/// <summary>
        ///    Change password by current user , with  username  and password
        /// </summary>
        /// <param name="request"></param>
        /// <returns></returns>
        public bool ChangePassword(ApiChangePasswordRequest request)
        {
            using var userProvider = GetCognitoIdentityProvider();
            CognitoUser user = GetUser(request.UserName, userProvider);

            InitiateSrpAuthRequest authRequest = new InitiateSrpAuthRequest()
            {
                Password = request.PreviewPassword
            };

            var authResponse = user.StartWithSrpAuthAsync(authRequest).GetAwaiter().GetResult();

            if (authResponse.ChallengeName == ChallengeNameType.NEW_PASSWORD_REQUIRED)
            {
                var result2 = user.RespondToNewPasswordRequiredAsync(new RespondToNewPasswordRequiredRequest()
                {
                    SessionID   = authResponse.SessionID,
                    NewPassword = request.NewPassword
                }).ConfigureAwait(false).GetAwaiter().GetResult();
            }

            var task = user.ChangePasswordAsync(request.PreviewPassword, request.NewPassword).GetAwaiter();

            task.GetResult();

            return(true);
        }
Beispiel #2
0
        private async Task <AuthEventEnum> NextChallenge(AuthEventEnum lastAuthEventEnum = AuthEventEnum.AuthChallenge)
        {
            try
            {
                if (!HasChallenge)
                {
                    switch (CurrentAuthProcess)
                    {
                    case AuthProcessEnum.None:
                        return(AuthEventEnum.Alert_NothingToDo);

                    case AuthProcessEnum.ResettingPassword:

                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.PasswordResetDone);

                    case AuthProcessEnum.SigningUp:

                        if (HasChallenge)
                        {
                            return(AuthEventEnum.AuthChallenge);
                        }

                        if (!IsLoginFormatOk)
                        {
                            AuthChallengeList.Add(AuthChallengeEnum.Login);
                        }
                        else
                        if (!IsPasswordFormatOk)
                        {
                            AuthChallengeList.Add(AuthChallengeEnum.Password);
                        }
                        else
                        if (!IsEmailFormatOk)
                        {
                            AuthChallengeList.Add(AuthChallengeEnum.Email);
                        }

                        if (HasChallenge)
                        {
                            return(AuthEventEnum.AuthChallenge);
                        }

                        if (!IsCodeVerified)
                        {
                            // Request Auth Code
                            var signUpRequest = new SignUpRequest()
                            {
                                ClientId = clientId,
                                Password = password,
                                Username = login
                            };

                            signUpRequest.UserAttributes.Add(
                                new AttributeType()
                            {
                                Name  = "email",
                                Value = email
                            });

                            // This call may throw an exception
                            var result = await providerClient.SignUpAsync(signUpRequest).ConfigureAwait(false);

                            if (!AuthChallengeList.Contains(AuthChallengeEnum.Code))
                            {
                                AuthChallengeList.Add(AuthChallengeEnum.Code);
                            }

                            return(AuthEventEnum.AuthChallenge);
                        }

                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.SignedUp);

                    case AuthProcessEnum.SigningIn:
                        if (authFlowResponse != null && authFlowResponse.ChallengeName == ChallengeNameType.NEW_PASSWORD_REQUIRED)     // Update Passsword
                        {
                            if (!AuthChallengeList.Contains(AuthChallengeEnum.NewPassword))
                            {
                                AuthChallengeList.Add(AuthChallengeEnum.NewPassword);
                            }
                            authFlowResponse = null;
                            return(AuthEventEnum.AuthChallenge);
                        }

                        // Grab JWT from login to User Pools to extract User Pool Identity
                        //var token = new JwtSecurityToken(jwtEncodedString: CognitoUser.SessionTokens.IdToken);
                        //UpIdentity = token.Claims.First(c => c.Type == "sub").Value; // JWT sub cliam contains User Pool Identity

                        //// Note: creates Identity Pool identity if it doesn't exist
                        Credentials = CognitoUser.GetCognitoAWSCredentials(identityPoolId, regionEndpoint);

                        IsSignedIn         = true;
                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.SignedIn);

                    case AuthProcessEnum.UpdatingEmail:
                        if (!IsCodeVerified)
                        {
                            AuthChallengeList.Add(AuthChallengeEnum.Code);
                            return(AuthEventEnum.VerificationCodeSent);
                        }

                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.EmailUpdateDone);

                    case AuthProcessEnum.UpdatingPassword:
                        await CognitoUser.ChangePasswordAsync(password, newPassword).ConfigureAwait(false);

                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.PasswordUpdateDone);

                    case AuthProcessEnum.UpdatingPhone:
                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.PhoneUpdateDone);
                    }
                }
            }
            catch (UsernameExistsException) { return(AuthEventEnum.Alert_LoginAlreadyUsed); }
            catch (InvalidParameterException) { return(AuthEventEnum.Alert_InternalProcessError); }
            catch (InvalidPasswordException) { return(AuthEventEnum.Alert_PasswordFormatRequirementsFailed); }
            catch (TooManyRequestsException) { return(AuthEventEnum.Alert_TooManyAttempts); }
            catch (TooManyFailedAttemptsException) { return(AuthEventEnum.Alert_TooManyAttempts); }
            catch (PasswordResetRequiredException) { return(AuthEventEnum.Alert_PasswordResetRequiredException); }
            catch (Exception e)
            {
                Debug.WriteLine($"SignUp() threw an exception {e}");
                return(AuthEventEnum.Alert_Unknown);
            }

            return(lastAuthEventEnum);
        }