IAsyncResult invokeGetOpenIdToken(GetOpenIdTokenRequest request, AsyncCallback callback, object state, bool synchronized)
{
var marshaller = new GetOpenIdTokenRequestMarshaller();
var unmarshaller = GetOpenIdTokenResponseUnmarshaller.Instance;
return Invoke(request, callback, state, synchronized, marshaller, unmarshaller, signer);
}
private GetOpenIdTokenResponse GetOpenId(GetOpenIdTokenRequest getTokenRequest)
{
var getTokenResult = cib.GetOpenIdToken(getTokenRequest);
return getTokenResult;
}
/// <summary>
/// Gets an OpenID token, using a known Cognito ID. This known Cognito ID is returned
/// by <a>GetId</a>. You can optionally add additional logins for the identity. Supplying
/// multiple logins creates an implicit link.
///
///
/// <para>
/// The OpenId token is valid for 15 minutes.
/// </para>
/// </summary>
/// <param name="request">Container for the necessary parameters to execute the GetOpenIdToken service method.</param>
///
/// <returns>The response from the GetOpenIdToken service method, as returned by CognitoIdentity.</returns>
/// <exception cref="Amazon.CognitoIdentity.Model.InternalErrorException">
/// Thrown when the service encounters an error during processing the request.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InvalidParameterException">
/// Thrown for missing or bad input parameter(s).
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.NotAuthorizedException">
/// Thrown when a user is not authorized to access the requested resource.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceConflictException">
/// Thrown when a user tries to use a login which is already linked to another account.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceNotFoundException">
/// Thrown when the requested resource (for example, a dataset or record) does not exist.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.TooManyRequestsException">
/// Thrown when a request is throttled.
/// </exception>
internal GetOpenIdTokenResponse GetOpenIdToken(GetOpenIdTokenRequest request)
{
var marshaller = new GetOpenIdTokenRequestMarshaller();
var unmarshaller = GetOpenIdTokenResponseUnmarshaller.Instance;
return Invoke<GetOpenIdTokenRequest,GetOpenIdTokenResponse>(request, marshaller, unmarshaller);
}
/// <summary>
/// Initiates the asynchronous execution of the GetOpenIdToken operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the GetOpenIdToken operation on AmazonCognitoIdentityClient.</param>
/// <param name="callback">An Action delegate that is invoked when the operation completes.</param>
/// <param name="options">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback
/// procedure using the AsyncState property.</param>
public void GetOpenIdTokenAsync(GetOpenIdTokenRequest request, AmazonServiceCallback<GetOpenIdTokenRequest, GetOpenIdTokenResponse> callback, AsyncOptions options = null)
{
options = options == null?new AsyncOptions():options;
var marshaller = new GetOpenIdTokenRequestMarshaller();
var unmarshaller = GetOpenIdTokenResponseUnmarshaller.Instance;
Action<AmazonWebServiceRequest, AmazonWebServiceResponse, Exception, AsyncOptions> callbackHelper = null;
if(callback !=null )
callbackHelper = (AmazonWebServiceRequest req, AmazonWebServiceResponse res, Exception ex, AsyncOptions ao) => {
AmazonServiceResult<GetOpenIdTokenRequest,GetOpenIdTokenResponse> responseObject
= new AmazonServiceResult<GetOpenIdTokenRequest,GetOpenIdTokenResponse>((GetOpenIdTokenRequest)req, (GetOpenIdTokenResponse)res, ex , ao.State);
callback(responseObject);
};
BeginInvoke<GetOpenIdTokenRequest>(request, marshaller, unmarshaller, options, callbackHelper);
}
/// <summary>
/// Gets an OpenID token, using a known Cognito ID. This known Cognito ID is returned
/// from GetId. You can optionally add additional logins for the identity. Supplying multiple
/// logins creates an implicit link.
/// </summary>
/// <param name="request">Container for the necessary parameters to execute the GetOpenIdToken service method.</param>
///
/// <returns>The response from the GetOpenIdToken service method, as returned by CognitoIdentity.</returns>
/// <exception cref="InternalErrorException">
/// Thrown when the service encounters an error during processing the request.
/// </exception>
/// <exception cref="InvalidParameterException">
/// Thrown for missing or bad input parameter(s).
/// </exception>
/// <exception cref="NotAuthorizedException">
/// Thrown when a user is not authorized to access the requested resource.
/// </exception>
/// <exception cref="ResourceConflictException">
/// Thrown when a user tries to use a login which is already linked to another account.
/// </exception>
/// <exception cref="ResourceNotFoundException">
/// Thrown when the requested resource (for example, a dataset or record) does not exist.
/// </exception>
/// <exception cref="TooManyRequestsException">
/// Thrown when a request is throttled.
/// </exception>
public GetOpenIdTokenResponse GetOpenIdToken(GetOpenIdTokenRequest request)
{
IAsyncResult asyncResult = invokeGetOpenIdToken(request, null, null, true);
return EndGetOpenIdToken(asyncResult);
}
/// <summary>
/// Initiates the asynchronous execution of the GetOpenIdToken operation.
/// <seealso cref="Amazon.CognitoIdentity.IAmazonCognitoIdentity.GetOpenIdToken"/>
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the GetOpenIdToken operation.</param>
/// <param name="cancellationToken">
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
/// </param>
/// <returns>The task object representing the asynchronous operation.</returns>
public Task<GetOpenIdTokenResponse> GetOpenIdTokenAsync(GetOpenIdTokenRequest request, CancellationToken cancellationToken = default(CancellationToken))
{
var marshaller = new GetOpenIdTokenRequestMarshaller();
var unmarshaller = GetOpenIdTokenResponseUnmarshaller.GetInstance();
return Invoke<IRequest, GetOpenIdTokenRequest, GetOpenIdTokenResponse>(request, marshaller, unmarshaller, signer, cancellationToken);
}
/// <summary>
/// Gets an OpenID token, using a known Cognito ID. This known Cognito ID is returned
/// by <a>GetId</a>. You can optionally add additional logins for the identity. Supplying
/// multiple logins creates an implicit link.
///
///
/// <para>
/// The OpenId token is valid for 15 minutes.
/// </para>
/// </summary>
/// <param name="identityId">A unique identifier in the format REGION:GUID.</param>
///
/// <returns>The response from the GetOpenIdToken service method, as returned by CognitoIdentity.</returns>
/// <exception cref="Amazon.CognitoIdentity.Model.InternalErrorException">
/// Thrown when the service encounters an error during processing the request.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InvalidParameterException">
/// Thrown for missing or bad input parameter(s).
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.NotAuthorizedException">
/// Thrown when a user is not authorized to access the requested resource.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceConflictException">
/// Thrown when a user tries to use a login which is already linked to another account.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceNotFoundException">
/// Thrown when the requested resource (for example, a dataset or record) does not exist.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.TooManyRequestsException">
/// Thrown when a request is throttled.
/// </exception>
public void GetOpenIdTokenAsync(string identityId, AmazonServiceCallback<GetOpenIdTokenRequest, GetOpenIdTokenResponse> callback, AsyncOptions options = null)
{
var request = new GetOpenIdTokenRequest();
request.IdentityId = identityId;
GetOpenIdTokenAsync(request, callback, options);
}
// Retrieves credentials for the specific role, by making a call to STS
private CredentialsRefreshState GetCredentialsForRole(string roleArn)
{
CredentialsRefreshState credentialsState;
// Retrieve Open Id Token
// (Reuses existing IdentityId or creates a new one)
var getTokenRequest = new GetOpenIdTokenRequest { IdentityId = GetIdentityId() };
// If logins are set, pass them to the GetOpenId call
if (Logins.Count > 0)
getTokenRequest.Logins = Logins;
var getTokenResult = GetOpenId(getTokenRequest);
string token = getTokenResult.Token;
// IdentityId may have changed, save the new value
UpdateIdentity(getTokenResult.IdentityId, true);
// Assume role with Open Id Token
var assumeRequest = new AssumeRoleWithWebIdentityRequest
{
WebIdentityToken = token,
RoleArn = roleArn,
RoleSessionName = "NetProviderSession",
DurationSeconds = DefaultDurationSeconds
};
var credentials = GetStsCredentials(assumeRequest);
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return credentialsState;
}
/// <summary>
/// Gets an OpenID token, using a known Cognito ID. This known Cognito ID is returned
/// from GetId. You can optionally add additional logins for the identity. Supplying multiple
/// logins creates an implicit link.
/// </summary>
/// <param name="request">Container for the necessary parameters to execute the GetOpenIdToken service method.</param>
///
/// <returns>The response from the GetOpenIdToken service method, as returned by CognitoIdentity.</returns>
/// <exception cref="T:Amazon.CognitoIdentity.Model.InternalErrorException">
/// Thrown when the service encounters an error during processing the request.
/// </exception>
/// <exception cref="T:Amazon.CognitoIdentity.Model.InvalidParameterException">
/// Thrown for missing or bad input parameter(s).
/// </exception>
/// <exception cref="T:Amazon.CognitoIdentity.Model.NotAuthorizedException">
/// Thrown when a user is not authorized to access the requested resource.
/// </exception>
/// <exception cref="T:Amazon.CognitoIdentity.Model.ResourceConflictException">
/// Thrown when a user tries to use a login which is already linked to another account.
/// </exception>
/// <exception cref="T:Amazon.CognitoIdentity.Model.ResourceNotFoundException">
/// Thrown when the requested resource (for example, a dataset or record) does not exist.
/// </exception>
/// <exception cref="T:Amazon.CognitoIdentity.Model.TooManyRequestsException">
/// Thrown when a request is throttled.
/// </exception>
public GetOpenIdTokenResponse GetOpenIdToken(GetOpenIdTokenRequest request)
{
var task = GetOpenIdTokenAsync(request);
try
{
return task.Result;
}
catch(AggregateException e)
{
ExceptionDispatchInfo.Capture(e.InnerException).Throw();
return null;
}
}
// Retrieves credentials for the specific role, by making a call to STS
private CredentialsRefreshState GetCredentialsForRole(string roleArn)
{
CredentialsRefreshState credentialsState;
// Retrieve Open Id Token
// (Reuses existing IdentityId or creates a new one)
var identity = this.GetIdentityIdWithCaching();
var getTokenRequest = new GetOpenIdTokenRequest { IdentityId = identity.IdentityId };
// If logins are set, pass them to the GetOpenId call
if (Logins.Count > 0)
getTokenRequest.Logins = Logins;
bool retry = false;
GetOpenIdTokenResponse getTokenResult = null;
try
{
getTokenResult = GetOpenId(getTokenRequest);
}
catch (AmazonCognitoIdentityException e)
{
if (ShouldRetry(e, identity))
retry = true;
else
throw;
}
if (retry)
{
return GetCredentialsForRole(roleArn);
}
string token = getTokenResult.Token;
// IdentityId may have changed, save the new value
UpdateIdentity(getTokenResult.IdentityId, true);
// Assume role with Open Id Token
var assumeRequest = new AssumeRoleWithWebIdentityRequest
{
WebIdentityToken = token,
RoleArn = roleArn,
RoleSessionName = "NetProviderSession",
DurationSeconds = DefaultDurationSeconds
};
var credentials = GetStsCredentials(assumeRequest);
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return credentialsState;
}
private async System.Threading.Tasks.Task<CredentialsRefreshState> GetCredentialsForRoleAsync(string roleArn)
{
CredentialsRefreshState credentialsState;
// Retrieve Open Id Token
// (Reuses existing IdentityId or creates a new one)
var identityId = await GetIdentityIdAsync().ConfigureAwait(false);
var getTokenRequest = new GetOpenIdTokenRequest { IdentityId = identityId };
// If logins are set, pass them to the GetOpenId call
if (Logins.Count > 0)
getTokenRequest.Logins = Logins;
var getTokenResult = await cib.GetOpenIdTokenAsync(getTokenRequest).ConfigureAwait(false);
string token = getTokenResult.Token;
// IdentityId may have changed, save the new value
UpdateIdentity(getTokenResult.IdentityId, true);
// Assume role with Open Id Token
var assumeRequest = new AssumeRoleWithWebIdentityRequest
{
WebIdentityToken = token,
RoleArn = roleArn,
RoleSessionName = "NetProviderSession",
DurationSeconds = DefaultDurationSeconds
};
var credentials = (await sts.AssumeRoleWithWebIdentityAsync(assumeRequest).ConfigureAwait(false)).Credentials;
// Return new refresh state (credentials and expiration)
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return credentialsState;
}
/// <summary>
/// Initiates the asynchronous execution of the GetOpenIdToken operation.
/// <seealso cref="Amazon.CognitoIdentity.IAmazonCognitoIdentity"/>
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the GetOpenIdToken operation on AmazonCognitoIdentityClient.</param>
/// <param name="callback">An AsyncCallback delegate that is invoked when the operation completes.</param>
/// <param name="state">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback
/// procedure using the AsyncState property.</param>
///
/// <returns>An IAsyncResult that can be used to poll or wait for results, or both; this value is also needed when invoking EndGetOpenIdToken
/// operation.</returns>
public IAsyncResult BeginGetOpenIdToken(GetOpenIdTokenRequest request, AsyncCallback callback, object state)
{
var marshaller = new GetOpenIdTokenRequestMarshaller();
var unmarshaller = GetOpenIdTokenResponseUnmarshaller.Instance;
return BeginInvoke<GetOpenIdTokenRequest>(request, marshaller, unmarshaller,
callback, state);
}
/// <summary>
/// Initiates the asynchronous execution of the GetOpenIdToken operation.
/// <seealso cref="Amazon.CognitoIdentity.IAmazonCognitoIdentity"/>
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the GetOpenIdToken operation on AmazonCognitoIdentityClient.</param>
/// <param name="callback">An AsyncCallback delegate that is invoked when the operation completes.</param>
/// <param name="state">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback
/// procedure using the AsyncState property.</param>
///
/// <returns>An IAsyncResult that can be used to poll or wait for results, or both; this value is also needed when invoking EndGetOpenIdToken
/// operation.</returns>
public IAsyncResult BeginGetOpenIdToken(GetOpenIdTokenRequest request, AsyncCallback callback, object state)
{
return invokeGetOpenIdToken(request, callback, state, false);
}
/// <summary>
/// Initiates the asynchronous execution of the GetOpenIdToken operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the GetOpenIdToken operation.</param>
/// <param name="cancellationToken">
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
/// </param>
/// <returns>The task object representing the asynchronous operation.</returns>
public Task<GetOpenIdTokenResponse> GetOpenIdTokenAsync(GetOpenIdTokenRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var marshaller = new GetOpenIdTokenRequestMarshaller();
var unmarshaller = GetOpenIdTokenResponseUnmarshaller.Instance;
return InvokeAsync<GetOpenIdTokenRequest,GetOpenIdTokenResponse>(request, marshaller,
unmarshaller, cancellationToken);
}
/// <summary>
/// Gets an OpenID token, using a known Cognito ID. This known Cognito ID is returned
/// by <a>GetId</a>. You can optionally add additional logins for the identity. Supplying
/// multiple logins creates an implicit link.
///
///
/// <para>
/// The OpenId token is valid for 15 minutes.
/// </para>
///
/// <para>
/// This is a public API. You do not need any credentials to call this API.
/// </para>
/// </summary>
/// <param name="identityId">A unique identifier in the format REGION:GUID.</param>
/// <param name="cancellationToken">
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
/// </param>
///
/// <returns>The response from the GetOpenIdToken service method, as returned by CognitoIdentity.</returns>
/// <exception cref="Amazon.CognitoIdentity.Model.ExternalServiceException">
/// An exception thrown when a dependent service such as Facebook or Twitter is not responding
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InternalErrorException">
/// Thrown when the service encounters an error during processing the request.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InvalidParameterException">
/// Thrown for missing or bad input parameter(s).
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.NotAuthorizedException">
/// Thrown when a user is not authorized to access the requested resource.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceConflictException">
/// Thrown when a user tries to use a login which is already linked to another account.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceNotFoundException">
/// Thrown when the requested resource (for example, a dataset or record) does not exist.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.TooManyRequestsException">
/// Thrown when a request is throttled.
/// </exception>
public Task<GetOpenIdTokenResponse> GetOpenIdTokenAsync(string identityId, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var request = new GetOpenIdTokenRequest();
request.IdentityId = identityId;
return GetOpenIdTokenAsync(request, cancellationToken);
}
/// <summary>
/// Gets an OpenID token, using a known Cognito ID. This known Cognito ID is returned
/// by <a>GetId</a>. You can optionally add additional logins for the identity. Supplying
/// multiple logins creates an implicit link.
///
///
/// <para>
/// The OpenId token is valid for 15 minutes.
/// </para>
///
/// <para>
/// This is a public API. You do not need any credentials to call this API.
/// </para>
/// </summary>
/// <param name="identityId">A unique identifier in the format REGION:GUID.</param>
///
/// <returns>The response from the GetOpenIdToken service method, as returned by CognitoIdentity.</returns>
/// <exception cref="Amazon.CognitoIdentity.Model.ExternalServiceException">
/// An exception thrown when a dependent service such as Facebook or Twitter is not responding
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InternalErrorException">
/// Thrown when the service encounters an error during processing the request.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.InvalidParameterException">
/// Thrown for missing or bad input parameter(s).
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.NotAuthorizedException">
/// Thrown when a user is not authorized to access the requested resource.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceConflictException">
/// Thrown when a user tries to use a login which is already linked to another account.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.ResourceNotFoundException">
/// Thrown when the requested resource (for example, a dataset or record) does not exist.
/// </exception>
/// <exception cref="Amazon.CognitoIdentity.Model.TooManyRequestsException">
/// Thrown when a request is throttled.
/// </exception>
public GetOpenIdTokenResponse GetOpenIdToken(string identityId)
{
var request = new GetOpenIdTokenRequest();
request.IdentityId = identityId;
return GetOpenIdToken(request);
}
private GetOpenIdTokenResponse GetOpenId(GetOpenIdTokenRequest getTokenRequest)
{
var getTokenResult = Amazon.Runtime.Internal.Util.AsyncHelpers.RunSync<GetOpenIdTokenResponse>(() => cib.GetOpenIdTokenAsync(getTokenRequest));
return getTokenResult;
}
private async System.Threading.Tasks.Task<CredentialsRefreshState> GetCredentialsForRoleAsync(string roleArn)
{
CredentialsRefreshState credentialsState;
// Retrieve Open Id Token
// (Reuses existing IdentityId or creates a new one)
var identity = await GetIdentityIdAsync(RefreshIdentityOptions.Refresh).ConfigureAwait(false);
var getTokenRequest = new GetOpenIdTokenRequest { IdentityId = identity };
// If logins are set, pass them to the GetOpenId call
if (Logins.Count > 0)
getTokenRequest.Logins = Logins;
bool retry = false;
GetOpenIdTokenResponse getTokenResult = null;
try
{
getTokenResult = await cib.GetOpenIdTokenAsync(getTokenRequest).ConfigureAwait(false);
}
catch (AmazonCognitoIdentityException e)
{
if (ShouldRetry(e))
retry = true;
else
throw;
}
if (retry)
{
return await GetCredentialsForRoleAsync(roleArn);
}
string token = getTokenResult.Token;
// IdentityId may have changed, save the new value
UpdateIdentity(getTokenResult.IdentityId);
// Assume role with Open Id Token
var assumeRequest = new AssumeRoleWithWebIdentityRequest
{
WebIdentityToken = token,
RoleArn = roleArn,
RoleSessionName = "NetProviderSession",
DurationSeconds = DefaultDurationSeconds
};
var credentials = (await sts.AssumeRoleWithWebIdentityAsync(assumeRequest).ConfigureAwait(false)).Credentials;
// Return new refresh state (credentials and expiration)
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return credentialsState;
}
