/// <summary>
/// Returns a flag indicating whether the specified <paramref name="user"/> has two factor authentication enabled or not,
/// as an asynchronous operation.
/// </summary>
/// <param name="user">The user whose two factor authentication enabled status should be retrieved.</param>
/// <returns>
/// The <see cref="Task"/> that represents the asynchronous operation, containing a flag indicating whether the specified
/// <paramref name="user"/> has two factor authentication enabled or not.
/// </returns>
public virtual async Task <bool> GetTwoFactorEnabledAsync(TUser user, CancellationToken cancellationToken)
{
cancellationToken.ThrowIfCancellationRequested();
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
var request = new AdminGetUserRequest
{
Username = user.Username,
UserPoolId = _pool.PoolID
};
try
{
var userSettings = await _cognitoClient.AdminGetUserAsync(request, cancellationToken).ConfigureAwait(false);
return(userSettings.MFAOptions.Count > 0);
}
catch (AmazonCognitoIdentityProviderException e)
{
throw new CognitoServiceException("Failed to retrieve 2FA settings for the Cognito User", e);
}
}
public async Task <AdminGetUserResponse> GetUserInfo(string id)
{
var request = new AdminGetUserRequest
{
UserPoolId = Configurations.Cognito.CognitoPoolId,
Username = id
};
return(await provider.AdminGetUserAsync(request));
}
public Task <CognitoUser> FindByNameAsync(string userName)
{
// Register the user using Cognito
var getUserRequest = new AdminGetUserRequest()
{
Username = userName,
UserPoolId = _poolId
};
return(FindAsync(userName));
}
public string GetUserStatus(string email)
{
AdminGetUserRequest adminGetUserRequest = new AdminGetUserRequest
{
Username = email,
UserPoolId = _connectionInfo.UserPoolId
};
try
{
var response = _provider.AdminGetUserAsync(adminGetUserRequest).Result;
if (response.HttpStatusCode == HttpStatusCode.OK)
{
return(response.UserStatus);
}
}
catch (AggregateException e)
{
e.Handle((x) =>
{
if (x is NotAuthorizedException) // This we know how to handle.
{
LoggingHandler.LogError("Authentication Gateway: Invalid credentials provided.");
return(false);
}
if (x is UserNotFoundException) // This we know how to handle.
{
LoggingHandler.LogWarning("Authentication Gateway: User not found.");
return(true);
}
return(false);
});
return(null);
}
catch (Exception e)
{
LoggingHandler.LogError(e.Message);
LoggingHandler.LogError(e.StackTrace);
throw;
}
return(null);
}
async Task <bool> ILoginProvider.IsRegistered(string email)
{
var request = new AdminGetUserRequest
{
Username = email,
UserPoolId = _settngs.UserPoolId
};
try
{
await _client.AdminGetUserAsync(request);
return(true);
}
catch (UserNotFoundException)
{
_logger.LogInformation($"Failed to delete loginId {email} due to Exception");
return(false);
}
}
public async Task <string> FindUserAsync(string username)
{
try
{
var userRequest = new AdminGetUserRequest
{
Username = username,
UserPoolId = Constants.POOL_ID
};
var response = await client.AdminGetUserAsync(userRequest);
if (response.HttpStatusCode == HttpStatusCode.OK)
{
return(username);
}
}
catch (UserNotConfirmedException e) { Console.WriteLine(e.Message); }
catch (NotAuthorizedException e) { Console.WriteLine(e.Message); }
catch (Exception e) { Console.WriteLine(e.Message); }
return(null);
}
public async Task <IActionResult> GetUser()
{
//var userName = int.Parse(User.Identity.Name);
var cu = GetClaimedUser();
var cognito = new AmazonCognitoIdentityProviderClient(_region);
var request = new AdminGetUserRequest()
{
Username = cu.UserName,
UserPoolId = _poolId
};
//Various other cognito commands you can do
var cognitoUser = await cognito.AdminGetUserAsync(request);
//example get email
var email = cognitoUser.UserAttributes.Where(c => c.Name == "email").First().Value;
//Add user to group...
//await cognito.AdminAddUserToGroupAsync(request);
return(Ok(cognitoUser));
}
/// <summary>
/// SSH Key support, using admin API to fetch user details
/// </summary>
/// <param name="userName"></param>
/// <returns> CognitoUserCustomAttributes </returns>
private async Task <CognitoUserCustomAttributes> CognitoSshSupport(string userName)
{
var adminRequest = new AdminGetUserRequest
{
Username = userName,
UserPoolId = userPoolId
};
try
{
var adminGetUserResponse = await cognitoClient.AdminGetUserAsync(adminRequest);
var identityResponse = new CognitoUserCustomAttributes
{
Role = GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.Role),
HomeDirectoryDetails = GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.HomeDirectoryDetails),
HomeDirectory = GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.HomeDirectory),
HomeDirectoryType = CustomAttributeField.HomeDirectoryType,
PublicKeys = new List <string> {
GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.PublicKey)
},
Policy = GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.Policy)
};
// HomeDirectoryDetails to hide actual S3 path
identityResponse.HomeDirectoryType = identityResponse.HomeDirectoryDetails != null ? CustomAttributeField.HomeDirectoryType : null;
return(identityResponse);
}
catch (Exception ex)
{
return(new CognitoUserCustomAttributes
{
ErrorMessage = ex.Message
});
}
}
private async Task <CognitoUser> FindAsync(string userName)
{
// Register the user using Cognito
var getUserRequest = new AdminGetUserRequest()
{
Username = userName,
UserPoolId = _poolId
};
try
{
var result = await _client.AdminGetUserAsync(getUserRequest);
return(new CognitoUser
{
UserName = result.Username,
Status = result.UserStatus
});
}
catch (UserNotFoundException e)
{
return(null);
}
}
public void AdminGetUserAsync(AdminGetUserRequest request, AmazonServiceCallback <AdminGetUserRequest, AdminGetUserResponse> callback, AsyncOptions options = null)
{
throw new System.NotImplementedException();
}
