upgrade Gradle, add forgot password, require user pool on setup

jump-sdk · Oct 18, 2023 · 58c3d37 · 58c3d37
1 parent b47c8fd
commit 58c3d37
Show file tree

Hide file tree

Showing 8 changed files with 197 additions and 132 deletions.
diff --git a/amplifyframework/src/commonMain/kotlin/com/jump/sdk/amplifyframework/CognitoAction.kt b/amplifyframework/src/commonMain/kotlin/com/jump/sdk/amplifyframework/CognitoAction.kt
@@ -1,8 +1,10 @@
 package com.jump.sdk.amplifyframework
 
 enum class CognitoAction(val headerValue: String) {
+ CONFIRM_FORGOT_PASSWORD("AWSCognitoIdentityProviderService.ConfirmForgotPassword"),
  CONFIRM_SIGN_UP("AWSCognitoIdentityProviderService.ConfirmSignUp"),
- SIGN_UP("AWSCognitoIdentityProviderService.SignUp"),
+ FORGOT_PASSWORD("AWSCognitoIdentityProviderService.ForgotPassword"),
  INITIATE_AUTH("AWSCognitoIdentityProviderService.InitiateAuth"),
  RESPOND_TO_AUTH_CHALLENGE("AWSCognitoIdentityProviderService.RespondToAuthChallenge"),
+ SIGN_UP("AWSCognitoIdentityProviderService.SignUp"),
 }
diff --git a/amplifyframework/src/commonMain/kotlin/com/jump/sdk/amplifyframework/CognitoException.kt b/amplifyframework/src/commonMain/kotlin/com/jump/sdk/amplifyframework/CognitoException.kt
@@ -3,6 +3,5 @@ package com.jump.sdk.amplifyframework
 sealed class CognitoException(override val message: String) : Exception(message) {
  data object BadSrpB : CognitoException("Bad server public value 'B'")
  data object HashOfAAndSrpBCannotBeZero : CognitoException("Hash of A and B cannot be zero")
- data object UserPoolNameNotSet : CognitoException("Must call setUserPoolParams() before this")
  data object UserIdNotSet : CognitoException("Must call setUserPoolParams() before this")
 }
diff --git a/amplifyframework/src/commonMain/kotlin/com/jump/sdk/amplifyframework/CognitoKeys.kt b/amplifyframework/src/commonMain/kotlin/com/jump/sdk/amplifyframework/CognitoKeys.kt
@@ -21,6 +21,7 @@ object CognitoKeys {
  const val PASSWORD_CLAIM_SECRET_BLOCK = "PASSWORD_CLAIM_SECRET_BLOCK"
  const val PASSWORD_CLAIM_SIGNATURE = "PASSWORD_CLAIM_SIGNATURE"
  const val PASSWORD_VERIFIER = "PASSWORD_VERIFIER"
+ const val REFRESH_TOKEN_AUTH = "REFRESH_TOKEN_AUTH"
  const val REFRESH_TOKEN = "REFRESH_TOKEN"
  const val SALT = "SALT"
  const val SECRET_BLOCK = "SECRET_BLOCK"

diff --git a/amplifyframework/src/commonMain/kotlin/com/jump/sdk/amplifyframework/SRPHelper.kt b/amplifyframework/src/commonMain/kotlin/com/jump/sdk/amplifyframework/SRPHelper.kt
@@ -23,6 +23,7 @@ import io.ktor.utils.io.core.toByteArray
 import org.kotlincrypto.SecureRandom
 import org.kotlincrypto.hash.sha2.SHA256
 import org.kotlincrypto.macs.hmac.sha2.HmacSHA256
+import kotlin.coroutines.cancellation.CancellationException
 import kotlin.io.encoding.Base64
 import kotlin.io.encoding.ExperimentalEncodingApi
 
@@ -45,7 +46,7 @@ private const val HEX_N =
 
 @OptIn(ExperimentalEncodingApi::class)
 @Suppress("TooManyFunctions")
-class SRPHelper(private val password: String) {
+class SRPHelper(private val password: String, userPoolName: String) {
  @Suppress("VariableNaming")
  private val N = BigInteger.parseString(HEX_N, 16)
 
@@ -61,8 +62,16 @@ class SRPHelper(private val password: String) {
  internal set
 
  private val digest = SHA256()
+ var userIdForSrp: String? = null
+ private val userPoolName: String
 
  init {
+ if (userPoolName.contains("_")) {
+ this.userPoolName = userPoolName.split(Regex("_"), 2)[1]
+ } else {
+ this.userPoolName = userPoolName
+ }
+
  // Generate client private 'a' and public 'A' values
  do {
  privateA = BigInteger.fromByteArray(random.nextBytesOf(EPHEMERAL_KEY_LENGTH), Sign.POSITIVE).mod(N)
@@ -76,17 +85,6 @@ class SRPHelper(private val password: String) {
  k = BigInteger.fromByteArray(digest.digest(g.toByteArray()), Sign.POSITIVE)
  }
 
- private var userId: String? = null
- private var userPoolName: String? = null
-
- fun setUserPoolParams(userIdForSrp: String, userPoolName: String) {
- this.userId = userIdForSrp
- this.userPoolName = userPoolName
- if (userPoolName.contains("_")) {
- this.userPoolName = userPoolName.split(Regex("_"), 2)[1]
- }
- }
-
  // @TestOnly
  internal fun modN(value: BigInteger): BigInteger = value.mod(N)
 
@@ -109,8 +107,8 @@ class SRPHelper(private val password: String) {
  @Throws(CognitoException::class)
  internal fun computeX(salt: BigInteger): BigInteger {
  digest.reset()
- digest.update(userPoolName?.toByteArray() ?: throw CognitoException.UserPoolNameNotSet)
- digest.update(userId?.toByteArray() ?: throw CognitoException.UserIdNotSet)
+ digest.update(userPoolName.toByteArray())
+ digest.update(userIdForSrp?.toByteArray() ?: throw CognitoException.UserIdNotSet)
  digest.update(":".toByteArray())
  val userIdPasswordHash = digest.digest(password.toByteArray())
 
@@ -155,8 +153,8 @@ class SRPHelper(private val password: String) {
  @Throws(CognitoException::class)
  internal fun generateM1Signature(key: ByteArray, secretBlock: String): ByteArray {
  val mac = HmacSHA256(key)
- mac.update(userPoolName?.toByteArray() ?: throw CognitoException.UserPoolNameNotSet)
- mac.update(userId?.toByteArray() ?: throw CognitoException.UserIdNotSet)
+ mac.update(userPoolName.toByteArray())
+ mac.update(userIdForSrp?.toByteArray() ?: throw CognitoException.UserIdNotSet)
  mac.update(Base64.decode(secretBlock))
  return mac.doFinal(timestamp.toByteArray())
  }
@@ -178,8 +176,8 @@ class SRPHelper(private val password: String) {
  * for the subsequent call to AWSCognitoIdentityProviderService.RespondToAuthChallenge
  * @return A string representing the PASSWORD_CLAIM_SIGNATURE for authentication.
  */
- @Throws(CognitoException::class)
- fun getSignature(salt: String, srpB: String, secretBlock: String): String {
+ @Throws(CognitoException::class, CancellationException::class)
+ suspend fun getSignature(salt: String, srpB: String, secretBlock: String): String {
  val bigIntSRPB = BigInteger.parseString(srpB, HEX)
  val bigIntSalt = BigInteger.parseString(salt, HEX)
 

diff --git a/build.gradle.kts b/build.gradle.kts
@@ -1,7 +1,8 @@
 plugins {
- id("com.android.library").version("8.2.0-beta06").apply(false)
+ id("com.android.library").version("8.2.0-rc01").apply(false)
  kotlin("multiplatform").version("1.9.10").apply(false)
  id("io.gitlab.arturbosch.detekt") version "1.23.1"
+ id("com.github.ben-manes.versions") version "0.49.0"
 }
 
 tasks.register("clean", Delete::class) {

diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,7 @@
-#Sat Oct 14 10:22:57 PDT 2023
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.2-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.2.1-bin.zip
+networkTimeout=10000
+validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists