cognitosrp

package module
v0.0.0-...-7bb6280 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 2, 2019 License: Apache-2.0 Imports: 11 Imported by: 1

README

cognito-srp

Build Status Go Report Card Maintainability Test Coverage

This is almost a direct port of capless/warrant

All crypto functions are tested against equivalent values produced by warrant

v2

The version of this package in the master branch makes the assumption that it will be used directly with aws-sdk-go-v2. Because of this it intentionally leaks types from the aws package as part of its public API. This has the advantage of reducing code (slightly), but carries the larger disadvantages of complicating dependencies.

It is recommended you use version 2 of this package located in the v2 branch, though for now both versions will be maintained.

Import v2 of this package with go get github.com/alexrudd/cognito-srp/v2and update your imports and code accordingly.

Usage

package main

import (
    "fmt"
    "time"

    "github.com/alexrudd/cognito-srp"
    "github.com/aws/aws-sdk-go-v2/aws"
    "github.com/aws/aws-sdk-go-v2/aws/endpoints"
    "github.com/aws/aws-sdk-go-v2/aws/external"
    cip "github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider"
)

func main() {
    // configure cognito srp
    csrp, _ := cognitosrp.NewCognitoSRP("user", "pa55w0rd", "eu-west-1_myPoolId", "client", nil)

    // configure cognito identity provider
    cfg, _ := external.LoadDefaultAWSConfig()
    cfg.Region = endpoints.EuWest1RegionID
    cfg.Credentials = aws.AnonymousCredentials
    svc := cip.New(cfg)

    // initiate auth
    req := svc.InitiateAuthRequest(&cip.InitiateAuthInput{
        AuthFlow:       cip.AuthFlowTypeUserSrpAuth,
        ClientId:       aws.String(csrp.GetClientId()),
        AuthParameters: csrp.GetAuthParams(),
    })
    resp, _ := req.Send()

    // respond to password verifier challenge
    if resp.ChallengeName == cip.ChallengeNameTypePasswordVerifier {
        challengeInput, _ := csrp.PasswordVerifierChallenge(resp.ChallengeParameters, time.Now())
        chal := svc.RespondToAuthChallengeRequest(challengeInput)
        resp, _ := chal.Send()

        // print the tokens
        fmt.Println(resp.AuthenticationResult)
    } else {
        // other challenges await...
    }
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CognitoSRP

type CognitoSRP struct {
	// contains filtered or unexported fields
}

CognitoSRP handles SRP authentication with AWS Cognito

func NewCognitoSRP

func NewCognitoSRP(username, password, poolId, clientId string, clientSecret *string) (*CognitoSRP, error)

NewCognitoSRP creates a CognitoSRP object

func (*CognitoSRP) GetAuthParams

func (csrp *CognitoSRP) GetAuthParams() map[string]string

GetAuthParams returns the AuthParms map of values required for make InitiateAuth requests

func (*CognitoSRP) GetClientId

func (csrp *CognitoSRP) GetClientId() string

GetClientId returns the configured Cognito Cient ID

func (*CognitoSRP) GetSecretHash

func (csrp *CognitoSRP) GetSecretHash(username string) (string, error)

GetSecretHash returns the secret hash string required to make certain Cognito Identity Provider API calls (if client is configured with a secret)

func (*CognitoSRP) GetUserPoolId

func (csrp *CognitoSRP) GetUserPoolId() string

GetUserPoolId returns the configured Cognito User Pool ID

func (*CognitoSRP) GetUserPoolName

func (csrp *CognitoSRP) GetUserPoolName() string

GetUserPoolName returns the configured Cognito User Pool Name

func (*CognitoSRP) GetUsername

func (csrp *CognitoSRP) GetUsername() string

GetUsername returns the configured Cognito user username

func (*CognitoSRP) PasswordVerifierChallenge

func (csrp *CognitoSRP) PasswordVerifierChallenge(challengeParms map[string]string, ts time.Time) (*cip.RespondToAuthChallengeInput, error)

PasswordVerifierChallenge returns a github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider.RespondToAuthChallengeInput object which can be used to fulfil a PASSWORD_VERIFIER Cognito challenge

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL