//public CognitoAWSCredentials GetCachedCognitoIdentity()
//{
// Console.WriteLine("GetCachedCognitoIdentity");
// if (!string.IsNullOrEmpty(credentials.GetCachedIdentityId()) || credentials.CurrentLoginProviders.Length > 0)
// {
// return credentials;
// }
// return null;
//}
public async Task GetAWSCredentialsWithGoogleToken(string token)
{
try
{
CognitoAWSCredentials credentials = new CognitoAWSCredentials(this.IDENTITYPOOL_ID, RegionEndpoint.EUCentral1);
credentials.Clear();
credentials.AddLogin("accounts.google.com", token);
AmazonCognitoIdentityClient cli = new AmazonCognitoIdentityClient(credentials, RegionEndpoint.EUCentral1);
var req = new Amazon.CognitoIdentity.Model.GetIdRequest();
req.Logins.Add("accounts.google.com", token);
req.IdentityPoolId = this.IDENTITYPOOL_ID;
GetIdResponse getIdResponse = await cli.GetIdAsync(req);
var getCredentialReq = new Amazon.CognitoIdentity.Model.GetCredentialsForIdentityRequest();
getCredentialReq.IdentityId = getIdResponse.IdentityId;
getCredentialReq.Logins.Add("accounts.google.com", token);
GetCredentialsForIdentityResponse getCredentialsResponse = await cli.GetCredentialsForIdentityAsync(getCredentialReq);
UserInfo.Credentials = getCredentialsResponse.Credentials;
UserInfo.IdentityId = getCredentialsResponse.IdentityId;
}
catch (Exception ex)
{
Console.WriteLine("GetAWSCredentialsWithGoogleToken ERROR: " + ex.Message);
throw ex;
}
}
/// <summary>
/// Returns credentials for the the provided identity ID. Any provided logins will be
/// validated against supported login providers. If the token is for cognito-identity.amazonaws.com,
/// it will be passed through to AWS Security Token Service with the appropriate role
/// for the token.
/// </summary>
/// <param name="identityId">A unique identifier in the format REGION:GUID.</param>
/// <param name="logins">A set of optional name-value pairs that map provider names to provider tokens.</param>
///
/// <returns>The response from the GetCredentialsForIdentity service method, as returned by CognitoIdentity.</returns>
/// <exception cref="Amazon.CognitoIdentity.Model.InternalErrorException">
/// Thrown when the service encounters an error during processing the request.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InvalidIdentityPoolConfigurationException">
/// Thrown if the identity pool has no role associated for the given auth type (auth/unauth)
/// or if the AssumeRole fails.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InvalidParameterException">
/// Thrown for missing or bad input parameter(s).
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.NotAuthorizedException">
/// Thrown when a user is not authorized to access the requested resource.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceConflictException">
/// Thrown when a user tries to use a login which is already linked to another account.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceNotFoundException">
/// Thrown when the requested resource (for example, a dataset or record) does not exist.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.TooManyRequestsException">
/// Thrown when a request is throttled.
/// </exception>
public void GetCredentialsForIdentityAsync(string identityId, Dictionary<string, string> logins, AmazonServiceCallback<GetCredentialsForIdentityRequest, GetCredentialsForIdentityResponse> callback, AsyncOptions options = null)
{
var request = new GetCredentialsForIdentityRequest();
request.IdentityId = identityId;
request.Logins = logins;
GetCredentialsForIdentityAsync(request, callback, options);
}
// Retrieves credentials for the roles defined on the identity pool
private CredentialsRefreshState GetPoolCredentials()
{
CredentialsRefreshState credentialsState;
var getCredentialsRequest = new GetCredentialsForIdentityRequest { IdentityId = GetIdentityId() };
if (Logins.Count > 0)
getCredentialsRequest.Logins = Logins;
var response = GetCredentialsForIdentity(getCredentialsRequest);
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId, true);
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return credentialsState;
}
// Retrieves credentials for the roles defined on the identity pool
private async System.Threading.Tasks.Task<CredentialsRefreshState> GetPoolCredentialsAsync()
{
CredentialsRefreshState credentialsState;
var identityId = await GetIdentityIdAsync().ConfigureAwait(false);
var getCredentialsRequest = new GetCredentialsForIdentityRequest { IdentityId = identityId };
if (Logins.Count > 0)
getCredentialsRequest.Logins = Logins;
var response = (await cib.GetCredentialsForIdentityAsync(getCredentialsRequest).ConfigureAwait(false));
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId, true);
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return credentialsState;
}
// Retrieves credentials for the roles defined on the identity pool
private CredentialsRefreshState GetPoolCredentials()
{
CredentialsRefreshState credentialsState;
var identity = this.GetIdentityIdWithCaching();
var getCredentialsRequest = new GetCredentialsForIdentityRequest { IdentityId = identity.IdentityId };
if (Logins.Count > 0)
getCredentialsRequest.Logins = Logins;
bool retry = false;
GetCredentialsForIdentityResponse response = null;
try
{
response = GetCredentialsForIdentity(getCredentialsRequest);
}
catch (AmazonCognitoIdentityException e)
{
if (ShouldRetry(e, identity))
retry = true;
else
throw;
}
if (retry)
{
return GetPoolCredentials();
}
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId, true);
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return credentialsState;
}
// Retrieves credentials for the roles defined on the identity pool
private async System.Threading.Tasks.Task<CredentialsRefreshState> GetPoolCredentialsAsync()
{
CredentialsRefreshState credentialsState;
var identity = await GetIdentityIdWithCachingAsync().ConfigureAwait(false);
var getCredentialsRequest = new GetCredentialsForIdentityRequest { IdentityId = identity.IdentityId };
if (Logins.Count > 0)
getCredentialsRequest.Logins = Logins;
bool retry = false;
GetCredentialsForIdentityResponse response = null;
try
{
response = (await cib.GetCredentialsForIdentityAsync(getCredentialsRequest).ConfigureAwait(false));
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId, true);
}
catch (AmazonCognitoIdentityException e)
{
if (ShouldRetry(e, identity))
retry = true;
else
throw;
}
if (retry)
{
return await GetPoolCredentialsAsync();
}
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return credentialsState;
}
private GetCredentialsForIdentityResponse GetCredentialsForIdentity(GetCredentialsForIdentityRequest getCredentialsRequest)
{
var result = cib.GetCredentialsForIdentity(getCredentialsRequest);
return result;
}
// Retrieves credentials for the roles defined on the identity pool
private async System.Threading.Tasks.Task<CredentialsRefreshState> GetPoolCredentialsAsync()
{
CredentialsRefreshState credentialsState;
var identity = await GetIdentityIdAsync(RefreshIdentityOptions.Refresh).ConfigureAwait(false);
var getCredentialsRequest = new GetCredentialsForIdentityRequest { IdentityId = identity };
if (Logins.Count > 0)
getCredentialsRequest.Logins = Logins;
if (_identityState != null && !string.IsNullOrEmpty(_identityState.LoginToken))
{
getCredentialsRequest.Logins = new Dictionary<string, string>();
getCredentialsRequest.Logins.Add("cognito-identity.amazonaws.com", _identityState.LoginToken);
}
bool retry = false;
GetCredentialsForIdentityResponse response = null;
try
{
response = (await cib.GetCredentialsForIdentityAsync(getCredentialsRequest).ConfigureAwait(false));
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId);
}
catch (AmazonCognitoIdentityException e)
{
if (ShouldRetry(e))
retry = true;
else
throw;
}
if (retry)
{
return await GetPoolCredentialsAsync();
}
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return credentialsState;
}
/// <summary>
/// Returns credentials for the provided identity ID. Any provided logins will be validated
/// against supported login providers. If the token is for cognito-identity.amazonaws.com,
/// it will be passed through to AWS Security Token Service with the appropriate role
/// for the token.
///
///
/// <para>
/// This is a public API. You do not need any credentials to call this API.
/// </para>
/// </summary>
/// <param name="identityId">A unique identifier in the format REGION:GUID.</param>
/// <param name="logins">A set of optional name-value pairs that map provider names to provider tokens.</param>
///
/// <returns>The response from the GetCredentialsForIdentity service method, as returned by CognitoIdentity.</returns>
/// <exception cref="Amazon.CognitoIdentity.Model.ExternalServiceException">
/// An exception thrown when a dependent service such as Facebook or Twitter is not responding
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InternalErrorException">
/// Thrown when the service encounters an error during processing the request.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InvalidIdentityPoolConfigurationException">
/// Thrown if the identity pool has no role associated for the given auth type (auth/unauth)
/// or if the AssumeRole fails.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InvalidParameterException">
/// Thrown for missing or bad input parameter(s).
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.NotAuthorizedException">
/// Thrown when a user is not authorized to access the requested resource.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceConflictException">
/// Thrown when a user tries to use a login which is already linked to another account.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceNotFoundException">
/// Thrown when the requested resource (for example, a dataset or record) does not exist.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.TooManyRequestsException">
/// Thrown when a request is throttled.
/// </exception>
public GetCredentialsForIdentityResponse GetCredentialsForIdentity(string identityId, Dictionary<string, string> logins)
{
var request = new GetCredentialsForIdentityRequest();
request.IdentityId = identityId;
request.Logins = logins;
return GetCredentialsForIdentity(request);
}
/// <summary>
/// Returns credentials for the provided identity ID. Any provided logins will be validated
/// against supported login providers. If the token is for cognito-identity.amazonaws.com,
/// it will be passed through to AWS Security Token Service with the appropriate role
/// for the token.
///
///
/// <para>
/// This is a public API. You do not need any credentials to call this API.
/// </para>
/// </summary>
/// <param name="identityId">A unique identifier in the format REGION:GUID.</param>
///
/// <returns>The response from the GetCredentialsForIdentity service method, as returned by CognitoIdentity.</returns>
/// <exception cref="Amazon.CognitoIdentity.Model.ExternalServiceException">
/// An exception thrown when a dependent service such as Facebook or Twitter is not responding
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InternalErrorException">
/// Thrown when the service encounters an error during processing the request.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InvalidIdentityPoolConfigurationException">
/// Thrown if the identity pool has no role associated for the given auth type (auth/unauth)
/// or if the AssumeRole fails.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InvalidParameterException">
/// Thrown for missing or bad input parameter(s).
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.NotAuthorizedException">
/// Thrown when a user is not authorized to access the requested resource.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceConflictException">
/// Thrown when a user tries to use a login which is already linked to another account.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceNotFoundException">
/// Thrown when the requested resource (for example, a dataset or record) does not exist.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.TooManyRequestsException">
/// Thrown when a request is throttled.
/// </exception>
public GetCredentialsForIdentityResponse GetCredentialsForIdentity(string identityId)
{
var request = new GetCredentialsForIdentityRequest();
request.IdentityId = identityId;
return GetCredentialsForIdentity(request);
}
/// <summary>
/// Initiates the asynchronous execution of the GetCredentialsForIdentity operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the GetCredentialsForIdentity operation.</param>
/// <param name="cancellationToken">
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
/// </param>
/// <returns>The task object representing the asynchronous operation.</returns>
public Task<GetCredentialsForIdentityResponse> GetCredentialsForIdentityAsync(GetCredentialsForIdentityRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var marshaller = new GetCredentialsForIdentityRequestMarshaller();
var unmarshaller = GetCredentialsForIdentityResponseUnmarshaller.Instance;
return InvokeAsync<GetCredentialsForIdentityRequest,GetCredentialsForIdentityResponse>(request, marshaller,
unmarshaller, cancellationToken);
}
private GetCredentialsForIdentityResponse GetCredentialsForIdentity(GetCredentialsForIdentityRequest getCredentialsRequest)
{
var getCredentialsResult = Amazon.Runtime.Internal.Util.AsyncHelpers.RunSync<GetCredentialsForIdentityResponse>(() => cib.GetCredentialsForIdentityAsync(getCredentialsRequest));
return getCredentialsResult;
}
/// <summary>
/// Initiates the asynchronous execution of the GetCredentialsForIdentity operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the GetCredentialsForIdentity operation on AmazonCognitoIdentityClient.</param>
/// <param name="callback">An AsyncCallback delegate that is invoked when the operation completes.</param>
/// <param name="state">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback
/// procedure using the AsyncState property.</param>
///
/// <returns>An IAsyncResult that can be used to poll or wait for results, or both; this value is also needed when invoking EndGetCredentialsForIdentity
/// operation.</returns>
public IAsyncResult BeginGetCredentialsForIdentity(GetCredentialsForIdentityRequest request, AsyncCallback callback, object state)
{
var marshaller = new GetCredentialsForIdentityRequestMarshaller();
var unmarshaller = GetCredentialsForIdentityResponseUnmarshaller.Instance;
return BeginInvoke<GetCredentialsForIdentityRequest>(request, marshaller, unmarshaller,
callback, state);
}
// Retrieves credentials for the roles defined on the identity pool
private CredentialsRefreshState GetPoolCredentials()
{
CredentialsRefreshState credentialsState;
var identity = this.GetIdentityId(RefreshIdentityOptions.Refresh);
var getCredentialsRequest = new GetCredentialsForIdentityRequest { IdentityId = identity };
if (Logins.Count > 0)
getCredentialsRequest.Logins = Logins;
//incase its BYOI provider override the logins dictionary with the new instance and set the values for cognito-identity provider
if (_identityState != null && !string.IsNullOrEmpty(_identityState.LoginToken))
{
getCredentialsRequest.Logins = new Dictionary<string, string>();
getCredentialsRequest.Logins["cognito-identity.amazonaws.com"] = _identityState.LoginToken;
}
bool retry = false;
GetCredentialsForIdentityResponse response = null;
try
{
response = GetCredentialsForIdentity(getCredentialsRequest);
}
catch (AmazonCognitoIdentityException e)
{
if (ShouldRetry(e))
retry = true;
else
throw;
}
if (retry)
{
return GetPoolCredentials();
}
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId);
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return credentialsState;
}
/// <summary>
/// Initiates the asynchronous execution of the GetCredentialsForIdentity operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the GetCredentialsForIdentity operation on AmazonCognitoIdentityClient.</param>
/// <param name="callback">An Action delegate that is invoked when the operation completes.</param>
/// <param name="options">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback
/// procedure using the AsyncState property.</param>
public void GetCredentialsForIdentityAsync(GetCredentialsForIdentityRequest request, AmazonServiceCallback<GetCredentialsForIdentityRequest, GetCredentialsForIdentityResponse> callback, AsyncOptions options = null)
{
options = options == null?new AsyncOptions():options;
var marshaller = new GetCredentialsForIdentityRequestMarshaller();
var unmarshaller = GetCredentialsForIdentityResponseUnmarshaller.Instance;
Action<AmazonWebServiceRequest, AmazonWebServiceResponse, Exception, AsyncOptions> callbackHelper = null;
if(callback !=null )
callbackHelper = (AmazonWebServiceRequest req, AmazonWebServiceResponse res, Exception ex, AsyncOptions ao) => {
AmazonServiceResult<GetCredentialsForIdentityRequest,GetCredentialsForIdentityResponse> responseObject
= new AmazonServiceResult<GetCredentialsForIdentityRequest,GetCredentialsForIdentityResponse>((GetCredentialsForIdentityRequest)req, (GetCredentialsForIdentityResponse)res, ex , ao.State);
callback(responseObject);
};
BeginInvoke<GetCredentialsForIdentityRequest>(request, marshaller, unmarshaller, options, callbackHelper);
}
/// <summary>
/// Returns credentials for the the provided identity ID. Any provided logins will be
/// validated against supported login providers. If the token is for cognito-identity.amazonaws.com,
/// it will be passed through to AWS Security Token Service with the appropriate role
/// for the token.
/// </summary>
/// <param name="request">Container for the necessary parameters to execute the GetCredentialsForIdentity service method.</param>
///
/// <returns>The response from the GetCredentialsForIdentity service method, as returned by CognitoIdentity.</returns>
/// <exception cref="Amazon.CognitoIdentity.Model.InternalErrorException">
/// Thrown when the service encounters an error during processing the request.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InvalidIdentityPoolConfigurationException">
/// Thrown if the identity pool has no role associated for the given auth type (auth/unauth)
/// or if the AssumeRole fails.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InvalidParameterException">
/// Thrown for missing or bad input parameter(s).
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.NotAuthorizedException">
/// Thrown when a user is not authorized to access the requested resource.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceConflictException">
/// Thrown when a user tries to use a login which is already linked to another account.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceNotFoundException">
/// Thrown when the requested resource (for example, a dataset or record) does not exist.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.TooManyRequestsException">
/// Thrown when a request is throttled.
/// </exception>
internal GetCredentialsForIdentityResponse GetCredentialsForIdentity(GetCredentialsForIdentityRequest request)
{
var marshaller = new GetCredentialsForIdentityRequestMarshaller();
var unmarshaller = GetCredentialsForIdentityResponseUnmarshaller.Instance;
return Invoke<GetCredentialsForIdentityRequest,GetCredentialsForIdentityResponse>(request, marshaller, unmarshaller);
}
/// <summary>
/// Returns credentials for the provided identity ID. Any provided logins will be validated
/// against supported login providers. If the token is for cognito-identity.amazonaws.com,
/// it will be passed through to AWS Security Token Service with the appropriate role
/// for the token.
///
///
/// <para>
/// This is a public API. You do not need any credentials to call this API.
/// </para>
/// </summary>
/// <param name="identityId">A unique identifier in the format REGION:GUID.</param>
/// <param name="cancellationToken">
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
/// </param>
///
/// <returns>The response from the GetCredentialsForIdentity service method, as returned by CognitoIdentity.</returns>
/// <exception cref="Amazon.CognitoIdentity.Model.ExternalServiceException">
/// An exception thrown when a dependent service such as Facebook or Twitter is not responding
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InternalErrorException">
/// Thrown when the service encounters an error during processing the request.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InvalidIdentityPoolConfigurationException">
/// Thrown if the identity pool has no role associated for the given auth type (auth/unauth)
/// or if the AssumeRole fails.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InvalidParameterException">
/// Thrown for missing or bad input parameter(s).
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.NotAuthorizedException">
/// Thrown when a user is not authorized to access the requested resource.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceConflictException">
/// Thrown when a user tries to use a login which is already linked to another account.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceNotFoundException">
/// Thrown when the requested resource (for example, a dataset or record) does not exist.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.TooManyRequestsException">
/// Thrown when a request is throttled.
/// </exception>
public Task<GetCredentialsForIdentityResponse> GetCredentialsForIdentityAsync(string identityId, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var request = new GetCredentialsForIdentityRequest();
request.IdentityId = identityId;
return GetCredentialsForIdentityAsync(request, cancellationToken);
}
