL_AUTH_WITH_NEW_DEVICE_RESPONSE.setChallengeName(challengeNameNull);
TEST_VALID_SUCCESSFUL_AUTH_WITH_NEW_DEVICE_RESPONSE.setChallengeParameters(null);
TEST_VALID_SUCCESSFUL_AUTH_WITH_NEW_DEVICE_RESPONSE.setAuthenticationResult(tokensWithNewDevice);
// Set challenge (response from service) for user SRP auth
Map<String, String> initUserPasswordAuthchallengeParameters = new HashMap<String, String>();
initUserSRPAuthchallengeParameters.put("USER_ID_FOR_SRP", TEST_USER_NAME);
initUserSRPAuthchallengeParameters.put("USERNAME", TEST_USER_NAME);
TEST_VALID_INITIATE_USER_PASSWORD_AUTH_RESPONSE = new InitiateAuthResult();
TEST_VALID_INITIATE_USER_PASSWORD_AUTH_RESPONSE.setChallengeName("PASSWORD_VERIFIER");
TEST_VALID_INITIATE_USER_PASSWORD_AUTH_RESPONSE.setSession("DummySession");
TEST_VALID_INITIATE_USER_PASSWORD_AUTH_RESPONSE.setChallengeParameters(initUserPasswordAuthchallengeParameters);
TEST_VALID_INITIATE_USER_PASSWORD_AUTH_RESPONSE.setAuthenticationResult(tokensWithoutDevice);
awsKeyValueStorageUtility = getAWSKeyValueStorageUtility(testPool);
}
use of com.amazonaws.services.cognitoidentityprovider.model.RespondToAuthChallengeResult in project aws-sdk-android by aws-amplify.
the class CognitoUser method deviceSrpAuthentication.
/**
* Performs device SRP authentication to identify remembered devices.
* Restarts authentication if the device verification does not succeed.
*
* @param clientMetadata A map of custom key-value pairs that is passed to the lambda function for
* custom workflow.
* @param challenge REQUIRED: {@link RespondToAuthChallengeResult}, contains
* the current challenge.
* @param callback REQUIRED: {@link AuthenticationHandler} callback.
* @param runInBackground REQUIRED: Boolean to indicate the current
* threading.
* @return {@link Runnable} for the next step in user authentication.
*/
private Runnable deviceSrpAuthentication(final Map<String, String> clientMetadata, final RespondToAuthChallengeResult challenge, final AuthenticationHandler callback, final boolean runInBackground) {
final String deviceSecret = CognitoDeviceHelper.getDeviceSecret(usernameInternal, pool.getUserPoolId(), context);
final String deviceGroupKey = CognitoDeviceHelper.getDeviceGroupKey(usernameInternal, pool.getUserPoolId(), context);
final AuthenticationHelper authenticationHelper = new AuthenticationHelper(deviceGroupKey);
final RespondToAuthChallengeRequest devicesAuthRequest = initiateDevicesAuthRequest(clientMetadata, challenge, authenticationHelper);
try {
final RespondToAuthChallengeResult initiateDeviceAuthResult = cognitoIdentityProviderClient.respondToAuthChallenge(devicesAuthRequest);
if (CognitoServiceConstants.CHLG_TYPE_DEVICE_PASSWORD_VERIFIER.equals(initiateDeviceAuthResult.getChallengeName())) {
final RespondToAuthChallengeRequest challengeResponse = deviceSrpAuthRequest(clientMetadata, initiateDeviceAuthResult, deviceSecret, deviceGroupKey, authenticationHelper);
final RespondToAuthChallengeResult deviceSRPAuthResult = cognitoIdentityProviderClient.respondToAuthChallenge(challengeResponse);
return handleChallenge(clientMetadata, deviceSRPAuthResult, null, callback, runInBackground);
} else {
return handleChallenge(clientMetadata, initiateDeviceAuthResult, null, callback, runInBackground);
}
} catch (final NotAuthorizedException na) {
final CognitoUser cognitoUser = this;
CognitoDeviceHelper.clearCachedDevice(usernameInternal, pool.getUserPoolId(), context);
return new Runnable() {
@Override
public void run() {
final AuthenticationContinuation authenticationContinuation = new AuthenticationContinuation(cognitoUser, context, runInBackground, callback);
authenticationContinuation.setClientMetaData(clientMetadata);
callback.getAuthenticationDetails(authenticationContinuation, cognitoUser.getUserId());
}
};
} catch (final Exception e) {
return new Runnable() {
@Override
public void run() {
callback.onFailure(e);
}
};
}
}
use of com.amazonaws.services.cognitoidentityprovider.model.RespondToAuthChallengeResult in project aws-sdk-android by aws-amplify.
the class CognitoUserPoolTest method setupMock.
private void setupMock(String userName) {
HashMap<String, String> parameters = new HashMap<>();
parameters.put(CognitoServiceConstants.CHLG_PARAM_USERNAME, userName);
parameters.put(CognitoServiceConstants.CHLG_PARAM_SRP_B, "1");
parameters.put(CognitoServiceConstants.CHLG_PARAM_SALT, "1234");
parameters.put(CognitoServiceConstants.CHLG_PARAM_USER_ID_FOR_SRP, userName);
when(mockProvider.initiateAuth(any(InitiateAuthRequest.class))).thenAnswer(answer -> {
Log.i("Test", "Inside mock initiateAuth");
return new InitiateAuthResult().withChallengeName(CognitoServiceConstants.CHLG_TYPE_USER_PASSWORD_VERIFIER).withChallengeParameters(parameters);
});
when(mockProvider.respondToAuthChallenge(any(RespondToAuthChallengeRequest.class))).thenAnswer(answer -> {
String validJWT = getValidJWT(360);
return new RespondToAuthChallengeResult().withAuthenticationResult(new AuthenticationResultType().withAccessToken(validJWT).withIdToken(validJWT));
});
}
use of com.amazonaws.services.cognitoidentityprovider.model.RespondToAuthChallengeResult in project aws-sdk-android by aws-amplify.
the class MultiFactorAuthenticationContinuationTest method setMetadataAndContinueTask.
/**
* What happens when we try to pass client metadata into the handler?
* @throws InterruptedException If {@link CountDownRunnable} is interrupted while pending result
*/
@Test
public void setMetadataAndContinueTask() throws InterruptedException {
AuthenticationHandler handler = mock(AuthenticationHandler.class);
CognitoUser user = mock(CognitoUser.class);
String mfaCode = "mfa";
Map<String, String> metadata = Collections.singletonMap("blacklives", "matter");
RespondToAuthChallengeResult result = new RespondToAuthChallengeResult();
MultiFactorAuthenticationContinuation multiFactorAuthenticationContinuation = new MultiFactorAuthenticationContinuation(user, getApplicationContext(), result, false, handler);
multiFactorAuthenticationContinuation.setClientMetaData(metadata);
multiFactorAuthenticationContinuation.setMfaCode(mfaCode);
CountDownRunnable countDownRunnable = CountDownRunnable.create();
doReturn(countDownRunnable).when(user).respondToMfaChallenge(eq(metadata), eq(mfaCode), eq(result), eq(handler), eq(false));
// Act: continue task
multiFactorAuthenticationContinuation.continueTask();
// Assert: action was invoked
assertTrue(countDownRunnable.await(5, TimeUnit.SECONDS));
assertEquals(metadata, multiFactorAuthenticationContinuation.getClientMetaData());
}
Aggregations