// Make the user's unique id available for GameLift APIs, linking saved data to user, etc
public string GetUsersId()
{
// Debug.Log("GetUserId: [" + _userid + "]");
if (_userid == null || _userid == "")
{
// load userid from cached session
UserSessionCache userSessionCache = new UserSessionCache();
SaveDataManager.LoadJsonData(userSessionCache);
_userid = userSessionCache.getUserId();
}
return(_userid);
}
public async Task <bool> Login(string email, string password)
{
// Debug.Log("Login: "******", " + password);
CognitoUserPool userPool = new CognitoUserPool(userPoolId, AppClientID, _provider);
CognitoUser user = new CognitoUser(email, AppClientID, userPool, _provider);
InitiateSrpAuthRequest authRequest = new InitiateSrpAuthRequest()
{
Password = password
};
try
{
AuthFlowResponse authFlowResponse = await user.StartWithSrpAuthAsync(authRequest).ConfigureAwait(false);
_userid = await GetUserIdFromProvider(authFlowResponse.AuthenticationResult.AccessToken);
// Debug.Log("Users unique ID from cognito: " + _userid);
UserSessionCache userSessionCache = new UserSessionCache(
authFlowResponse.AuthenticationResult.IdToken,
authFlowResponse.AuthenticationResult.AccessToken,
authFlowResponse.AuthenticationResult.RefreshToken,
_userid);
SaveDataManager.SaveJsonData(userSessionCache);
// This how you get credentials to use for accessing other services.
// This IdentityPool is your Authorization, so if you tried to access using an
// IdentityPool that didn't have the policy to access your target AWS service, it would fail.
_cognitoAWSCredentials = user.GetCognitoAWSCredentials(IdentityPool, Region);
_user = user;
return(true);
}
catch (Exception e)
{
Debug.Log("Login failed, exception: " + e);
return(false);
}
}
public async Task <bool> RefreshSession()
{
Debug.Log("RefreshSession");
DateTime issued = DateTime.Now;
UserSessionCache userSessionCache = new UserSessionCache();
SaveDataManager.LoadJsonData(userSessionCache);
if (userSessionCache != null && userSessionCache._refreshToken != null && userSessionCache._refreshToken != "")
{
try
{
CognitoUserPool userPool = new CognitoUserPool(userPoolId, AppClientID, _provider);
// apparently the username field can be left blank for a token refresh request
CognitoUser user = new CognitoUser("", AppClientID, userPool, _provider);
// The "Refresh token expiration (days)" (Cognito->UserPool->General Settings->App clients->Show Details) is the
// amount of time since the last login that you can use the refresh token to get new tokens. After that period the refresh
// will fail Using DateTime.Now.AddHours(1) is a workaround for https://github.com/aws/aws-sdk-net-extensions-cognito/issues/24
user.SessionTokens = new CognitoUserSession(
userSessionCache.getIdToken(),
userSessionCache.getAccessToken(),
userSessionCache.getRefreshToken(),
issued,
DateTime.Now.AddDays(30)); // TODO: need to investigate further.
// It was my understanding that this should be set to when your refresh token expires...
// Attempt refresh token call
AuthFlowResponse authFlowResponse = await user.StartWithRefreshTokenAuthAsync(new InitiateRefreshTokenAuthRequest
{
AuthFlowType = AuthFlowType.REFRESH_TOKEN_AUTH
})
.ConfigureAwait(false);
// Debug.Log("User Access Token after refresh: " + token);
Debug.Log("User refresh token successfully updated!");
// update session cache
UserSessionCache userSessionCacheToUpdate = new UserSessionCache(
authFlowResponse.AuthenticationResult.IdToken,
authFlowResponse.AuthenticationResult.AccessToken,
authFlowResponse.AuthenticationResult.RefreshToken,
userSessionCache.getUserId());
SaveDataManager.SaveJsonData(userSessionCacheToUpdate);
// update credentials with the latest access token
_cognitoAWSCredentials = user.GetCognitoAWSCredentials(IdentityPool, Region);
_user = user;
return(true);
}
catch (NotAuthorizedException ne)
{
// https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html
// refresh tokens will expire - user must login manually every x days (see user pool -> app clients -> details)
Debug.Log("NotAuthorizedException: " + ne);
}
catch (WebException webEx)
{
// we get a web exception when we cant connect to aws - means we are offline
Debug.Log("WebException: " + webEx);
}
catch (Exception ex)
{
Debug.Log("Exception: " + ex);
}
}
return(false);
}
