public static CognitoUser ValidateUser(string username) { var provider = new AmazonCognitoIdentityProviderClient(new Amazon.Runtime.AnonymousAWSCredentials()); var userPool = new CognitoUserPool(PoolId, ClientAppId, provider, ClientSecret); var user = new CognitoUser(username, ClientAppId, userPool, provider, ClientSecret); var initiateAuthRequest = new InitiateCustomAuthRequest { AuthParameters = new Dictionary <string, string>(StringComparer.Ordinal) { { CognitoConstants.ChlgParamUsername, username } }, ClientMetadata = new Dictionary <string, string>() }; if (!string.IsNullOrEmpty(ClientSecret)) { initiateAuthRequest.AuthParameters.Add(CognitoConstants.ChlgParamSecretHash, Util.GetUserPoolSecretHash(username, ClientAppId, ClientSecret)); } AuthFlowResponse authResponse = user.StartWithCustomAuthAsync(initiateAuthRequest).ConfigureAwait(false) .GetAwaiter().GetResult(); return(authResponse.AuthenticationResult != null ? user : null); }
private async Task <string> GetIdTokenViaCustomAuthAsync(CognitoUser user, InitiateCustomAuthRequest initiateAuthRequest) { var authFlowResponse = await user.StartWithCustomAuthAsync(initiateAuthRequest) .ConfigureAwait(false); return(authFlowResponse.AuthenticationResult.IdToken); }
/// <summary> /// Gets the Identity Token via Custom Authentication in AWS Cognito. /// </summary> /// <param name="client">The client.</param> /// <returns>The Identity Token</returns> public async Task <string> GetCustomAuthTokenAsync(Client client) { string token; var userPool = new CognitoUserPool(client.ConfigClientData.Cognito.ClientApp.UserPoolId, client.ConfigClientData.Cognito.ClientApp.ClientId, (AmazonCognitoIdentityProviderClient)this._amazonCognitoIdentityProvider, client.ConfigClientData.Cognito.ClientApp.ClientSecret); var user = new CognitoUser(client.ExtraClientData.UserName, client.ConfigClientData.Cognito.ClientApp.ClientId, userPool, (AmazonCognitoIdentityProviderClient)this._amazonCognitoIdentityProvider, client.ConfigClientData.Cognito.ClientApp.ClientSecret); var initiateAuthRequest = new InitiateCustomAuthRequest { AuthParameters = new Dictionary <string, string>(StringComparer.Ordinal) { { CognitoConstants.ChlgParamUsername, client.ExtraClientData.UserName } }, ClientMetadata = new Dictionary <string, string>(StringComparer.Ordinal) }; if (!string.IsNullOrEmpty(client.ConfigClientData.Cognito.ClientApp.ClientSecret)) { initiateAuthRequest.AuthParameters.Add(CognitoConstants.ChlgParamSecretHash, Util.GetUserPoolSecretHash(client.ExtraClientData.UserName, client.ConfigClientData.Cognito.ClientApp.ClientId, client.ConfigClientData.Cognito.ClientApp.ClientSecret)); } try { token = await GetIdTokenViaCustomAuthAsync(user, initiateAuthRequest); } catch (UserNotFoundException) { await this._amazonCognitoIdentityProvider.AdminCreateUserAsync(new AdminCreateUserRequest { MessageAction = "SUPPRESS", Username = client.ExtraClientData.UserName, UserPoolId = client.ConfigClientData.Cognito.ClientApp.UserPoolId }).ConfigureAwait(false); token = await GetIdTokenViaCustomAuthAsync(user, initiateAuthRequest); } return(token); }