Adrian Hall adrianhall
adrianhall
/ ConfigureTOTPActivity.kt
Created
September 25, 2018 16:58
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| private fun handler(identityRequest: IdentityRequest, params: Map<String,String>?, callback: IdentityResponse) { | |
| when(identityRequest) { | |
| IdentityRequest.SUCCESS -> { | |
| Log.d(TAG, "handler: SUCCESS") | |
| [email protected]() | |
| } | |
| IdentityRequest.FAILURE -> { | |
| Log.d(TAG, "handler: FAILURE") | |
| alert(params!!.get("message")!!) { |
adrianhall
/ AWSIdentityRepository.kt
Created
September 25, 2018 16:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| override fun initiateTOTPSignup(handler: IdentityHandler) { | |
| userPool.currentUser.associateSoftwareTokenInBackground(null, object : RegisterMfaHandler { | |
| override fun onSuccess(sessionToken: String?) { | |
| val mfaSettings = listOf( | |
| CognitoMfaSettings(CognitoMfaSettings.SMS_MFA).apply { | |
| isEnabled = true | |
| isPreferred = false | |
| }, | |
| CognitoMfaSettings(CognitoMfaSettings.TOTP_MFA).apply { | |
| isEnabled = true |
adrianhall
/ AuthenticatorActivity.kt
Last active
September 19, 2018 18:06
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| WebAuthProvider.init(auth0Settings) | |
| .withAudience(audience) | |
| .start(this@AuthenticatorActivity, object : AuthCallback { | |
| override fun onSuccess(credentials: Credentials) { | |
| model.federateWithOIDC(credentials.accessToken!!, resources.getString(R.string.com_auth0_domain)) | |
| [email protected]() | |
| } | |
| override fun onFailure(dialog: Dialog) { | |
| Log.d(TAG, "Auth0 Error displayed in dialog") | |
| runOnUiThread { dialog.show() } |
adrianhall
/ AWSIdentityRepository.kt
Last active
September 19, 2018 18:05
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Federate with OIDC | |
| */ | |
| override fun federateWithOIDC(token: String, issuer: String) { | |
| Log.d(TAG, "Federating with $issuer") | |
| thread(start = true) { | |
| with(service.identityManager.underlyingProvider) { | |
| clear() | |
| withLogins(mapOf(issuer to token)) | |
| refresh() |
adrianhall
/ cognito-cloudformation-template.yml
Last active
September 19, 2018 17:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| IdentityPool: | |
| # Always created | |
| Type: AWS::Cognito::IdentityPool | |
| Properties: | |
| IdentityPoolName: photos_identitypool_9551db82 | |
| CognitoIdentityProviders: | |
| - ClientId: !Ref UserPoolClient | |
| ProviderName: !Sub | |
| - cognito-idp.${region}.amazonaws.com/${client} |
adrianhall
/ cognito-cloudformation-template.yml
Created
September 19, 2018 17:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| OpenIdLambdaIAMPolicy: | |
| # Sets policy for the role that executes the OpenId Lambda | |
| # Depends on OpenIdLambda for Arn | |
| # Marked as depending on MFALambda for easier to understand CFN sequencing | |
| Type: 'AWS::IAM::Policy' | |
| Properties: | |
| PolicyName: !Ref openIdLambdaIAMPolicy | |
| Roles: | |
| - !Ref openIdLambdaRoleName | |
| PolicyDocument: |
adrianhall
/ AuthenticatorActivity.kt
Last active
September 18, 2018 21:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Configure the Auth0 requirements | |
| val auth0Settings = Auth0(this).apply { | |
| isOIDCConformant = true | |
| } | |
| val audience = String.format("https://%s/userinfo", resources.getString(R.string.com_auth0_domain)) | |
| loginFormAuth0LoginButton.onClick { | |
| WebAuthProvider.init(auth0Settings) | |
| .withAudience(audience) | |
| .start(this@AuthenticatorActivity, object : AuthCallback { | |
| override fun onSuccess(credentials: Credentials) { |
adrianhall
/ AWSIdentityRepository.kt
Last active
September 18, 2018 20:09
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Check to see if Google is authenticated - if it is, then federate with Google | |
| val googleAccount = GoogleSignIn.getLastSignedInAccount(context) | |
| if (googleAccount != null) { | |
| Log.d(TAG, "Google Signed In Account found - account=${googleAccount.toJson()} ") | |
| thread(start = true) { | |
| try { | |
| val googleOptions = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN) | |
| .requestIdToken(context.getString(R.string.google_client)) | |
| .requestEmail() | |
| .build() |
adrianhall
/ AWSIdentityRepository.kt
Last active
September 18, 2018 20:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Federate with Google authentication | |
| */ | |
| override fun federateWithGoogle(account: GoogleSignInAccount) { | |
| if (account.idToken != null) { | |
| Log.d(TAG, "Federating with Google") | |
| thread(start = true) { | |
| with(service.identityManager.underlyingProvider) { | |
| clear() | |
| withLogins(mapOf("accounts.google.com" to account.idToken)) |
adrianhall
/ AuthenticatorActivity.kt
Created
September 18, 2018 17:24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) { | |
| super.onActivityResult(requestCode, resultCode, data) | |
| when (requestCode) { | |
| GOOGLE_SIGN_IN -> { | |
| val task = GoogleSignIn.getSignedInAccountFromIntent(data) | |
| try { | |
| val account = task.getResult(ApiException::class.java) | |
| Log.d(TAG, "Authenticated with Google: token = ${account.idToken}") | |
| model.federateWithGoogle(account) |