/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
/*
* Do not modify this file. This file is generated from the cognito-idp-2016-04-18.normal.json service model.
*/
using System;
using System.Collections.Generic;
using System.Xml.Serialization;
using System.Text;
using System.IO;
using System.Net;
using Amazon.Runtime;
using Amazon.Runtime.Internal;
namespace Amazon.CognitoIdentityProvider.Model
{
///
/// Container for the parameters to the AdminInitiateAuth operation.
/// Initiates the authentication flow, as an administrator.
///
///
///
/// This action might generate an SMS text message. Starting June 1, 2021, US telecom
/// carriers require you to register an origination phone number before you can send SMS
/// messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you
/// must register a phone number with Amazon
/// Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise,
/// Amazon Cognito users who must receive SMS messages might not be able to sign up, activate
/// their accounts, or sign in.
///
///
///
/// If you have never used SMS text messages with Amazon Cognito or any other Amazon Web
/// Service, Amazon Simple Notification Service might place your account in the SMS sandbox.
/// In sandbox
/// mode , you can send messages only to verified phone numbers. After you test
/// your app while in the sandbox environment, you can move out of the sandbox and into
/// production. For more information, see
/// SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer
/// Guide.
///
///
///
/// Calling this action requires developer credentials.
///
///
public partial class AdminInitiateAuthRequest : AmazonCognitoIdentityProviderRequest
{
private AnalyticsMetadataType _analyticsMetadata;
private AuthFlowType _authFlow;
private Dictionary _authParameters = new Dictionary();
private string _clientId;
private Dictionary _clientMetadata = new Dictionary();
private ContextDataType _contextData;
private string _userPoolId;
///
/// Gets and sets the property AnalyticsMetadata.
///
/// The analytics metadata for collecting Amazon Pinpoint metrics for AdminInitiateAuth
/// calls.
///
///
public AnalyticsMetadataType AnalyticsMetadata
{
get { return this._analyticsMetadata; }
set { this._analyticsMetadata = value; }
}
// Check to see if AnalyticsMetadata property is set
internal bool IsSetAnalyticsMetadata()
{
return this._analyticsMetadata != null;
}
///
/// Gets and sets the property AuthFlow.
///
/// The authentication flow for this call to run. The API action will depend on this value.
/// For example:
///
/// -
///
///
REFRESH_TOKEN_AUTH will take in a valid refresh token and return new
/// tokens.
///
/// -
///
///
USER_SRP_AUTH will take in USERNAME and SRP_A
/// and return the Secure Remote Password (SRP) protocol variables to be used for next
/// challenge execution.
///
/// -
///
///
ADMIN_USER_PASSWORD_AUTH will take in USERNAME and PASSWORD
/// and return the next challenge or tokens.
///
///
///
/// Valid values include:
///
/// -
///
///
USER_SRP_AUTH: Authentication flow for the Secure Remote Password (SRP)
/// protocol.
///
/// -
///
///
REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication flow for
/// refreshing the access token and ID token by supplying a valid refresh token.
///
/// -
///
///
CUSTOM_AUTH: Custom authentication flow.
///
/// -
///
///
ADMIN_NO_SRP_AUTH: Non-SRP authentication flow; you can pass in the
/// USERNAME and PASSWORD directly if the flow is enabled for calling the app client.
///
/// -
///
///
ADMIN_USER_PASSWORD_AUTH: Admin-based user password authentication.
/// This replaces the ADMIN_NO_SRP_AUTH authentication flow. In this flow,
/// Amazon Cognito receives the password in the request instead of using the SRP process
/// to verify passwords.
///
///
///
[AWSProperty(Required=true)]
public AuthFlowType AuthFlow
{
get { return this._authFlow; }
set { this._authFlow = value; }
}
// Check to see if AuthFlow property is set
internal bool IsSetAuthFlow()
{
return this._authFlow != null;
}
///
/// Gets and sets the property AuthParameters.
///
/// The authentication parameters. These are inputs corresponding to the AuthFlow
/// that you're invoking. The required values depend on the value of AuthFlow:
///
/// -
///
/// For
USER_SRP_AUTH: USERNAME (required), SRP_A
/// (required), SECRET_HASH (required if the app client is configured with
/// a client secret), DEVICE_KEY.
///
/// -
///
/// For
REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required),
/// SECRET_HASH (required if the app client is configured with a client secret),
/// DEVICE_KEY.
///
/// -
///
/// For
ADMIN_NO_SRP_AUTH: USERNAME (required), SECRET_HASH
/// (if app client is configured with client secret), PASSWORD (required),
/// DEVICE_KEY.
///
/// -
///
/// For
CUSTOM_AUTH: USERNAME (required), SECRET_HASH
/// (if app client is configured with client secret), DEVICE_KEY. To start
/// the authentication flow with password verification, include ChallengeName: SRP_A
/// and SRP_A: (The SRP_A Value).
///
///
///
[AWSProperty(Sensitive=true)]
public Dictionary AuthParameters
{
get { return this._authParameters; }
set { this._authParameters = value; }
}
// Check to see if AuthParameters property is set
internal bool IsSetAuthParameters()
{
return this._authParameters != null && this._authParameters.Count > 0;
}
///
/// Gets and sets the property ClientId.
///
/// The app client ID.
///
///
[AWSProperty(Required=true, Sensitive=true, Min=1, Max=128)]
public string ClientId
{
get { return this._clientId; }
set { this._clientId = value; }
}
// Check to see if ClientId property is set
internal bool IsSetClientId()
{
return this._clientId != null;
}
///
/// Gets and sets the property ClientMetadata.
///
/// A map of custom key-value pairs that you can provide as input for certain custom workflows
/// that this action triggers.
///
///
///
/// You create custom workflows by assigning Lambda functions to user pool triggers. When
/// you use the AdminInitiateAuth API action, Amazon Cognito invokes the Lambda functions
/// that are specified for various triggers. The ClientMetadata value is passed as input
/// to the functions for only the following triggers:
///
/// -
///
/// Pre signup
///
///
-
///
/// Pre authentication
///
///
-
///
/// User migration
///
///
///
/// When Amazon Cognito invokes the functions for these triggers, it passes a JSON payload,
/// which the function receives as input. This payload contains a validationData
/// attribute, which provides the data that you assigned to the ClientMetadata parameter
/// in your AdminInitiateAuth request. In your function code in Lambda, you can process
/// the validationData value to enhance your workflow for your specific needs.
///
///
///
/// When you use the AdminInitiateAuth API action, Amazon Cognito also invokes the functions
/// for the following triggers, but it doesn't provide the ClientMetadata value as input:
///
/// -
///
/// Post authentication
///
///
-
///
/// Custom message
///
///
-
///
/// Pre token generation
///
///
-
///
/// Create auth challenge
///
///
-
///
/// Define auth challenge
///
///
-
///
/// Verify auth challenge
///
///
///
/// For more information, see
/// Customizing user pool Workflows with Lambda Triggers in the Amazon Cognito
/// Developer Guide.
///
///
///
/// When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the
/// following:
///
/// -
///
/// Store the ClientMetadata value. This data is available only to Lambda triggers that
/// are assigned to a user pool to support custom workflows. If your user pool configuration
/// doesn't include triggers, the ClientMetadata parameter serves no purpose.
///
///
-
///
/// Validate the ClientMetadata value.
///
///
-
///
/// Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
///
///
///
public Dictionary ClientMetadata
{
get { return this._clientMetadata; }
set { this._clientMetadata = value; }
}
// Check to see if ClientMetadata property is set
internal bool IsSetClientMetadata()
{
return this._clientMetadata != null && this._clientMetadata.Count > 0;
}
///
/// Gets and sets the property ContextData.
///
/// Contextual data about your user session, such as the device fingerprint, IP address,
/// or location. Amazon Cognito advanced security evaluates the risk of an authentication
/// event based on the context that your app generates and passes to Amazon Cognito when
/// it makes API requests.
///
///
public ContextDataType ContextData
{
get { return this._contextData; }
set { this._contextData = value; }
}
// Check to see if ContextData property is set
internal bool IsSetContextData()
{
return this._contextData != null;
}
///
/// Gets and sets the property UserPoolId.
///
/// The ID of the Amazon Cognito user pool.
///
///
[AWSProperty(Required=true, Min=1, Max=55)]
public string UserPoolId
{
get { return this._userPoolId; }
set { this._userPoolId = value; }
}
// Check to see if UserPoolId property is set
internal bool IsSetUserPoolId()
{
return this._userPoolId != null;
}
}
}