/// <summary> /// Password flow, using admin API to fetch user details /// </summary> /// <param name="userName"></param> /// <param name="password"></param> /// <returns> CognitoUserCustomAttributes </returns> private async Task <CognitoUserCustomAttributes> AuthenticateAndGetCognitoUserCustomAttributes(string userName, string password) { var request = new AdminInitiateAuthRequest { UserPoolId = userPoolId, ClientId = clientId, AuthFlow = AuthFlowType.ADMIN_USER_PASSWORD_AUTH }; request.AuthParameters.Add("USERNAME", userName); request.AuthParameters.Add("PASSWORD", password); AdminInitiateAuthResponse response; try { response = await cognitoClient.AdminInitiateAuthAsync(request); } catch (Exception ex) { return(new CognitoUserCustomAttributes { ErrorMessage = ex.Message }); } if (response.HttpStatusCode != HttpStatusCode.OK) { return(new CognitoUserCustomAttributes { ErrorMessage = "Login error" }); } var hand = new JwtSecurityTokenHandler(); var customAttributes = hand.ReadJwtToken(response.AuthenticationResult.IdToken); var identityResponse = new CognitoUserCustomAttributes { Role = GetCustomAttributeValue(customAttributes, CustomAttributeField.Role), HomeDirectoryDetails = GetCustomAttributeValue(customAttributes, CustomAttributeField.HomeDirectoryDetails), HomeDirectory = GetCustomAttributeValue(customAttributes, CustomAttributeField.HomeDirectory), Policy = GetCustomAttributeValue(customAttributes, CustomAttributeField.Policy) }; // HomeDirectoryDetails to hide actual S3 path identityResponse.HomeDirectoryType = identityResponse.HomeDirectoryDetails != null ? CustomAttributeField.HomeDirectoryType : null; return(identityResponse); }
/// <summary> /// SSH Key support, using admin API to fetch user details /// </summary> /// <param name="userName"></param> /// <returns> CognitoUserCustomAttributes </returns> private async Task <CognitoUserCustomAttributes> CognitoSshSupport(string userName) { var adminRequest = new AdminGetUserRequest { Username = userName, UserPoolId = userPoolId }; try { var adminGetUserResponse = await cognitoClient.AdminGetUserAsync(adminRequest); var identityResponse = new CognitoUserCustomAttributes { Role = GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.Role), HomeDirectoryDetails = GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.HomeDirectoryDetails), HomeDirectory = GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.HomeDirectory), HomeDirectoryType = CustomAttributeField.HomeDirectoryType, PublicKeys = new List <string> { GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.PublicKey) }, Policy = GetAdminUserAttributeValue(adminGetUserResponse, CustomAttributeField.Policy) }; // HomeDirectoryDetails to hide actual S3 path identityResponse.HomeDirectoryType = identityResponse.HomeDirectoryDetails != null ? CustomAttributeField.HomeDirectoryType : null; return(identityResponse); } catch (Exception ex) { return(new CognitoUserCustomAttributes { ErrorMessage = ex.Message }); } }