/// <summary>
/// Confirms user registration as an admin with using a confirmation code.
/// </summary>
/// <param name="loginRequest"></param>
/// <returns></returns>
public async Task <bool> AdminConfirmUserWithNewPassword(Real.AdminConfirmUserWithTempPasswordRequest loginRequest)
{
var client = new AmazonCognitoIdentityProviderClient(RegionEndpoint.GetBySystemName(REGION));
var dictTypeAuthParam = new Dictionary <string, string> {
{ "USERNAME", loginRequest.Username }, { "PASSWORD", loginRequest.TempPassword }
};
AdminInitiateAuthRequest req = new AdminInitiateAuthRequest()
{
AuthFlow = new AuthFlowType(AuthFlowType.ADMIN_NO_SRP_AUTH),
ClientId = CLIENTAPP_ID,
UserPoolId = POOL_ID,
AuthParameters = dictTypeAuthParam
};
var response = await client.AdminInitiateAuthAsync(req);
var dictTypeChallangeResponse = new Dictionary <string, string>
{
{ "USERNAME", loginRequest.Username },
{ "NEW_PASSWORD", loginRequest.NewPassword }
};
var respondRequest = new AdminRespondToAuthChallengeRequest()
{
ChallengeName = new ChallengeNameType(ChallengeNameType.NEW_PASSWORD_REQUIRED),
ClientId = CLIENTAPP_ID,
ChallengeResponses = dictTypeChallangeResponse,
Session = response.Session,
UserPoolId = POOL_ID
};
var respondResponse = await client.AdminRespondToAuthChallengeAsync(respondRequest);
return(true);
}
static async Task Main(string[] args)
{
var awsOptions = new AWSOptions();
using (var cognito = new AmazonCognitoIdentityProviderClient(RegionEndpoint.EUWest1))
{
var initAuthRequest = new AdminInitiateAuthRequest
{
AuthFlow = AuthFlowType.ADMIN_NO_SRP_AUTH,
AuthParameters = new Dictionary <string, string>
{
},
UserPoolId = "eu-west-1_BJ8QvSs1g",
ClientId = "5ive4k9rhvvo776p7rppa5gcd5"
};
var response = await cognito.AdminInitiateAuthAsync(initAuthRequest);
var challengeResponse = new AdminRespondToAuthChallengeRequest
{
ChallengeName = response.ChallengeName,
Session = response.Session,
ClientId = "Filer",
UserPoolId = "Services"
};
var authResponse = await cognito.AdminRespondToAuthChallengeAsync(challengeResponse);
using (var securityTokenProvider = new AmazonSecurityTokenServiceClient())
{
var assumeRoleRequest = new AssumeRoleWithWebIdentityRequest
{
RoleArn = "",
WebIdentityToken = authResponse.AuthenticationResult.AccessToken
};
var roleCreds = await securityTokenProvider.AssumeRoleWithWebIdentityAsync(assumeRoleRequest);
awsOptions.Credentials = roleCreds.Credentials;
}
}
}