public static CognitoUser ValidateUser(string username)
{
var provider = new AmazonCognitoIdentityProviderClient(new Amazon.Runtime.AnonymousAWSCredentials());
var userPool = new CognitoUserPool(PoolId, ClientAppId, provider, ClientSecret);
var user = new CognitoUser(username, ClientAppId, userPool, provider, ClientSecret);
var initiateAuthRequest = new InitiateCustomAuthRequest
{
AuthParameters = new Dictionary <string, string>(StringComparer.Ordinal)
{
{
CognitoConstants.ChlgParamUsername,
username
}
},
ClientMetadata = new Dictionary <string, string>()
};
if (!string.IsNullOrEmpty(ClientSecret))
{
initiateAuthRequest.AuthParameters.Add(CognitoConstants.ChlgParamSecretHash,
Util.GetUserPoolSecretHash(username, ClientAppId, ClientSecret));
}
AuthFlowResponse authResponse = user.StartWithCustomAuthAsync(initiateAuthRequest).ConfigureAwait(false)
.GetAwaiter().GetResult();
return(authResponse.AuthenticationResult != null ? user : null);
}
private async Task <string> GetIdTokenViaCustomAuthAsync(CognitoUser user,
InitiateCustomAuthRequest initiateAuthRequest)
{
var authFlowResponse = await user.StartWithCustomAuthAsync(initiateAuthRequest)
.ConfigureAwait(false);
return(authFlowResponse.AuthenticationResult.IdToken);
}
/// <summary>
/// Gets the Identity Token via Custom Authentication in AWS Cognito.
/// </summary>
/// <param name="client">The client.</param>
/// <returns>The Identity Token</returns>
public async Task <string> GetCustomAuthTokenAsync(Client client)
{
string token;
var userPool = new CognitoUserPool(client.ConfigClientData.Cognito.ClientApp.UserPoolId,
client.ConfigClientData.Cognito.ClientApp.ClientId,
(AmazonCognitoIdentityProviderClient)this._amazonCognitoIdentityProvider,
client.ConfigClientData.Cognito.ClientApp.ClientSecret);
var user = new CognitoUser(client.ExtraClientData.UserName, client.ConfigClientData.Cognito.ClientApp.ClientId,
userPool, (AmazonCognitoIdentityProviderClient)this._amazonCognitoIdentityProvider,
client.ConfigClientData.Cognito.ClientApp.ClientSecret);
var initiateAuthRequest = new InitiateCustomAuthRequest
{
AuthParameters = new Dictionary <string, string>(StringComparer.Ordinal)
{
{
CognitoConstants.ChlgParamUsername,
client.ExtraClientData.UserName
}
},
ClientMetadata = new Dictionary <string, string>(StringComparer.Ordinal)
};
if (!string.IsNullOrEmpty(client.ConfigClientData.Cognito.ClientApp.ClientSecret))
{
initiateAuthRequest.AuthParameters.Add(CognitoConstants.ChlgParamSecretHash,
Util.GetUserPoolSecretHash(client.ExtraClientData.UserName, client.ConfigClientData.Cognito.ClientApp.ClientId,
client.ConfigClientData.Cognito.ClientApp.ClientSecret));
}
try
{
token = await GetIdTokenViaCustomAuthAsync(user, initiateAuthRequest);
}
catch (UserNotFoundException)
{
await this._amazonCognitoIdentityProvider.AdminCreateUserAsync(new AdminCreateUserRequest
{
MessageAction = "SUPPRESS",
Username = client.ExtraClientData.UserName,
UserPoolId = client.ConfigClientData.Cognito.ClientApp.UserPoolId
}).ConfigureAwait(false);
token = await GetIdTokenViaCustomAuthAsync(user, initiateAuthRequest);
}
return(token);
}
