Exemple #1
0
        public virtual async Task <AuthEventEnum> VerifyNewPasswordAsync(string newPassword)
        {
            if (CurrentChallenge != AuthChallengeEnum.NewPassword)
            {
                return(AuthEventEnum.Alert_VerifyCalledButNoChallengeFound);
            }

            if (!CheckNewPasswordFormat(newPassword))
            {
                return(AuthEventEnum.Alert_PasswordFormatRequirementsFailed);
            }

            try
            {
                switch (CurrentAuthProcess)
                {
                case AuthProcessEnum.SigningUp:
                    authFlowResponse = await CognitoUser.RespondToNewPasswordRequiredAsync(
                        new RespondToNewPasswordRequiredRequest()
                    {
                        SessionID   = authFlowResponse.SessionID,
                        NewPassword = newPassword
                    }
                        ).ConfigureAwait(false);

                    this.newPassword = newPassword;
                    AuthChallengeList.Remove(AuthChallengeEnum.NewPassword);
                    return(await NextChallenge());

                case AuthProcessEnum.ResettingPassword:
                    this.newPassword = newPassword;
                    CognitoUser user = new CognitoUser(login, clientId, userPool, providerClient);
                    await user.ForgotPasswordAsync().ConfigureAwait(false);

                    AuthChallengeList.Remove(AuthChallengeEnum.NewPassword);
                    AuthChallengeList.Add(AuthChallengeEnum.Code);
                    return(await NextChallenge());

                case AuthProcessEnum.UpdatingPassword:
                    this.newPassword = newPassword;
                    AuthChallengeList.Remove(AuthChallengeEnum.NewPassword);
                    return(await NextChallenge());

                default:
                    return(AuthEventEnum.Alert_InternalProcessError);
                }
            }
            catch (InvalidPasswordException) { return(AuthEventEnum.Alert_PasswordFormatRequirementsFailed); }
            catch (TooManyRequestsException) { return(AuthEventEnum.Alert_TooManyAttempts); }
            catch (TooManyFailedAttemptsException) { return(AuthEventEnum.Alert_TooManyAttempts); }
            catch (NotAuthorizedException) { return(AuthEventEnum.Alert_NotAuthorized); }
            catch (UserNotFoundException) { return(AuthEventEnum.Alert_UserNotFound); }
            catch (UserNotConfirmedException) { return(AuthEventEnum.Alert_NotConfirmed); }
            catch (Exception e)
            {
                Debug.WriteLine($"VerifyPassword() threw an exception {e}");
                CognitoUser = null;
                return(AuthEventEnum.Alert_Unknown);
            }
        }
Exemple #2
0
        public virtual async Task <AuthEventEnum> StartUpdateEmailAsync()
        {
            await Init();

            if (!IsSignedIn)
            {
                return(AuthEventEnum.Alert_NeedToBeSignedIn);
            }

            CurrentAuthProcess = AuthProcessEnum.UpdatingEmail;
            AuthChallengeList.Add(AuthChallengeEnum.NewEmail);
            return(AuthEventEnum.AuthChallenge);
        }
Exemple #3
0
        public virtual async Task <AuthEventEnum> VerifyNewPasswordAsync(string newPassword)
        {
            if (CurrentChallenge != AuthChallengeEnum.NewPassword)
            {
                return(AuthEventEnum.Alert_VerifyCalledButNoChallengeFound);
            }

            if (!CheckPasswordFormat(newPassword))
            {
                return(AuthEventEnum.Alert_PasswordFormatRequirementsFailed);
            }

            await Init();

            try
            {
                switch (CurrentAuthProcess)
                {
                case AuthProcessEnum.SigningUp:
                    AuthChallengeList.Remove(AuthChallengeEnum.NewPassword);
                    return(await NextChallenge());

                case AuthProcessEnum.ResettingPassword:
                    this.newPassword = newPassword;
                    await jsModule.InvokeVoidAsync("LzAuth.forgotPassword", login);

                    AuthChallengeList.Remove(AuthChallengeEnum.NewPassword);
                    AuthChallengeList.Add(AuthChallengeEnum.Code);
                    return(await NextChallenge());

                case AuthProcessEnum.UpdatingPassword:
                    this.newPassword = newPassword;
                    await jsModule.InvokeVoidAsync("LzAuth.changePassword", password, newPassword);

                    AuthChallengeList.Remove(AuthChallengeEnum.NewPassword);
                    return(await NextChallenge());

                default:
                    return(AuthEventEnum.Alert_InternalProcessError);
                }
            }
            catch (JSException e)
            {
                return(GetAuthEventEnumForJsError(e));
            }
            catch (Exception e)
            {
                Debug.WriteLine($"VerifyPassword() threw an exception {e}");
                return(AuthEventEnum.Alert_Unknown);
            }
        }
Exemple #4
0
        public virtual async Task <AuthEventEnum> StartResetPasswordAsync()
        {
            await Init();

            if (IsSignedIn)
            {
                return(AuthEventEnum.Alert_InvalidOperationWhenSignedIn);
            }

            CurrentAuthProcess = AuthProcessEnum.ResettingPassword;

            AuthChallengeList.Add(AuthChallengeEnum.Login);
            AuthChallengeList.Add(AuthChallengeEnum.NewPassword);
            return(AuthEventEnum.AuthChallenge);
        }
Exemple #5
0
        public virtual async Task <AuthEventEnum> StartSignInAsync()
        {
            await Init();

            if (IsSignedIn)
            {
                return(AuthEventEnum.Alert_AlreadySignedIn);
            }

            InternalClearAsync();
            CurrentAuthProcess = AuthProcessEnum.SigningIn;
            AuthChallengeList.Add(AuthChallengeEnum.Login);
            AuthChallengeList.Add(AuthChallengeEnum.Password);
            return(AuthEventEnum.AuthChallenge);
        }
Exemple #6
0
        public virtual async Task <AuthEventEnum> StartUpdatePasswordAsync()
        {
            await Task.Delay(0);

            if (!IsSignedIn)
            {
                return(AuthEventEnum.Alert_NeedToBeSignedIn);
            }

            CurrentAuthProcess = AuthProcessEnum.UpdatingPassword;

            AuthChallengeList.Add(AuthChallengeEnum.Password);
            AuthChallengeList.Add(AuthChallengeEnum.NewPassword);
            return(AuthEventEnum.AuthChallenge);
        }
Exemple #7
0
        public virtual async Task <AuthEventEnum> StartSignUpAsync()
        {
            if (IsSignedIn)
            {
                return(AuthEventEnum.Alert_AlreadySignedIn);
            }

            await ClearAsync(); // calls Init() as well

            CurrentAuthProcess = AuthProcessEnum.SigningUp;

            AuthChallengeList.Add(AuthChallengeEnum.Login);
            AuthChallengeList.Add(AuthChallengeEnum.Password);
            AuthChallengeList.Add(AuthChallengeEnum.Email);
            return(AuthEventEnum.AuthChallenge);
        }
Exemple #8
0
        private async Task <AuthEventEnum> NextChallenge(AuthEventEnum lastAuthEventEnum = AuthEventEnum.AuthChallenge)
        {
            await Init();

            try
            {
                if (!HasChallenge)
                {
                    switch (CurrentAuthProcess)
                    {
                    case AuthProcessEnum.None:
                        return(AuthEventEnum.Alert_NothingToDo);

                    case AuthProcessEnum.ResettingPassword:

                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.PasswordResetDone);

                    case AuthProcessEnum.SigningUp:

                        if (HasChallenge)
                        {
                            return(AuthEventEnum.AuthChallenge);
                        }

                        if (!IsLoginFormatOk)
                        {
                            AuthChallengeList.Add(AuthChallengeEnum.Login);
                        }
                        else
                        if (!IsPasswordFormatOk)
                        {
                            AuthChallengeList.Add(AuthChallengeEnum.Password);
                        }
                        else
                        if (!IsEmailFormatOk)
                        {
                            AuthChallengeList.Add(AuthChallengeEnum.Email);
                        }

                        if (HasChallenge)
                        {
                            return(AuthEventEnum.AuthChallenge);
                        }

                        if (!IsCodeVerified)
                        {
                            // Request causes AWS to send Auth Code to user by email
                            var attr = new Dictionary <string, string>()
                            {
                                { "email", email }
                            };
                            await jsModule.InvokeVoidAsync("LzAuth.signUp", login, password, attr);

                            if (!AuthChallengeList.Contains(AuthChallengeEnum.Code))
                            {
                                AuthChallengeList.Add(AuthChallengeEnum.Code);
                            }

                            return(AuthEventEnum.AuthChallenge);
                        }

                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.SignedUp);

                    case AuthProcessEnum.SigningIn:
                        // await jsModule.InvokeVoidAsync("signIn", login, password);
                        await jsModule.InvokeVoidAsync("LzAuth.signIn", login, password);

                        IsSignedIn         = true;
                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.SignedIn);

                    case AuthProcessEnum.UpdatingEmail:
                        if (!IsCodeVerified)
                        {
                            AuthChallengeList.Add(AuthChallengeEnum.Code);
                            return(AuthEventEnum.VerificationCodeSent);
                        }

                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.EmailUpdateDone);

                    case AuthProcessEnum.UpdatingPassword:
                        await jsModule.InvokeVoidAsync("LzAuth.changePassword", password, newPassword);

                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.PasswordUpdateDone);

                    case AuthProcessEnum.UpdatingPhone:
                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.PhoneUpdateDone);
                    }
                }
            }
            catch (JSException ex)
            {
                var msg = ex.Message;
                Debug.WriteLine(ex.Message);
                //return GetAuthEventEnumForJsError(e);
            }
            catch (Exception e)
            {
                string message = e.Message;

                return(AuthEventEnum.Alert_Unknown);
            }

            return(lastAuthEventEnum);
        }
Exemple #9
0
        private async Task <AuthEventEnum> NextChallenge(AuthEventEnum lastAuthEventEnum = AuthEventEnum.AuthChallenge)
        {
            try
            {
                if (!HasChallenge)
                {
                    switch (CurrentAuthProcess)
                    {
                    case AuthProcessEnum.None:
                        return(AuthEventEnum.Alert_NothingToDo);

                    case AuthProcessEnum.ResettingPassword:

                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.PasswordResetDone);

                    case AuthProcessEnum.SigningUp:

                        if (HasChallenge)
                        {
                            return(AuthEventEnum.AuthChallenge);
                        }

                        if (!IsLoginFormatOk)
                        {
                            AuthChallengeList.Add(AuthChallengeEnum.Login);
                        }
                        else
                        if (!IsPasswordFormatOk)
                        {
                            AuthChallengeList.Add(AuthChallengeEnum.Password);
                        }
                        else
                        if (!IsEmailFormatOk)
                        {
                            AuthChallengeList.Add(AuthChallengeEnum.Email);
                        }

                        if (HasChallenge)
                        {
                            return(AuthEventEnum.AuthChallenge);
                        }

                        if (!IsCodeVerified)
                        {
                            // Request Auth Code
                            var signUpRequest = new SignUpRequest()
                            {
                                ClientId = clientId,
                                Password = password,
                                Username = login
                            };

                            signUpRequest.UserAttributes.Add(
                                new AttributeType()
                            {
                                Name  = "email",
                                Value = email
                            });

                            // This call may throw an exception
                            var result = await providerClient.SignUpAsync(signUpRequest).ConfigureAwait(false);

                            if (!AuthChallengeList.Contains(AuthChallengeEnum.Code))
                            {
                                AuthChallengeList.Add(AuthChallengeEnum.Code);
                            }

                            return(AuthEventEnum.AuthChallenge);
                        }

                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.SignedUp);

                    case AuthProcessEnum.SigningIn:
                        if (authFlowResponse != null && authFlowResponse.ChallengeName == ChallengeNameType.NEW_PASSWORD_REQUIRED)     // Update Passsword
                        {
                            if (!AuthChallengeList.Contains(AuthChallengeEnum.NewPassword))
                            {
                                AuthChallengeList.Add(AuthChallengeEnum.NewPassword);
                            }
                            authFlowResponse = null;
                            return(AuthEventEnum.AuthChallenge);
                        }

                        // Grab JWT from login to User Pools to extract User Pool Identity
                        //var token = new JwtSecurityToken(jwtEncodedString: CognitoUser.SessionTokens.IdToken);
                        //UpIdentity = token.Claims.First(c => c.Type == "sub").Value; // JWT sub cliam contains User Pool Identity

                        //// Note: creates Identity Pool identity if it doesn't exist
                        Credentials = CognitoUser.GetCognitoAWSCredentials(identityPoolId, regionEndpoint);

                        IsSignedIn         = true;
                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.SignedIn);

                    case AuthProcessEnum.UpdatingEmail:
                        if (!IsCodeVerified)
                        {
                            AuthChallengeList.Add(AuthChallengeEnum.Code);
                            return(AuthEventEnum.VerificationCodeSent);
                        }

                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.EmailUpdateDone);

                    case AuthProcessEnum.UpdatingPassword:
                        await CognitoUser.ChangePasswordAsync(password, newPassword).ConfigureAwait(false);

                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.PasswordUpdateDone);

                    case AuthProcessEnum.UpdatingPhone:
                        CurrentAuthProcess = AuthProcessEnum.None;
                        ClearSensitiveFields();
                        return(AuthEventEnum.PhoneUpdateDone);
                    }
                }
            }
            catch (UsernameExistsException) { return(AuthEventEnum.Alert_LoginAlreadyUsed); }
            catch (InvalidParameterException) { return(AuthEventEnum.Alert_InternalProcessError); }
            catch (InvalidPasswordException) { return(AuthEventEnum.Alert_PasswordFormatRequirementsFailed); }
            catch (TooManyRequestsException) { return(AuthEventEnum.Alert_TooManyAttempts); }
            catch (TooManyFailedAttemptsException) { return(AuthEventEnum.Alert_TooManyAttempts); }
            catch (PasswordResetRequiredException) { return(AuthEventEnum.Alert_PasswordResetRequiredException); }
            catch (Exception e)
            {
                Debug.WriteLine($"SignUp() threw an exception {e}");
                return(AuthEventEnum.Alert_Unknown);
            }

            return(lastAuthEventEnum);
        }