/// <summary>
/// Password flow, using admin API to fetch user details
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <returns> CognitoUserCustomAttributes </returns>
private async Task <CognitoUserCustomAttributes> AuthenticateAndGetCognitoUserCustomAttributes(string userName, string password)
{
var request = new AdminInitiateAuthRequest
{
UserPoolId = userPoolId,
ClientId = clientId,
AuthFlow = AuthFlowType.ADMIN_USER_PASSWORD_AUTH
};
request.AuthParameters.Add("USERNAME", userName);
request.AuthParameters.Add("PASSWORD", password);
AdminInitiateAuthResponse response;
try
{
response = await cognitoClient.AdminInitiateAuthAsync(request);
}
catch (Exception ex)
{
return(new CognitoUserCustomAttributes
{
ErrorMessage = ex.Message
});
}
if (response.HttpStatusCode != HttpStatusCode.OK)
{
return(new CognitoUserCustomAttributes
{
ErrorMessage = "Login error"
});
}
var hand = new JwtSecurityTokenHandler();
var customAttributes = hand.ReadJwtToken(response.AuthenticationResult.IdToken);
var identityResponse = new CognitoUserCustomAttributes
{
Role = GetCustomAttributeValue(customAttributes, CustomAttributeField.Role),
HomeDirectoryDetails = GetCustomAttributeValue(customAttributes, CustomAttributeField.HomeDirectoryDetails),
HomeDirectory = GetCustomAttributeValue(customAttributes, CustomAttributeField.HomeDirectory),
Policy = GetCustomAttributeValue(customAttributes, CustomAttributeField.Policy)
};
// HomeDirectoryDetails to hide actual S3 path
identityResponse.HomeDirectoryType = identityResponse.HomeDirectoryDetails != null ? CustomAttributeField.HomeDirectoryType : null;
return(identityResponse);
}
/// <summary>
/// SSH Key support, using admin API to fetch user details
/// </summary>
/// <param name="userName"></param>
/// <returns> CognitoUserCustomAttributes </returns>
private async Task <CognitoUserCustomAttributes> CognitoSshSupport(string userName)
{
var adminRequest = new AdminGetUserRequest
{
Username = userName,
UserPoolId = userPoolId
};
try
{
var adminGetUserResponse = await cognitoClient.AdminGetUserAsync(adminRequest);
var identityResponse = new CognitoUserCustomAttributes
{
Role = GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.Role),
HomeDirectoryDetails = GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.HomeDirectoryDetails),
HomeDirectory = GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.HomeDirectory),
HomeDirectoryType = CustomAttributeField.HomeDirectoryType,
PublicKeys = new List <string> {
GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.PublicKey)
},
Policy = GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.Policy)
};
// HomeDirectoryDetails to hide actual S3 path
identityResponse.HomeDirectoryType = identityResponse.HomeDirectoryDetails != null ? CustomAttributeField.HomeDirectoryType : null;
return(identityResponse);
}
catch (Exception ex)
{
return(new CognitoUserCustomAttributes
{
ErrorMessage = ex.Message
});
}
}
