search

amazon-archives / aws-sdk-xamarin

AWS Mobile SDK for Xamarin (Beta)
Apache License 2.0
45 stars 18 forks source link

How can I sign in the exsisting user in Amazon Cognito User Pool? #36

Closed Madhesk closed 7 years ago

Madhesk commented 8 years ago

I can sign up the new user in amazon cognito user pool. But I don't know. How to sign in the exsisting user in amazon cognito user pool? Then after successful sign in to get the token and access the S3.

imnasif commented 8 years ago

@Madhesk same question here. Any solution?

Madhesk commented 8 years ago

@imnasif I didn't get the solution for the above issue till now. Check this link (https://forums.aws.amazon.com/thread.jspa?messageID=725316) may be you can get some idea.

wbsaputra commented 8 years ago

same issues here, can't authenticate user with USER_SRP authflow, it need srp calculation which difficult for starter

Madhesk commented 8 years ago

@wbsaputra ADMIN_NO_SRP_AUTH AuthFlow is acceptable for user authentication.

wbsaputra commented 8 years ago

Hi Madhesk, I'm getting AccessDeniedException user arn .... not authorized to perform: cognito-idp:AdminInitiateAuth on resource ... when using ADMIN_NO_SRP_AUTH authflow, do you know what I missed?

Madhesk commented 8 years ago

@wbsaputra, Have you enabled sign-in API for server-based authentication (ADMIN_NO_SRP_AUTH) inside of "APPS" list in AWS console?

wbsaputra commented 8 years ago

@Madhesk, Yes I've enable it, correct me if I'm wrong, I'm assuming unauthenticate user is unable to call ADMIN_NO_SRP_AUTH. I've tried to put cognito-idp:*; roles in cognito unauthenticate roles and still getting this exception

EmilAlipiev commented 7 years ago

how do you even sign up if sdk doesnt support user pool? can you please explain?

wbsaputra commented 7 years ago

@EmilAlipiev for C# xamarin .net u can get AWS SDK user pool support here https://www.nuget.org/packages/AWSSDK.CognitoIdentityProvider/ @Madhesk Finally I can authenticate to user pool using ADMIN_NO_SRP_AUTH with lambda trigger

tawalke commented 7 years ago

@wbsaputra @EmilAlipiev @Madhesk This SDK has been migrated with the AWS .NET SDK which has been componentized and available on NuGet. See full SDK code here: https://github.com/aws/aws-sdk-net

EmilAlipiev commented 7 years ago

@wbsaputra why do you use lambda to authenticate? can you give some hint? i cant find any sample how to achieve this. thank you

wbsaputra commented 7 years ago

@EmilAlipiev I'm new to AWS, but hope this can help, U can call initiate auth with USER_SRP authflow but required SRP calculation, see this https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol. Currently there is no built in authenticate handler with srp in aws sdk dotnet, available only in javascript, android and ios sdk. My solution is to use CUSTOM_AUTH and use lambda trigger VerifyAuthChallenge, at this lambda function you can reauthenticate user with ADMIN_NO_SRP_AUTH with just plain text password(or encrypted in client and decrypted in lambda), it doesn't need srp calculation. Althoug is not officialy suppport by AWS cause technically it will authenticate user twice, at least it work and we can continue our project and clear out my days :) Hope AWS will support authentication handler for .net soon. if you find any better solution please let me know.

EmilAlipiev commented 7 years ago

Thanks for your reply. I am also new into that it has been almost A month and I feel that it goes nowhere neither here nor on aws Forums, stackoverflow. I dont get any answer. I feel like Amazon doesnt care about xamarin and. Net at all. such a Big dissapointment

mmlac commented 7 years ago

I implemented a SRP auth for C# following how it's done in the Android SDK, maybe that helps anyone:

http://blog.mmlac.com/aws-cognito-srp-login-c-sharp-dot-net/

tschmidleithner commented 7 years ago

@mmlac First, thanks for your contribution. I tried your code but I am getting a NotAuthorizedException in provider.RespondToAuthChallenge(new RespondToAuthChallengeRequest(...)) when trying to login with a confirmed user with username and password. Maybe I misconfigured something for my app in my userpool.

I am not using an alias for the userpool and my app settings are defined as follows:

I use the following nuget packages:

<packages>
  <package id="AWSSDK.CognitoIdentityProvider" version="3.3.2.7" targetFramework="net461" />
  <package id="AWSSDK.Core" version="3.3.10.1" targetFramework="net461" />
  <package id="AWSSDK.SecurityToken" version="3.3.1.2" targetFramework="net461" />
  <package id="BouncyCastle" version="1.8.1" targetFramework="net461" />
</packages>

Any idea what is wrong on my side?

tawalke commented 7 years ago

Hi Thomas:

Just to verify. Are you using the latest Xamarin SDK? This is repo is for the beta version and the final release we migrated into the AWS .NET SDK v3 and also can be found on NuGet.

AWS SDK for .NET https://aws.amazon.com/sdk-for-net/ Sample Code: https://github.com/awslabs/aws-sdk-net-samples NuGet: https://www.nuget.org/packages?q=Tags%3A%22aws-sdk-v3%22 Github: https://github.com/aws/aws-sdk-net Forum for Questions: https://forums.aws.amazon.com/forum.jspa?forumID=61 Docs: http://docs.aws.amazon.com/mobile/sdkforxamarin/developerguide/index.html Dev Guide: http://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/welcome.html

Sent from Windows Mail

From: Thomas Schmidleithnermailto:notifications@github.com Sent: ‎Thursday‎, ‎March‎ ‎16‎, ‎2017 ‎5‎:‎28‎ ‎AM To: awslabs/aws-sdk-xamarinmailto:aws-sdk-xamarin@noreply.github.com Cc: tawalkemailto:taraew@live.com, State changemailto:state_change@noreply.github.com

@mmlachttps://github.com/mmlac First, thanks for your contribution. I tried your code but I am getting a NotAuthorizedException in provider.RespondToAuthChallenge(new RespondToAuthChallengeRequest(...)) when trying to login with a confirmed user with username and password. Maybe I misconfigured something for my app in my userpool.

I am not using an alias for the userpool and my app settings are defined as follows:

I use the following nuget packages:

Any idea what is wrong on my side?

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHubhttps://github.com/awslabs/aws-sdk-xamarin/issues/36#issuecomment-287002151, or mute the threadhttps://github.com/notifications/unsubscribe-auth/ACMW1rC-ffyVihIDerM6sXsAn8zjS8tyks5rmQDTgaJpZM4I2LQM.

mmlac commented 7 years ago

@tschmidleithner This code is for SRP auth and not for the ADMIN_NO_SRP_AUTH. I don't know if these settings conflict. Create a new client token with it disabled. Also check your region.

Otherwise the auth is very hard to debug as AWS doesn't return what went wrong, I'm afraid.

tschmidleithner commented 7 years ago

@mmlac Yes, sorry, I forgot to mention that I tried both resulting in the same error message.