/// <summary>
/// Unmarshaller the response from the service to the response class.
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override AmazonWebServiceResponse Unmarshall(JsonUnmarshallerContext context)
{
AdminConfirmSignUpResponse response = new AdminConfirmSignUpResponse();
return(response);
}
public AuthenticationConfirmUserTests() : base()
{
SignUpRequest signUpRequest = new SignUpRequest()
{
ClientId = pool.ClientID,
Password = "******",
Username = "******",
UserAttributes = new List <AttributeType>()
{
new AttributeType()
{
Name = CognitoConstants.UserAttrEmail, Value = "*****@*****.**"
},
},
ValidationData = new List <AttributeType>()
{
new AttributeType()
{
Name = CognitoConstants.UserAttrEmail, Value = "*****@*****.**"
}
}
};
SignUpResponse signUpResponse = provider.SignUpAsync(signUpRequest).Result;
AdminConfirmSignUpRequest confirmRequest = new AdminConfirmSignUpRequest()
{
Username = "******",
UserPoolId = pool.PoolID
};
AdminConfirmSignUpResponse confirmResponse = provider.AdminConfirmSignUpAsync(confirmRequest).Result;
user = new CognitoUser("User5", pool.ClientID, pool, provider);
}
/// <summary>
/// Unmarshaller the response from the service to the response class.
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override AmazonWebServiceResponse Unmarshall(JsonUnmarshallerContext context)
{
AdminConfirmSignUpResponse response = new AdminConfirmSignUpResponse();
return response;
}
/// <summary>
/// Confirms user registration as an admin without using a confirmation code. Works on any user.
/// </summary>
/// <param name="username"></param>
/// <returns></returns>
public async Task <bool> AdminConfirmSignUpAsync(Real.AdminConfirmSignUpRequest request)
{
AmazonCognitoIdentityProviderClient provider = new AmazonCognitoIdentityProviderClient(RegionEndpoint.GetBySystemName(REGION));
AdminConfirmSignUpRequest userRequest = new AdminConfirmSignUpRequest();
userRequest.Username = request.Username;
userRequest.UserPoolId = POOL_ID;
try
{
AdminConfirmSignUpResponse response = await provider.AdminConfirmSignUpAsync(userRequest);
}
catch (Exception e)
{
Console.WriteLine(e);
return(false);
}
return(true);
}
public async Task Returns_Createduser_When_RegistrationSuccessful()
{
var signUpResponse = new SignUpResponse {
UserSub = "test-id"
};
var confirmReponse = new AdminConfirmSignUpResponse {
HttpStatusCode = System.Net.HttpStatusCode.OK
};
_configurationMock.Setup(m => m[It.IsAny <string>()]).Returns("test-string");
_cognitoClientMock.Setup(m => m.SignUpAsync(It.IsAny <SignUpRequest>(), It.IsAny <CancellationToken>())).ReturnsAsync(signUpResponse);
_cognitoClientMock.Setup(m => m.AdminConfirmSignUpAsync(It.IsAny <AdminConfirmSignUpRequest>(), It.IsAny <CancellationToken>())).ReturnsAsync(confirmReponse);
var newUser = new NewUser("test", "Password01");
var signUpResult = await _sut.RegisterAsync(newUser, CancellationToken.None);
Assert.NotNull(signUpResult.CognitoId);
Assert.Null(signUpResult.ErrorMessage);
_cognitoClientMock.Verify(m => m.SignUpAsync(It.IsAny <SignUpRequest>(), It.IsAny <CancellationToken>()), Times.Once);
_cognitoClientMock.Verify(m => m.AdminConfirmSignUpAsync(It.IsAny <AdminConfirmSignUpRequest>(), It.IsAny <CancellationToken>()), Times.Once);
}
/// <summary>
/// Internal constructor to initialize a provider, user pool, and user for testing
/// Created user info: Username = User 5, Password = PassWord1!, Email = [email protected]
/// </summary>
public MfaAuthenticationTests()
{
//Delete pool created by BaseAuthenticationTestClass
if (pool != null)
{
provider.DeleteUserPoolAsync(new DeleteUserPoolRequest()
{
UserPoolId = pool.PoolID
}).Wait();
}
UserPoolPolicyType passwordPolicy = new UserPoolPolicyType();
List <SchemaAttributeType> requiredAttributes = new List <SchemaAttributeType>();
List <string> verifiedAttributes = new List <string>();
var creds = FallbackCredentialsFactory.GetCredentials();
var region = FallbackRegionFactory.GetRegionEndpoint();
provider = new AmazonCognitoIdentityProviderClient(creds, region);
AdminCreateUserConfigType adminCreateUser = new AdminCreateUserConfigType()
{
UnusedAccountValidityDays = 8,
AllowAdminCreateUserOnly = false
};
passwordPolicy.PasswordPolicy = new PasswordPolicyType()
{
MinimumLength = 8,
RequireNumbers = true,
RequireSymbols = true,
RequireUppercase = true,
RequireLowercase = true
};
SchemaAttributeType emailSchema = new SchemaAttributeType()
{
Required = true,
Name = CognitoConstants.UserAttrEmail,
AttributeDataType = AttributeDataType.String
};
SchemaAttributeType phoneSchema = new SchemaAttributeType()
{
Required = true,
Name = CognitoConstants.UserAttrPhoneNumber,
AttributeDataType = AttributeDataType.String
};
requiredAttributes.Add(emailSchema);
requiredAttributes.Add(phoneSchema);
verifiedAttributes.Add(CognitoConstants.UserAttrEmail);
verifiedAttributes.Add(CognitoConstants.UserAttrPhoneNumber);
//Create Role for MFA
using (var managementClient = new AmazonIdentityManagementServiceClient())
{
CreateRoleResponse roleResponse = managementClient.CreateRoleAsync(new CreateRoleRequest()
{
RoleName = "TestRole_" + DateTime.Now.ToString("yyyyMMdd_HHmmss"),
AssumeRolePolicyDocument = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow" +
"\",\"Principal\":{\"Service\":\"cognito-idp.amazonaws.com\"},\"Action\":\"sts:AssumeRole\",\"Condition" +
"\":{\"StringEquals\":{\"sts:ExternalId\":\"8327d096-57c0-4fb7-ad24-62ea8fc692c0\"}}}]}"
}).Result;
roleName = roleResponse.Role.RoleName;
roleArn = roleResponse.Role.Arn;
//Create and attach policy for role
CreatePolicyResponse createPolicyResponse = managementClient.CreatePolicyAsync(new CreatePolicyRequest()
{
PolicyDocument = "{\"Version\": \"2012-10-17\",\"Statement\": [{\"Effect\": \"Allow\",\"Action" +
"\": [\"sns:publish\"],\"Resource\": [\"*\"]}]}",
PolicyName = "Cognito_" + DateTime.Now.ToString("yyyyMMdd_HHmmss"),
}).Result;
policyName = createPolicyResponse.Policy.PolicyName;
policyArn = createPolicyResponse.Policy.Arn;
managementClient.AttachRolePolicyAsync(new AttachRolePolicyRequest()
{
PolicyArn = policyArn,
RoleName = roleName
}).Wait();
}
//Create user pool and client
CreateUserPoolRequest createPoolRequest = new CreateUserPoolRequest
{
PoolName = "mfaTestPool_" + DateTime.Now.ToString("yyyyMMdd_HHmmss"),
Policies = passwordPolicy,
Schema = requiredAttributes,
AdminCreateUserConfig = adminCreateUser,
MfaConfiguration = "ON",
AutoVerifiedAttributes = verifiedAttributes,
SmsConfiguration = new SmsConfigurationType
{
SnsCallerArn = roleArn,
ExternalId = "8327d096-57c0-4fb7-ad24-62ea8fc692c0"
}
};
//Build in buffer time for role/policy to be created
CreateUserPoolResponse createPoolResponse = null;
string bufferExMsg = "Role does not have a trust relationship allowing Cognito to assume the role";
while (true)
{
try
{
createPoolResponse = provider.CreateUserPoolAsync(createPoolRequest).Result;
break;
}
catch (Exception ex)
{
if (string.Equals(bufferExMsg, ex.InnerException.Message))
{
System.Threading.Thread.Sleep(3000);
}
else
{
throw ex;
}
}
}
UserPoolType poolCreated = createPoolResponse.UserPool;
CreateUserPoolClientResponse clientResponse =
provider.CreateUserPoolClientAsync(new CreateUserPoolClientRequest()
{
ClientName = "App1",
UserPoolId = poolCreated.Id,
GenerateSecret = false,
}).Result;
UserPoolClientType clientCreated = clientResponse.UserPoolClient;
this.pool = new CognitoUserPool(poolCreated.Id, clientCreated.ClientId, provider, "");
SignUpRequest signUpRequest = new SignUpRequest()
{
ClientId = clientCreated.ClientId,
Password = "******",
Username = "******",
UserAttributes = new List <AttributeType>()
{
new AttributeType()
{
Name = CognitoConstants.UserAttrEmail, Value = "*****@*****.**"
},
new AttributeType()
{
Name = CognitoConstants.UserAttrPhoneNumber, Value = "+15555555555"
}
},
ValidationData = new List <AttributeType>()
{
new AttributeType()
{
Name = CognitoConstants.UserAttrEmail, Value = "*****@*****.**"
},
new AttributeType()
{
Name = CognitoConstants.UserAttrPhoneNumber, Value = "+15555555555"
}
}
};
SignUpResponse signUpResponse = provider.SignUpAsync(signUpRequest).Result;
AdminConfirmSignUpRequest confirmRequest = new AdminConfirmSignUpRequest()
{
Username = "******",
UserPoolId = poolCreated.Id
};
AdminConfirmSignUpResponse confirmResponse = provider.AdminConfirmSignUpAsync(confirmRequest).Result;
this.user = new CognitoUser("User5", clientCreated.ClientId, pool, provider);
}
