public void GetCredentialsForIdentityAsync(string identityId, AmazonServiceCallback <GetCredentialsForIdentityRequest, GetCredentialsForIdentityResponse> callback, AsyncOptions options = null)
{
GetCredentialsForIdentityRequest getCredentialsForIdentityRequest = new GetCredentialsForIdentityRequest();
getCredentialsForIdentityRequest.IdentityId = identityId;
GetCredentialsForIdentityAsync(getCredentialsForIdentityRequest, callback, options);
}
private void GetCredentialsForIdentityWebGL(GetCredentialsForIdentityRequest getCredentialsRequest, Action <GetCredentialsForIdentityResponse, Exception> callback)
{
cib.GetCredentialsForIdentityAsync(getCredentialsRequest, result =>
{
callback(result.Response, result.Exception);
});
}
internal GetCredentialsForIdentityResponse GetCredentialsForIdentity(GetCredentialsForIdentityRequest request)
{
GetCredentialsForIdentityRequestMarshaller marshaller = new GetCredentialsForIdentityRequestMarshaller();
GetCredentialsForIdentityResponseUnmarshaller instance = GetCredentialsForIdentityResponseUnmarshaller.Instance;
return(Invoke <GetCredentialsForIdentityRequest, GetCredentialsForIdentityResponse>(request, marshaller, instance));
}
private void GetPoolCredentialsWebGL(Action <CredentialsRefreshState> callback)
{
CredentialsRefreshState credentialsState;
this.GetIdentityIdWebGL(RefreshIdentityOptions.Refresh, identity =>
{
var getCredentialsRequest = new GetCredentialsForIdentityRequest {
IdentityId = identity
};
if (Logins.Count > 0)
{
getCredentialsRequest.Logins = Logins;
}
//incase its BYOI provider override the logins dictionary with the new instance and set the values for cognito-identity provider
if (_identityState != null && !string.IsNullOrEmpty(_identityState.LoginToken))
{
getCredentialsRequest.Logins = new Dictionary <string, string>();
getCredentialsRequest.Logins["cognito-identity.amazonaws.com"] = _identityState.LoginToken;
}
GetCredentialsForIdentityWebGL(getCredentialsRequest, (response, e) =>
{
bool retry = false;
if (e is AmazonCognitoIdentityException)
{
if (ShouldRetry(e as AmazonCognitoIdentityException))
{
retry = true;
}
else
{
throw e;
}
}
if (retry)
{
GetPoolCredentialsWebGL(callback);
return;
}
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId);
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
callback(credentialsState);
});
});
}
// Retrieves credentials for the roles defined on the identity pool
private async System.Threading.Tasks.Task <CredentialsRefreshState> GetPoolCredentialsAsync()
{
CredentialsRefreshState credentialsState;
var identity = await GetIdentityIdAsync(RefreshIdentityOptions.Refresh).ConfigureAwait(false);
var getCredentialsRequest = new GetCredentialsForIdentityRequest {
IdentityId = identity
};
if (Logins.Count > 0)
{
getCredentialsRequest.Logins = Logins;
}
if (_identityState != null && !string.IsNullOrEmpty(_identityState.LoginToken))
{
getCredentialsRequest.Logins = new Dictionary <string, string>();
getCredentialsRequest.Logins.Add("cognito-identity.amazonaws.com", _identityState.LoginToken);
}
bool retry = false;
GetCredentialsForIdentityResponse response = null;
try
{
response = (await cib.GetCredentialsForIdentityAsync(getCredentialsRequest).ConfigureAwait(false));
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId);
}
catch (AmazonCognitoIdentityException e)
{
if (ShouldRetry(e))
{
retry = true;
}
else
{
throw;
}
}
if (retry)
{
return(await GetPoolCredentialsAsync());
}
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return(credentialsState);
}
// Retrieves credentials for the roles defined on the identity pool
private CredentialsRefreshState GetPoolCredentials()
{
CredentialsRefreshState credentialsState;
var identity = this.GetIdentityId(RefreshIdentityOptions.Refresh);
var getCredentialsRequest = new GetCredentialsForIdentityRequest {
IdentityId = identity
};
if (Logins.Count > 0)
{
getCredentialsRequest.Logins = Logins;
}
//incase its BYOI provider override the logins dictionary with the new instance and set the values for cognito-identity provider
if (_identityState != null && !string.IsNullOrEmpty(_identityState.LoginToken))
{
getCredentialsRequest.Logins = new Dictionary <string, string>();
getCredentialsRequest.Logins["cognito-identity.amazonaws.com"] = _identityState.LoginToken;
}
bool retry = false;
GetCredentialsForIdentityResponse response = null;
try
{
response = GetCredentialsForIdentity(getCredentialsRequest);
}
catch (AmazonCognitoIdentityException e)
{
if (ShouldRetry(e))
{
retry = true;
}
else
{
throw;
}
}
if (retry)
{
return(GetPoolCredentials());
}
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId);
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return(credentialsState);
}
/// <summary>
/// Initiates the asynchronous execution of the GetCredentialsForIdentity operation.
/// <seealso cref="Amazon.CognitoIdentity.IAmazonCognitoIdentity"/>
/// </summary>
/// <param name="request">Container for the necessary parameters to execute the GetCredentialsForIdentity operation.</param>
/// <param name="callback">An AsyncCallback delegate that is invoked when the operation completes</param>
/// <param name="state">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback
/// procedure using the AsyncState property.</param>
/// <returns>void</returns>
public void GetCredentialsForIdentityAsync(GetCredentialsForIdentityRequest request, AmazonServiceCallback callback, object state)
{
if (!AmazonInitializer.IsInitialized)
{
throw new Exception("AWSPrefab is not added to the scene");
}
ThreadPool.QueueUserWorkItem(new WaitCallback(delegate
{
var marshaller = new GetCredentialsForIdentityRequestMarshaller();
var unmarshaller = GetCredentialsForIdentityResponseUnmarshaller.Instance;
Invoke(request, callback, state, marshaller, unmarshaller, signer);
}));
return;
}
private void PopulateCredentialsWithCognito(AmazonServiceCallback callback)
{
AmazonServiceResult voidResult = new AmazonServiceResult(null, null);
GetCredentialsForIdentityRequest request = new GetCredentialsForIdentityRequest();
request.IdentityId = IdentityProvider.GetCurrentIdentityId();
String token = IdentityProvider.GetCurrentOpenIdToken();
if (token != null && token.Length != 0)
{
request.Logins = new Dictionary <string, string>();
request.Logins.Add("cognito-identity.amazonaws.com", token);
}
else
{
request.Logins = IdentityProvider.Logins;
}
IdentityProvider.cib.GetCredentialsForIdentityAsync(request, delegate(AmazonServiceResult result){
if (result.Exception != null)
{
voidResult.Exception = result.Exception;
Debug.LogError(result.Exception.Message);
AmazonMainThreadDispatcher.ExecCallback(callback, voidResult);
return;
}
GetCredentialsForIdentityResult credentialsResult = result.Response as GetCredentialsForIdentityResult;
///Calling this will trigger clear _sessionCredentials, so it's important to do it before
if (credentialsResult.IdentityId != IdentityProvider.GetCurrentIdentityId())
{
IdentityProvider.UpdateIdentity(credentialsResult.IdentityId);
}
this._sessionCredentials = new CredentialsRefreshState
{
Credentials = new ImmutableCredentials(credentialsResult.Credentials.AccessKeyId,
credentialsResult.Credentials.SecretKey,
credentialsResult.Credentials.SessionToken),
Expiration = credentialsResult.Credentials.Expiration.ToUniversalTime()
};
// success - FinalResponse
AmazonMainThreadDispatcher.ExecCallback(callback, voidResult);
}, null);
}
public void GetCredentialsForIdentityAsync(GetCredentialsForIdentityRequest request, AmazonServiceCallback <GetCredentialsForIdentityRequest, GetCredentialsForIdentityResponse> callback, AsyncOptions options = null)
{
options = ((options == null) ? new AsyncOptions() : options);
GetCredentialsForIdentityRequestMarshaller marshaller = new GetCredentialsForIdentityRequestMarshaller();
GetCredentialsForIdentityResponseUnmarshaller instance = GetCredentialsForIdentityResponseUnmarshaller.Instance;
Action <AmazonWebServiceRequest, AmazonWebServiceResponse, Exception, AsyncOptions> callbackHelper = null;
if (callback != null)
{
callbackHelper = delegate(AmazonWebServiceRequest req, AmazonWebServiceResponse res, Exception ex, AsyncOptions ao)
{
AmazonServiceResult <GetCredentialsForIdentityRequest, GetCredentialsForIdentityResponse> responseObject = new AmazonServiceResult <GetCredentialsForIdentityRequest, GetCredentialsForIdentityResponse>((GetCredentialsForIdentityRequest)req, (GetCredentialsForIdentityResponse)res, ex, ao.State);
callback(responseObject);
};
}
BeginInvoke(request, marshaller, instance, options, callbackHelper);
}
// Retrieves credentials for the roles defined on the identity pool
private async System.Threading.Tasks.Task <CredentialsRefreshState> GetPoolCredentialsAsync()
{
CredentialsRefreshState credentialsState;
var identity = await GetIdentityIdWithCachingAsync().ConfigureAwait(false);
var getCredentialsRequest = new GetCredentialsForIdentityRequest {
IdentityId = identity.IdentityId
};
if (Logins.Count > 0)
{
getCredentialsRequest.Logins = Logins;
}
bool retry = false;
GetCredentialsForIdentityResponse response = null;
try
{
response = (await cib.GetCredentialsForIdentityAsync(getCredentialsRequest).ConfigureAwait(false));
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId, true);
}
catch (AmazonCognitoIdentityException e)
{
if (ShouldRetry(e, identity))
{
retry = true;
}
else
{
throw;
}
}
if (retry)
{
return(await GetPoolCredentialsAsync());
}
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return(credentialsState);
}
// Retrieves credentials for the roles defined on the identity pool
private CredentialsRefreshState GetPoolCredentials()
{
CredentialsRefreshState credentialsState;
var identity = this.GetIdentityIdWithCaching();
var getCredentialsRequest = new GetCredentialsForIdentityRequest {
IdentityId = identity.IdentityId
};
if (Logins.Count > 0)
{
getCredentialsRequest.Logins = Logins;
}
bool retry = false;
GetCredentialsForIdentityResponse response = null;
try
{
response = GetCredentialsForIdentity(getCredentialsRequest);
}
catch (AmazonCognitoIdentityException e)
{
if (ShouldRetry(e, identity))
{
retry = true;
}
else
{
throw;
}
}
if (retry)
{
return(GetPoolCredentials());
}
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId, true);
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return(credentialsState);
}
// Retrieves credentials for the roles defined on the identity pool
private CredentialsRefreshState GetPoolCredentials()
{
CredentialsRefreshState credentialsState;
var getCredentialsRequest = new GetCredentialsForIdentityRequest {
IdentityId = GetIdentityId()
};
if (Logins.Count > 0)
{
getCredentialsRequest.Logins = Logins;
}
var response = GetCredentialsForIdentity(getCredentialsRequest);
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId, true);
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return(credentialsState);
}
private CredentialsRefreshState GetPoolCredentials()
{
string text = GetIdentityId(RefreshIdentityOptions.Refresh);
GetCredentialsForIdentityRequest getCredentialsForIdentityRequest = new GetCredentialsForIdentityRequest
{
IdentityId = text
};
if (Logins.Count > 0)
{
getCredentialsForIdentityRequest.Logins = Logins;
}
if (_identityState != null && !string.IsNullOrEmpty(_identityState.LoginToken))
{
getCredentialsForIdentityRequest.Logins = new Dictionary <string, string>();
getCredentialsForIdentityRequest.Logins["cognito-identity.amazonaws.com"] = _identityState.LoginToken;
}
bool flag = false;
GetCredentialsForIdentityResponse getCredentialsForIdentityResponse = null;
try
{
getCredentialsForIdentityResponse = GetCredentialsForIdentity(getCredentialsForIdentityRequest);
}
catch (AmazonCognitoIdentityException e)
{
if (!ShouldRetry(e))
{
throw;
}
flag = true;
}
if (flag)
{
return(GetPoolCredentials());
}
UpdateIdentity(getCredentialsForIdentityResponse.IdentityId);
Amazon.CognitoIdentity.Model.Credentials credentials = getCredentialsForIdentityResponse.Credentials;
return(new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration));
}
// Retrieves credentials for the roles defined on the identity pool
private async System.Threading.Tasks.Task <CredentialsRefreshState> GetPoolCredentialsAsync()
{
CredentialsRefreshState credentialsState;
var identityId = await GetIdentityIdAsync().ConfigureAwait(false);
var getCredentialsRequest = new GetCredentialsForIdentityRequest {
IdentityId = identityId
};
if (Logins.Count > 0)
{
getCredentialsRequest.Logins = Logins;
}
var response = (await cib.GetCredentialsForIdentityAsync(getCredentialsRequest).ConfigureAwait(false));
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId, true);
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return(credentialsState);
}
private GetCredentialsForIdentityResponse GetCredentialsForIdentity(GetCredentialsForIdentityRequest getCredentialsRequest)
{
var getCredentialsResult = Amazon.Runtime.Internal.Util.AsyncHelpers.RunSync <GetCredentialsForIdentityResponse>(() => cib.GetCredentialsForIdentityAsync(getCredentialsRequest));
return(getCredentialsResult);
}
private GetCredentialsForIdentityResponse GetCredentialsForIdentity(GetCredentialsForIdentityRequest getCredentialsRequest)
{
var result = cib.GetCredentialsForIdentity(getCredentialsRequest);
return(result);
}
public ActionResult Browse()
{
List <Models.S3File> files = new List <Models.S3File>();
strCurrentUsername = HttpContext.User.Identity.Name;
if (!string.IsNullOrEmpty(strCurrentUsername))
{
if (strCurrentUsername.EndsWith("workerbee.com"))
{
strUserCognitoPoolId = strWorkerBeeCognitoPoolId;
}
else if (strCurrentUsername.EndsWith("queenbee.com"))
{
strUserCognitoPoolId = strQueenBeeCognitoPoolId;
}
else if (strCurrentUsername.EndsWith("beehive.com"))
{
strUserCognitoPoolId = strBeeHiveCognitoPoolId;
}
else //any other email domain
{
strUserCognitoPoolId = strFreeBeeCognitoPoolId;
}
}
Amazon.RegionEndpoint northVirginiaRegion = Amazon.RegionEndpoint.USEast1; //Virginia location
string strAccessKeyId = ConfigurationManager.AppSettings["CognitoDeveloperAccessKeyId"];
string strAccessKeySecret = ConfigurationManager.AppSettings["CognitoDeveloperAccessKeySecret"];
AmazonCognitoIdentityClient cognitoIdClient = new AmazonCognitoIdentityClient(strAccessKeyId, strAccessKeySecret, northVirginiaRegion);
if (cognitoIdClient != null)
{
Dictionary <string, string> customLogin = new Dictionary <string, string>();
customLogin.Add(DEVELOPER_PROVIDER_NAME, HttpContext.User.Identity.Name);
GetOpenIdTokenForDeveloperIdentityRequest oidcTokenReq = new GetOpenIdTokenForDeveloperIdentityRequest();
//oidcTokenReq.IdentityId = HttpContext.User.Identity.Name;
oidcTokenReq.IdentityPoolId = strUserCognitoPoolId;
oidcTokenReq.TokenDuration = 86400; //24hr for ID token validaty
oidcTokenReq.Logins = customLogin;
//Get an OpenID Connect token from AWS Cognito
GetOpenIdTokenForDeveloperIdentityResponse oidcTokenRes = cognitoIdClient.GetOpenIdTokenForDeveloperIdentity(oidcTokenReq);
//Get the Cognito Identity ID for the current user
GetCredentialsForIdentityRequest credentialsForIdReq = new GetCredentialsForIdentityRequest()
{
IdentityId = oidcTokenRes.IdentityId,
//Logins = customLogin
};
Dictionary <string, string> token = new Dictionary <string, string>();
token.Add("cognito-identity.amazonaws.com", oidcTokenRes.Token);//
//Get the token from AWS STS (through AWS Cognito) to assume an AWS role that will allow to user to query AWS S3
GetCredentialsForIdentityResponse credentialsForIdRes = cognitoIdClient.GetCredentialsForIdentity(oidcTokenRes.IdentityId, token);
Credentials awsCreds = credentialsForIdRes.Credentials;
using (var s3Client = new AmazonS3Client(awsCreds, northVirginiaRegion))
{
try
{
var bucketsRes = s3Client.ListBuckets();
List <S3Bucket> buckets = bucketsRes.Buckets;
foreach (S3Bucket bucket in buckets)
{
try
{
ListObjectsResponse listObjectsRes = s3Client.ListObjects(bucket.BucketName);
List <S3Object> s3Objects = listObjectsRes.S3Objects;
foreach (S3Object s3file in s3Objects)
{
files.Add(new Models.S3File()
{
FileName = s3file.Key
});
}
}
catch (Exception ex)
{
}
}
}
catch (AmazonCognitoIdentityException cex)
{
string strError = cex.ToString();
}
catch (Exception ex)
{
////throw;
}
}
}
return(View(files));
}
private GetCredentialsForIdentityResponse GetCredentialsForIdentity(GetCredentialsForIdentityRequest getCredentialsRequest)
{
return(cib.GetCredentialsForIdentity(getCredentialsRequest));
}
/// <summary>
/// Initiates the asynchronous execution of the GetCredentialsForIdentity operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the GetCredentialsForIdentity operation.</param>
/// <param name="cancellationToken">
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
/// </param>
/// <returns>The task object representing the asynchronous operation.</returns>
public Task <GetCredentialsForIdentityResponse> GetCredentialsForIdentityAsync(GetCredentialsForIdentityRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var marshaller = new GetCredentialsForIdentityRequestMarshaller();
var unmarshaller = GetCredentialsForIdentityResponseUnmarshaller.Instance;
return(InvokeAsync <GetCredentialsForIdentityRequest, GetCredentialsForIdentityResponse>(request, marshaller,
unmarshaller, cancellationToken));
}
