/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include #include #include namespace Aws { template class AmazonWebServiceResult; namespace Utils { namespace Json { class JsonValue; } // namespace Json } // namespace Utils namespace CognitoIdentityProvider { namespace Model { /** *

Initiates the authentication response.

See Also:

AWS * API Reference

*/ class InitiateAuthResult { public: AWS_COGNITOIDENTITYPROVIDER_API InitiateAuthResult(); AWS_COGNITOIDENTITYPROVIDER_API InitiateAuthResult(const Aws::AmazonWebServiceResult& result); AWS_COGNITOIDENTITYPROVIDER_API InitiateAuthResult& operator=(const Aws::AmazonWebServiceResult& result); ///@{ /** *

The name of the challenge that you're responding to with this call. This name * is returned in the InitiateAuth response if you must pass another * challenge.

Valid values include the following:

All of the * following challenges require USERNAME and SECRET_HASH * (if applicable) in the parameters.

  • * SMS_MFA: Next challenge is to supply an * SMS_MFA_CODEthat your user pool delivered in an SMS message.

    *

  • EMAIL_OTP: Next challenge is to supply an * EMAIL_OTP_CODE that your user pool delivered in an email * message.

  • PASSWORD_VERIFIER: Next challenge is to * supply PASSWORD_CLAIM_SIGNATURE, * PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the * client-side SRP calculations.

  • CUSTOM_CHALLENGE: * This is returned if your custom authentication flow determines that the user * should pass another challenge before tokens are issued.

  • * DEVICE_SRP_AUTH: If device tracking was activated on your user pool * and the previous challenges were passed, this challenge is returned so that * Amazon Cognito can start tracking this device.

  • * DEVICE_PASSWORD_VERIFIER: Similar to * PASSWORD_VERIFIER, but for devices only.

  • * NEW_PASSWORD_REQUIRED: For users who are required to change their * passwords after successful first login.

    Respond to this challenge with * NEW_PASSWORD and any required attributes that Amazon Cognito * returned in the requiredAttributes parameter. You can also set * values for attributes that aren't required by your user pool and that your app * client can write. For more information, see RespondToAuthChallenge.

    *

    In a NEW_PASSWORD_REQUIRED challenge response, you can't * modify a required attribute that already has a value. In * RespondToAuthChallenge, set a value for any keys that Amazon * Cognito returned in the requiredAttributes parameter, then use the * UpdateUserAttributes API operation to modify the value of any * additional attributes.

  • MFA_SETUP: For * users who are required to setup an MFA factor before they can sign in. The MFA * types activated for the user pool will be listed in the challenge parameters * MFAS_CAN_SETUP value.

    To set up software token MFA, use * the session returned here from InitiateAuth as an input to * AssociateSoftwareToken. Use the session returned by * VerifySoftwareToken as an input to * RespondToAuthChallenge with challenge name MFA_SETUP * to complete sign-in. To set up SMS MFA, an administrator should help the user to * add a phone number to their account, and then the user should call * InitiateAuth again to restart sign-in.

*/ inline const ChallengeNameType& GetChallengeName() const{ return m_challengeName; } inline void SetChallengeName(const ChallengeNameType& value) { m_challengeName = value; } inline void SetChallengeName(ChallengeNameType&& value) { m_challengeName = std::move(value); } inline InitiateAuthResult& WithChallengeName(const ChallengeNameType& value) { SetChallengeName(value); return *this;} inline InitiateAuthResult& WithChallengeName(ChallengeNameType&& value) { SetChallengeName(std::move(value)); return *this;} ///@} ///@{ /** *

The session that should pass both ways in challenge-response calls to the * service. If the caller must pass another challenge, they return a session with * other challenge parameters. This session should be passed as it is to the next * RespondToAuthChallenge API call.

*/ inline const Aws::String& GetSession() const{ return m_session; } inline void SetSession(const Aws::String& value) { m_session = value; } inline void SetSession(Aws::String&& value) { m_session = std::move(value); } inline void SetSession(const char* value) { m_session.assign(value); } inline InitiateAuthResult& WithSession(const Aws::String& value) { SetSession(value); return *this;} inline InitiateAuthResult& WithSession(Aws::String&& value) { SetSession(std::move(value)); return *this;} inline InitiateAuthResult& WithSession(const char* value) { SetSession(value); return *this;} ///@} ///@{ /** *

The challenge parameters. These are returned in the InitiateAuth * response if you must pass another challenge. The responses in this parameter * should be used to compute inputs to the next call * (RespondToAuthChallenge).

All challenges require * USERNAME and SECRET_HASH (if applicable).

*/ inline const Aws::Map& GetChallengeParameters() const{ return m_challengeParameters; } inline void SetChallengeParameters(const Aws::Map& value) { m_challengeParameters = value; } inline void SetChallengeParameters(Aws::Map&& value) { m_challengeParameters = std::move(value); } inline InitiateAuthResult& WithChallengeParameters(const Aws::Map& value) { SetChallengeParameters(value); return *this;} inline InitiateAuthResult& WithChallengeParameters(Aws::Map&& value) { SetChallengeParameters(std::move(value)); return *this;} inline InitiateAuthResult& AddChallengeParameters(const Aws::String& key, const Aws::String& value) { m_challengeParameters.emplace(key, value); return *this; } inline InitiateAuthResult& AddChallengeParameters(Aws::String&& key, const Aws::String& value) { m_challengeParameters.emplace(std::move(key), value); return *this; } inline InitiateAuthResult& AddChallengeParameters(const Aws::String& key, Aws::String&& value) { m_challengeParameters.emplace(key, std::move(value)); return *this; } inline InitiateAuthResult& AddChallengeParameters(Aws::String&& key, Aws::String&& value) { m_challengeParameters.emplace(std::move(key), std::move(value)); return *this; } inline InitiateAuthResult& AddChallengeParameters(const char* key, Aws::String&& value) { m_challengeParameters.emplace(key, std::move(value)); return *this; } inline InitiateAuthResult& AddChallengeParameters(Aws::String&& key, const char* value) { m_challengeParameters.emplace(std::move(key), value); return *this; } inline InitiateAuthResult& AddChallengeParameters(const char* key, const char* value) { m_challengeParameters.emplace(key, value); return *this; } ///@} ///@{ /** *

The result of the authentication response. This result is only returned if * the caller doesn't need to pass another challenge. If the caller does need to * pass another challenge before it gets tokens, ChallengeName, * ChallengeParameters, and Session are returned.

*/ inline const AuthenticationResultType& GetAuthenticationResult() const{ return m_authenticationResult; } inline void SetAuthenticationResult(const AuthenticationResultType& value) { m_authenticationResult = value; } inline void SetAuthenticationResult(AuthenticationResultType&& value) { m_authenticationResult = std::move(value); } inline InitiateAuthResult& WithAuthenticationResult(const AuthenticationResultType& value) { SetAuthenticationResult(value); return *this;} inline InitiateAuthResult& WithAuthenticationResult(AuthenticationResultType&& value) { SetAuthenticationResult(std::move(value)); return *this;} ///@} ///@{ inline const Aws::String& GetRequestId() const{ return m_requestId; } inline void SetRequestId(const Aws::String& value) { m_requestId = value; } inline void SetRequestId(Aws::String&& value) { m_requestId = std::move(value); } inline void SetRequestId(const char* value) { m_requestId.assign(value); } inline InitiateAuthResult& WithRequestId(const Aws::String& value) { SetRequestId(value); return *this;} inline InitiateAuthResult& WithRequestId(Aws::String&& value) { SetRequestId(std::move(value)); return *this;} inline InitiateAuthResult& WithRequestId(const char* value) { SetRequestId(value); return *this;} ///@} private: ChallengeNameType m_challengeName; Aws::String m_session; Aws::Map m_challengeParameters; AuthenticationResultType m_authenticationResult; Aws::String m_requestId; }; } // namespace Model } // namespace CognitoIdentityProvider } // namespace Aws