/// <summary>
/// Change password by current user , with username and password
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
public bool ChangePassword(ApiChangePasswordRequest request)
{
using var userProvider = GetCognitoIdentityProvider();
CognitoUser user = GetUser(request.UserName, userProvider);
InitiateSrpAuthRequest authRequest = new InitiateSrpAuthRequest()
{
Password = request.PreviewPassword
};
var authResponse = user.StartWithSrpAuthAsync(authRequest).GetAwaiter().GetResult();
if (authResponse.ChallengeName == ChallengeNameType.NEW_PASSWORD_REQUIRED)
{
var result2 = user.RespondToNewPasswordRequiredAsync(new RespondToNewPasswordRequiredRequest()
{
SessionID = authResponse.SessionID,
NewPassword = request.NewPassword
}).ConfigureAwait(false).GetAwaiter().GetResult();
}
var task = user.ChangePasswordAsync(request.PreviewPassword, request.NewPassword).GetAwaiter();
task.GetResult();
return(true);
}
private async Task <AuthEventEnum> NextChallenge(AuthEventEnum lastAuthEventEnum = AuthEventEnum.AuthChallenge)
{
try
{
if (!HasChallenge)
{
switch (CurrentAuthProcess)
{
case AuthProcessEnum.None:
return(AuthEventEnum.Alert_NothingToDo);
case AuthProcessEnum.ResettingPassword:
CurrentAuthProcess = AuthProcessEnum.None;
ClearSensitiveFields();
return(AuthEventEnum.PasswordResetDone);
case AuthProcessEnum.SigningUp:
if (HasChallenge)
{
return(AuthEventEnum.AuthChallenge);
}
if (!IsLoginFormatOk)
{
AuthChallengeList.Add(AuthChallengeEnum.Login);
}
else
if (!IsPasswordFormatOk)
{
AuthChallengeList.Add(AuthChallengeEnum.Password);
}
else
if (!IsEmailFormatOk)
{
AuthChallengeList.Add(AuthChallengeEnum.Email);
}
if (HasChallenge)
{
return(AuthEventEnum.AuthChallenge);
}
if (!IsCodeVerified)
{
// Request Auth Code
var signUpRequest = new SignUpRequest()
{
ClientId = clientId,
Password = password,
Username = login
};
signUpRequest.UserAttributes.Add(
new AttributeType()
{
Name = "email",
Value = email
});
// This call may throw an exception
var result = await providerClient.SignUpAsync(signUpRequest).ConfigureAwait(false);
if (!AuthChallengeList.Contains(AuthChallengeEnum.Code))
{
AuthChallengeList.Add(AuthChallengeEnum.Code);
}
return(AuthEventEnum.AuthChallenge);
}
CurrentAuthProcess = AuthProcessEnum.None;
ClearSensitiveFields();
return(AuthEventEnum.SignedUp);
case AuthProcessEnum.SigningIn:
if (authFlowResponse != null && authFlowResponse.ChallengeName == ChallengeNameType.NEW_PASSWORD_REQUIRED) // Update Passsword
{
if (!AuthChallengeList.Contains(AuthChallengeEnum.NewPassword))
{
AuthChallengeList.Add(AuthChallengeEnum.NewPassword);
}
authFlowResponse = null;
return(AuthEventEnum.AuthChallenge);
}
// Grab JWT from login to User Pools to extract User Pool Identity
//var token = new JwtSecurityToken(jwtEncodedString: CognitoUser.SessionTokens.IdToken);
//UpIdentity = token.Claims.First(c => c.Type == "sub").Value; // JWT sub cliam contains User Pool Identity
//// Note: creates Identity Pool identity if it doesn't exist
Credentials = CognitoUser.GetCognitoAWSCredentials(identityPoolId, regionEndpoint);
IsSignedIn = true;
CurrentAuthProcess = AuthProcessEnum.None;
ClearSensitiveFields();
return(AuthEventEnum.SignedIn);
case AuthProcessEnum.UpdatingEmail:
if (!IsCodeVerified)
{
AuthChallengeList.Add(AuthChallengeEnum.Code);
return(AuthEventEnum.VerificationCodeSent);
}
CurrentAuthProcess = AuthProcessEnum.None;
ClearSensitiveFields();
return(AuthEventEnum.EmailUpdateDone);
case AuthProcessEnum.UpdatingPassword:
await CognitoUser.ChangePasswordAsync(password, newPassword).ConfigureAwait(false);
CurrentAuthProcess = AuthProcessEnum.None;
ClearSensitiveFields();
return(AuthEventEnum.PasswordUpdateDone);
case AuthProcessEnum.UpdatingPhone:
CurrentAuthProcess = AuthProcessEnum.None;
ClearSensitiveFields();
return(AuthEventEnum.PhoneUpdateDone);
}
}
}
catch (UsernameExistsException) { return(AuthEventEnum.Alert_LoginAlreadyUsed); }
catch (InvalidParameterException) { return(AuthEventEnum.Alert_InternalProcessError); }
catch (InvalidPasswordException) { return(AuthEventEnum.Alert_PasswordFormatRequirementsFailed); }
catch (TooManyRequestsException) { return(AuthEventEnum.Alert_TooManyAttempts); }
catch (TooManyFailedAttemptsException) { return(AuthEventEnum.Alert_TooManyAttempts); }
catch (PasswordResetRequiredException) { return(AuthEventEnum.Alert_PasswordResetRequiredException); }
catch (Exception e)
{
Debug.WriteLine($"SignUp() threw an exception {e}");
return(AuthEventEnum.Alert_Unknown);
}
return(lastAuthEventEnum);
}