//public CognitoAWSCredentials GetCachedCognitoIdentity()
//{
// Console.WriteLine("GetCachedCognitoIdentity");
// if (!string.IsNullOrEmpty(credentials.GetCachedIdentityId()) || credentials.CurrentLoginProviders.Length > 0)
// {
// return credentials;
// }
// return null;
//}
public async Task GetAWSCredentialsWithGoogleToken(string token)
{
try
{
CognitoAWSCredentials credentials = new CognitoAWSCredentials(this.IDENTITYPOOL_ID, RegionEndpoint.EUCentral1);
credentials.Clear();
credentials.AddLogin("accounts.google.com", token);
AmazonCognitoIdentityClient cli = new AmazonCognitoIdentityClient(credentials, RegionEndpoint.EUCentral1);
var req = new Amazon.CognitoIdentity.Model.GetIdRequest();
req.Logins.Add("accounts.google.com", token);
req.IdentityPoolId = this.IDENTITYPOOL_ID;
GetIdResponse getIdResponse = await cli.GetIdAsync(req);
var getCredentialReq = new Amazon.CognitoIdentity.Model.GetCredentialsForIdentityRequest();
getCredentialReq.IdentityId = getIdResponse.IdentityId;
getCredentialReq.Logins.Add("accounts.google.com", token);
GetCredentialsForIdentityResponse getCredentialsResponse = await cli.GetCredentialsForIdentityAsync(getCredentialReq);
UserInfo.Credentials = getCredentialsResponse.Credentials;
UserInfo.IdentityId = getCredentialsResponse.IdentityId;
}
catch (Exception ex)
{
Console.WriteLine("GetAWSCredentialsWithGoogleToken ERROR: " + ex.Message);
throw ex;
}
}
/// <summary>
/// Unmarshaller the response from the service to the response class.
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override AmazonWebServiceResponse Unmarshall(JsonUnmarshallerContext context)
{
GetCredentialsForIdentityResponse response = new GetCredentialsForIdentityResponse();
context.Read();
int targetDepth = context.CurrentDepth;
while (context.ReadAtDepth(targetDepth))
{
if (context.TestExpression("Credentials", targetDepth))
{
var unmarshaller = CredentialsUnmarshaller.Instance;
response.Credentials = unmarshaller.Unmarshall(context);
continue;
}
if (context.TestExpression("IdentityId", targetDepth))
{
var unmarshaller = StringUnmarshaller.Instance;
response.IdentityId = unmarshaller.Unmarshall(context);
continue;
}
}
return(response);
}
// Retrieves credentials for the roles defined on the identity pool
private CredentialsRefreshState GetPoolCredentials()
{
CredentialsRefreshState credentialsState;
var identity = this.GetIdentityId(RefreshIdentityOptions.Refresh);
var getCredentialsRequest = new GetCredentialsForIdentityRequest {
IdentityId = identity
};
if (Logins.Count > 0)
{
getCredentialsRequest.Logins = Logins;
}
//incase its BYOI provider override the logins dictionary with the new instance and set the values for cognito-identity provider
if (_identityState != null && !string.IsNullOrEmpty(_identityState.LoginToken))
{
getCredentialsRequest.Logins = new Dictionary <string, string>();
getCredentialsRequest.Logins["cognito-identity.amazonaws.com"] = _identityState.LoginToken;
}
bool retry = false;
GetCredentialsForIdentityResponse response = null;
try
{
response = GetCredentialsForIdentity(getCredentialsRequest);
}
catch (AmazonCognitoIdentityException e)
{
if (ShouldRetry(e))
{
retry = true;
}
else
{
throw;
}
}
if (retry)
{
return(GetPoolCredentials());
}
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId);
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return(credentialsState);
}
// Retrieves credentials for the roles defined on the identity pool
private async System.Threading.Tasks.Task <CredentialsRefreshState> GetPoolCredentialsAsync()
{
CredentialsRefreshState credentialsState;
var identity = await GetIdentityIdAsync(RefreshIdentityOptions.Refresh).ConfigureAwait(false);
var getCredentialsRequest = new GetCredentialsForIdentityRequest {
IdentityId = identity
};
if (Logins.Count > 0)
{
getCredentialsRequest.Logins = Logins;
}
if (_identityState != null && !string.IsNullOrEmpty(_identityState.LoginToken))
{
getCredentialsRequest.Logins = new Dictionary <string, string>();
getCredentialsRequest.Logins.Add("cognito-identity.amazonaws.com", _identityState.LoginToken);
}
bool retry = false;
GetCredentialsForIdentityResponse response = null;
try
{
response = (await cib.GetCredentialsForIdentityAsync(getCredentialsRequest).ConfigureAwait(false));
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId);
}
catch (AmazonCognitoIdentityException e)
{
if (ShouldRetry(e))
{
retry = true;
}
else
{
throw;
}
}
if (retry)
{
return(await GetPoolCredentialsAsync());
}
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return(credentialsState);
}
// Retrieves credentials for the roles defined on the identity pool
private async System.Threading.Tasks.Task <CredentialsRefreshState> GetPoolCredentialsAsync()
{
CredentialsRefreshState credentialsState;
var identity = await GetIdentityIdWithCachingAsync().ConfigureAwait(false);
var getCredentialsRequest = new GetCredentialsForIdentityRequest {
IdentityId = identity.IdentityId
};
if (Logins.Count > 0)
{
getCredentialsRequest.Logins = Logins;
}
bool retry = false;
GetCredentialsForIdentityResponse response = null;
try
{
response = (await cib.GetCredentialsForIdentityAsync(getCredentialsRequest).ConfigureAwait(false));
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId, true);
}
catch (AmazonCognitoIdentityException e)
{
if (ShouldRetry(e, identity))
{
retry = true;
}
else
{
throw;
}
}
if (retry)
{
return(await GetPoolCredentialsAsync());
}
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return(credentialsState);
}
// Retrieves credentials for the roles defined on the identity pool
private CredentialsRefreshState GetPoolCredentials()
{
CredentialsRefreshState credentialsState;
var identity = this.GetIdentityIdWithCaching();
var getCredentialsRequest = new GetCredentialsForIdentityRequest {
IdentityId = identity.IdentityId
};
if (Logins.Count > 0)
{
getCredentialsRequest.Logins = Logins;
}
bool retry = false;
GetCredentialsForIdentityResponse response = null;
try
{
response = GetCredentialsForIdentity(getCredentialsRequest);
}
catch (AmazonCognitoIdentityException e)
{
if (ShouldRetry(e, identity))
{
retry = true;
}
else
{
throw;
}
}
if (retry)
{
return(GetPoolCredentials());
}
// IdentityId may have changed, save the new value
UpdateIdentity(response.IdentityId, true);
var credentials = response.Credentials;
credentialsState = new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration);
return(credentialsState);
}
private CredentialsRefreshState GetPoolCredentials()
{
string text = GetIdentityId(RefreshIdentityOptions.Refresh);
GetCredentialsForIdentityRequest getCredentialsForIdentityRequest = new GetCredentialsForIdentityRequest
{
IdentityId = text
};
if (Logins.Count > 0)
{
getCredentialsForIdentityRequest.Logins = Logins;
}
if (_identityState != null && !string.IsNullOrEmpty(_identityState.LoginToken))
{
getCredentialsForIdentityRequest.Logins = new Dictionary <string, string>();
getCredentialsForIdentityRequest.Logins["cognito-identity.amazonaws.com"] = _identityState.LoginToken;
}
bool flag = false;
GetCredentialsForIdentityResponse getCredentialsForIdentityResponse = null;
try
{
getCredentialsForIdentityResponse = GetCredentialsForIdentity(getCredentialsForIdentityRequest);
}
catch (AmazonCognitoIdentityException e)
{
if (!ShouldRetry(e))
{
throw;
}
flag = true;
}
if (flag)
{
return(GetPoolCredentials());
}
UpdateIdentity(getCredentialsForIdentityResponse.IdentityId);
Amazon.CognitoIdentity.Model.Credentials credentials = getCredentialsForIdentityResponse.Credentials;
return(new CredentialsRefreshState(credentials.GetCredentials(), credentials.Expiration));
}
public override AmazonWebServiceResponse Unmarshall(JsonUnmarshallerContext context)
{
GetCredentialsForIdentityResponse getCredentialsForIdentityResponse = new GetCredentialsForIdentityResponse();
context.Read();
int currentDepth = context.CurrentDepth;
while (context.ReadAtDepth(currentDepth))
{
if (context.TestExpression("Credentials", currentDepth))
{
CredentialsUnmarshaller instance = CredentialsUnmarshaller.Instance;
getCredentialsForIdentityResponse.Credentials = instance.Unmarshall(context);
}
else if (context.TestExpression("IdentityId", currentDepth))
{
StringUnmarshaller instance2 = StringUnmarshaller.Instance;
getCredentialsForIdentityResponse.IdentityId = instance2.Unmarshall(context);
}
}
return(getCredentialsForIdentityResponse);
}
public ActionResult Browse()
{
List <Models.S3File> files = new List <Models.S3File>();
strCurrentUsername = HttpContext.User.Identity.Name;
if (!string.IsNullOrEmpty(strCurrentUsername))
{
if (strCurrentUsername.EndsWith("workerbee.com"))
{
strUserCognitoPoolId = strWorkerBeeCognitoPoolId;
}
else if (strCurrentUsername.EndsWith("queenbee.com"))
{
strUserCognitoPoolId = strQueenBeeCognitoPoolId;
}
else if (strCurrentUsername.EndsWith("beehive.com"))
{
strUserCognitoPoolId = strBeeHiveCognitoPoolId;
}
else //any other email domain
{
strUserCognitoPoolId = strFreeBeeCognitoPoolId;
}
}
Amazon.RegionEndpoint northVirginiaRegion = Amazon.RegionEndpoint.USEast1; //Virginia location
string strAccessKeyId = ConfigurationManager.AppSettings["CognitoDeveloperAccessKeyId"];
string strAccessKeySecret = ConfigurationManager.AppSettings["CognitoDeveloperAccessKeySecret"];
AmazonCognitoIdentityClient cognitoIdClient = new AmazonCognitoIdentityClient(strAccessKeyId, strAccessKeySecret, northVirginiaRegion);
if (cognitoIdClient != null)
{
Dictionary <string, string> customLogin = new Dictionary <string, string>();
customLogin.Add(DEVELOPER_PROVIDER_NAME, HttpContext.User.Identity.Name);
GetOpenIdTokenForDeveloperIdentityRequest oidcTokenReq = new GetOpenIdTokenForDeveloperIdentityRequest();
//oidcTokenReq.IdentityId = HttpContext.User.Identity.Name;
oidcTokenReq.IdentityPoolId = strUserCognitoPoolId;
oidcTokenReq.TokenDuration = 86400; //24hr for ID token validaty
oidcTokenReq.Logins = customLogin;
//Get an OpenID Connect token from AWS Cognito
GetOpenIdTokenForDeveloperIdentityResponse oidcTokenRes = cognitoIdClient.GetOpenIdTokenForDeveloperIdentity(oidcTokenReq);
//Get the Cognito Identity ID for the current user
GetCredentialsForIdentityRequest credentialsForIdReq = new GetCredentialsForIdentityRequest()
{
IdentityId = oidcTokenRes.IdentityId,
//Logins = customLogin
};
Dictionary <string, string> token = new Dictionary <string, string>();
token.Add("cognito-identity.amazonaws.com", oidcTokenRes.Token);//
//Get the token from AWS STS (through AWS Cognito) to assume an AWS role that will allow to user to query AWS S3
GetCredentialsForIdentityResponse credentialsForIdRes = cognitoIdClient.GetCredentialsForIdentity(oidcTokenRes.IdentityId, token);
Credentials awsCreds = credentialsForIdRes.Credentials;
using (var s3Client = new AmazonS3Client(awsCreds, northVirginiaRegion))
{
try
{
var bucketsRes = s3Client.ListBuckets();
List <S3Bucket> buckets = bucketsRes.Buckets;
foreach (S3Bucket bucket in buckets)
{
try
{
ListObjectsResponse listObjectsRes = s3Client.ListObjects(bucket.BucketName);
List <S3Object> s3Objects = listObjectsRes.S3Objects;
foreach (S3Object s3file in s3Objects)
{
files.Add(new Models.S3File()
{
FileName = s3file.Key
});
}
}
catch (Exception ex)
{
}
}
}
catch (AmazonCognitoIdentityException cex)
{
string strError = cex.ToString();
}
catch (Exception ex)
{
////throw;
}
}
}
return(View(files));
}