com.amazonaws.services.cognitoidp.model.InitiateAuthResult Maven / Gradle / Ivy
Show all versions of aws-java-sdk-cognitoidp Show documentation
/*
* Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.cognitoidp.model;
import java.io.Serializable;
import javax.annotation.Generated;
/**
*
* Initiates the authentication response.
*
*
* @see AWS API
* Documentation
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class InitiateAuthResult extends com.amazonaws.AmazonWebServiceResult implements Serializable, Cloneable {
/**
*
* The name of the challenge that you're responding to with this call. This name is returned in the
* InitiateAuth response if you must pass another challenge.
*
*
* Valid values include the following:
*
*
*
* All of the following challenges require USERNAME and SECRET_HASH (if applicable) in the
* parameters.
*
*
*
* -
*
* SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
*
*
* -
*
* PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
* PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP calculations.
*
*
* -
*
* CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user
* should pass another challenge before tokens are issued.
*
*
* -
*
* DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous challenges were
* passed, this challenge is returned so that Amazon Cognito can start tracking this device.
*
*
* -
*
* DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
*
*
* -
*
* NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first
* login.
*
*
* Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito returned
* in the requiredAttributes parameter. You can also set values for attributes that aren't required by
* your user pool and that your app client can write. For more information, see RespondToAuthChallenge.
*
*
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already
* has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the
* requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify
* the value of any additional attributes.
*
*
* -
*
* MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA types
* activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP value.
*
*
* To set up software token MFA, use the session returned here from InitiateAuth as an input to
* AssociateSoftwareToken. Use the session returned by VerifySoftwareToken as an input to
* RespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in. To set up SMS
* MFA, an administrator should help the user to add a phone number to their account, and then the user should call
* InitiateAuth again to restart sign-in.
*
*
*
*/
private String challengeName;
/**
*
* The session that should pass both ways in challenge-response calls to the service. If the caller must pass
* another challenge, they return a session with other challenge parameters. This session should be passed as it is
* to the next RespondToAuthChallenge API call.
*
*/
private String session;
/**
*
* The challenge parameters. These are returned in the InitiateAuth response if you must pass another
* challenge. The responses in this parameter should be used to compute inputs to the next call (
* RespondToAuthChallenge).
*
*
* All challenges require USERNAME and SECRET_HASH (if applicable).
*
*/
private java.util.Map challengeParameters;
/**
*
* The result of the authentication response. This result is only returned if the caller doesn't need to pass
* another challenge. If the caller does need to pass another challenge before it gets tokens,
* ChallengeName, ChallengeParameters, and Session are returned.
*
*/
private AuthenticationResultType authenticationResult;
/**
*
* The name of the challenge that you're responding to with this call. This name is returned in the
* InitiateAuth response if you must pass another challenge.
*
*
* Valid values include the following:
*
*
*
* All of the following challenges require USERNAME and SECRET_HASH (if applicable) in the
* parameters.
*
*
*
* -
*
* SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
*
*
* -
*
* PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
* PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP calculations.
*
*
* -
*
* CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user
* should pass another challenge before tokens are issued.
*
*
* -
*
* DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous challenges were
* passed, this challenge is returned so that Amazon Cognito can start tracking this device.
*
*
* -
*
* DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
*
*
* -
*
* NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first
* login.
*
*
* Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito returned
* in the requiredAttributes parameter. You can also set values for attributes that aren't required by
* your user pool and that your app client can write. For more information, see RespondToAuthChallenge.
*
*
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already
* has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the
* requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify
* the value of any additional attributes.
*
*
* -
*
* MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA types
* activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP value.
*
*
* To set up software token MFA, use the session returned here from InitiateAuth as an input to
* AssociateSoftwareToken. Use the session returned by VerifySoftwareToken as an input to
* RespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in. To set up SMS
* MFA, an administrator should help the user to add a phone number to their account, and then the user should call
* InitiateAuth again to restart sign-in.
*
*
*
*
* @param challengeName
* The name of the challenge that you're responding to with this call. This name is returned in the
* InitiateAuth response if you must pass another challenge.
*
* Valid values include the following:
*
*
*
* All of the following challenges require USERNAME and SECRET_HASH (if applicable)
* in the parameters.
*
*
*
* -
*
* SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
*
*
* -
*
* PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
* PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP
* calculations.
*
*
* -
*
* CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the
* user should pass another challenge before tokens are issued.
*
*
* -
*
* DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous
* challenges were passed, this challenge is returned so that Amazon Cognito can start tracking this device.
*
*
* -
*
* DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
*
*
* -
*
* NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful
* first login.
*
*
* Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito
* returned in the requiredAttributes parameter. You can also set values for attributes that
* aren't required by your user pool and that your app client can write. For more information, see RespondToAuthChallenge.
*
*
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that
* already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito
* returned in the requiredAttributes parameter, then use the UpdateUserAttributes
* API operation to modify the value of any additional attributes.
*
*
* -
*
* MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA
* types activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP
* value.
*
*
* To set up software token MFA, use the session returned here from InitiateAuth as an input to
* AssociateSoftwareToken. Use the session returned by VerifySoftwareToken as an
* input to RespondToAuthChallenge with challenge name MFA_SETUP to complete
* sign-in. To set up SMS MFA, an administrator should help the user to add a phone number to their account,
* and then the user should call InitiateAuth again to restart sign-in.
*
*
* @see ChallengeNameType
*/
public void setChallengeName(String challengeName) {
this.challengeName = challengeName;
}
/**
*
* The name of the challenge that you're responding to with this call. This name is returned in the
* InitiateAuth response if you must pass another challenge.
*
*
* Valid values include the following:
*
*
*
* All of the following challenges require USERNAME and SECRET_HASH (if applicable) in the
* parameters.
*
*
*
* -
*
* SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
*
*
* -
*
* PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
* PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP calculations.
*
*
* -
*
* CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user
* should pass another challenge before tokens are issued.
*
*
* -
*
* DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous challenges were
* passed, this challenge is returned so that Amazon Cognito can start tracking this device.
*
*
* -
*
* DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
*
*
* -
*
* NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first
* login.
*
*
* Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito returned
* in the requiredAttributes parameter. You can also set values for attributes that aren't required by
* your user pool and that your app client can write. For more information, see RespondToAuthChallenge.
*
*
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already
* has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the
* requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify
* the value of any additional attributes.
*
*
* -
*
* MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA types
* activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP value.
*
*
* To set up software token MFA, use the session returned here from InitiateAuth as an input to
* AssociateSoftwareToken. Use the session returned by VerifySoftwareToken as an input to
* RespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in. To set up SMS
* MFA, an administrator should help the user to add a phone number to their account, and then the user should call
* InitiateAuth again to restart sign-in.
*
*
*
*
* @return The name of the challenge that you're responding to with this call. This name is returned in the
* InitiateAuth response if you must pass another challenge.
*
* Valid values include the following:
*
*
*
* All of the following challenges require USERNAME and SECRET_HASH (if
* applicable) in the parameters.
*
*
*
* -
*
* SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
*
*
* -
*
* PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
* PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP
* calculations.
*
*
* -
*
* CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the
* user should pass another challenge before tokens are issued.
*
*
* -
*
* DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous
* challenges were passed, this challenge is returned so that Amazon Cognito can start tracking this device.
*
*
* -
*
* DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
*
*
* -
*
* NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful
* first login.
*
*
* Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito
* returned in the requiredAttributes parameter. You can also set values for attributes that
* aren't required by your user pool and that your app client can write. For more information, see RespondToAuthChallenge.
*
*
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that
* already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito
* returned in the requiredAttributes parameter, then use the UpdateUserAttributes
* API operation to modify the value of any additional attributes.
*
*
* -
*
* MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The
* MFA types activated for the user pool will be listed in the challenge parameters
* MFAS_CAN_SETUP value.
*
*
* To set up software token MFA, use the session returned here from InitiateAuth as an input to
* AssociateSoftwareToken. Use the session returned by VerifySoftwareToken as an
* input to RespondToAuthChallenge with challenge name MFA_SETUP to complete
* sign-in. To set up SMS MFA, an administrator should help the user to add a phone number to their account,
* and then the user should call InitiateAuth again to restart sign-in.
*
*
* @see ChallengeNameType
*/
public String getChallengeName() {
return this.challengeName;
}
/**
*
* The name of the challenge that you're responding to with this call. This name is returned in the
* InitiateAuth response if you must pass another challenge.
*
*
* Valid values include the following:
*
*
*
* All of the following challenges require USERNAME and SECRET_HASH (if applicable) in the
* parameters.
*
*
*
* -
*
* SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
*
*
* -
*
* PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
* PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP calculations.
*
*
* -
*
* CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user
* should pass another challenge before tokens are issued.
*
*
* -
*
* DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous challenges were
* passed, this challenge is returned so that Amazon Cognito can start tracking this device.
*
*
* -
*
* DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
*
*
* -
*
* NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first
* login.
*
*
* Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito returned
* in the requiredAttributes parameter. You can also set values for attributes that aren't required by
* your user pool and that your app client can write. For more information, see RespondToAuthChallenge.
*
*
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already
* has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the
* requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify
* the value of any additional attributes.
*
*
* -
*
* MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA types
* activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP value.
*
*
* To set up software token MFA, use the session returned here from InitiateAuth as an input to
* AssociateSoftwareToken. Use the session returned by VerifySoftwareToken as an input to
* RespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in. To set up SMS
* MFA, an administrator should help the user to add a phone number to their account, and then the user should call
* InitiateAuth again to restart sign-in.
*
*
*
*
* @param challengeName
* The name of the challenge that you're responding to with this call. This name is returned in the
* InitiateAuth response if you must pass another challenge.
*
* Valid values include the following:
*
*
*
* All of the following challenges require USERNAME and SECRET_HASH (if applicable)
* in the parameters.
*
*
*
* -
*
* SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
*
*
* -
*
* PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
* PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP
* calculations.
*
*
* -
*
* CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the
* user should pass another challenge before tokens are issued.
*
*
* -
*
* DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous
* challenges were passed, this challenge is returned so that Amazon Cognito can start tracking this device.
*
*
* -
*
* DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
*
*
* -
*
* NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful
* first login.
*
*
* Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito
* returned in the requiredAttributes parameter. You can also set values for attributes that
* aren't required by your user pool and that your app client can write. For more information, see RespondToAuthChallenge.
*
*
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that
* already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito
* returned in the requiredAttributes parameter, then use the UpdateUserAttributes
* API operation to modify the value of any additional attributes.
*
*
* -
*
* MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA
* types activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP
* value.
*
*
* To set up software token MFA, use the session returned here from InitiateAuth as an input to
* AssociateSoftwareToken. Use the session returned by VerifySoftwareToken as an
* input to RespondToAuthChallenge with challenge name MFA_SETUP to complete
* sign-in. To set up SMS MFA, an administrator should help the user to add a phone number to their account,
* and then the user should call InitiateAuth again to restart sign-in.
*
*
* @return Returns a reference to this object so that method calls can be chained together.
* @see ChallengeNameType
*/
public InitiateAuthResult withChallengeName(String challengeName) {
setChallengeName(challengeName);
return this;
}
/**
*
* The name of the challenge that you're responding to with this call. This name is returned in the
* InitiateAuth response if you must pass another challenge.
*
*
* Valid values include the following:
*
*
*
* All of the following challenges require USERNAME and SECRET_HASH (if applicable) in the
* parameters.
*
*
*
* -
*
* SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
*
*
* -
*
* PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
* PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP calculations.
*
*
* -
*
* CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user
* should pass another challenge before tokens are issued.
*
*
* -
*
* DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous challenges were
* passed, this challenge is returned so that Amazon Cognito can start tracking this device.
*
*
* -
*
* DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
*
*
* -
*
* NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first
* login.
*
*
* Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito returned
* in the requiredAttributes parameter. You can also set values for attributes that aren't required by
* your user pool and that your app client can write. For more information, see RespondToAuthChallenge.
*
*
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already
* has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the
* requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify
* the value of any additional attributes.
*
*
* -
*
* MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA types
* activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP value.
*
*
* To set up software token MFA, use the session returned here from InitiateAuth as an input to
* AssociateSoftwareToken. Use the session returned by VerifySoftwareToken as an input to
* RespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in. To set up SMS
* MFA, an administrator should help the user to add a phone number to their account, and then the user should call
* InitiateAuth again to restart sign-in.
*
*
*
*
* @param challengeName
* The name of the challenge that you're responding to with this call. This name is returned in the
* InitiateAuth response if you must pass another challenge.
*
* Valid values include the following:
*
*
*
* All of the following challenges require USERNAME and SECRET_HASH (if applicable)
* in the parameters.
*
*
*
* -
*
* SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
*
*
* -
*
* PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
* PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP
* calculations.
*
*
* -
*
* CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the
* user should pass another challenge before tokens are issued.
*
*
* -
*
* DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous
* challenges were passed, this challenge is returned so that Amazon Cognito can start tracking this device.
*
*
* -
*
* DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
*
*
* -
*
* NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful
* first login.
*
*
* Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito
* returned in the requiredAttributes parameter. You can also set values for attributes that
* aren't required by your user pool and that your app client can write. For more information, see RespondToAuthChallenge.
*
*
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that
* already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito
* returned in the requiredAttributes parameter, then use the UpdateUserAttributes
* API operation to modify the value of any additional attributes.
*
*
* -
*
* MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA
* types activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP
* value.
*
*
* To set up software token MFA, use the session returned here from InitiateAuth as an input to
* AssociateSoftwareToken. Use the session returned by VerifySoftwareToken as an
* input to RespondToAuthChallenge with challenge name MFA_SETUP to complete
* sign-in. To set up SMS MFA, an administrator should help the user to add a phone number to their account,
* and then the user should call InitiateAuth again to restart sign-in.
*
*
* @see ChallengeNameType
*/
public void setChallengeName(ChallengeNameType challengeName) {
withChallengeName(challengeName);
}
/**
*
* The name of the challenge that you're responding to with this call. This name is returned in the
* InitiateAuth response if you must pass another challenge.
*
*
* Valid values include the following:
*
*
*
* All of the following challenges require USERNAME and SECRET_HASH (if applicable) in the
* parameters.
*
*
*
* -
*
* SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
*
*
* -
*
* PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
* PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP calculations.
*
*
* -
*
* CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user
* should pass another challenge before tokens are issued.
*
*
* -
*
* DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous challenges were
* passed, this challenge is returned so that Amazon Cognito can start tracking this device.
*
*
* -
*
* DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
*
*
* -
*
* NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first
* login.
*
*
* Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito returned
* in the requiredAttributes parameter. You can also set values for attributes that aren't required by
* your user pool and that your app client can write. For more information, see RespondToAuthChallenge.
*
*
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that already
* has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito returned in the
* requiredAttributes parameter, then use the UpdateUserAttributes API operation to modify
* the value of any additional attributes.
*
*
* -
*
* MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA types
* activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP value.
*
*
* To set up software token MFA, use the session returned here from InitiateAuth as an input to
* AssociateSoftwareToken. Use the session returned by VerifySoftwareToken as an input to
* RespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in. To set up SMS
* MFA, an administrator should help the user to add a phone number to their account, and then the user should call
* InitiateAuth again to restart sign-in.
*
*
*
*
* @param challengeName
* The name of the challenge that you're responding to with this call. This name is returned in the
* InitiateAuth response if you must pass another challenge.
*
* Valid values include the following:
*
*
*
* All of the following challenges require USERNAME and SECRET_HASH (if applicable)
* in the parameters.
*
*
*
* -
*
* SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
*
*
* -
*
* PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE,
* PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the client-side SRP
* calculations.
*
*
* -
*
* CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the
* user should pass another challenge before tokens are issued.
*
*
* -
*
* DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous
* challenges were passed, this challenge is returned so that Amazon Cognito can start tracking this device.
*
*
* -
*
* DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
*
*
* -
*
* NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful
* first login.
*
*
* Respond to this challenge with NEW_PASSWORD and any required attributes that Amazon Cognito
* returned in the requiredAttributes parameter. You can also set values for attributes that
* aren't required by your user pool and that your app client can write. For more information, see RespondToAuthChallenge.
*
*
*
* In a NEW_PASSWORD_REQUIRED challenge response, you can't modify a required attribute that
* already has a value. In RespondToAuthChallenge, set a value for any keys that Amazon Cognito
* returned in the requiredAttributes parameter, then use the UpdateUserAttributes
* API operation to modify the value of any additional attributes.
*
*
* -
*
* MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA
* types activated for the user pool will be listed in the challenge parameters MFAS_CAN_SETUP
* value.
*
*
* To set up software token MFA, use the session returned here from InitiateAuth as an input to
* AssociateSoftwareToken. Use the session returned by VerifySoftwareToken as an
* input to RespondToAuthChallenge with challenge name MFA_SETUP to complete
* sign-in. To set up SMS MFA, an administrator should help the user to add a phone number to their account,
* and then the user should call InitiateAuth again to restart sign-in.
*
*
* @return Returns a reference to this object so that method calls can be chained together.
* @see ChallengeNameType
*/
public InitiateAuthResult withChallengeName(ChallengeNameType challengeName) {
this.challengeName = challengeName.toString();
return this;
}
/**
*
* The session that should pass both ways in challenge-response calls to the service. If the caller must pass
* another challenge, they return a session with other challenge parameters. This session should be passed as it is
* to the next RespondToAuthChallenge API call.
*
*
* @param session
* The session that should pass both ways in challenge-response calls to the service. If the caller must pass
* another challenge, they return a session with other challenge parameters. This session should be passed as
* it is to the next RespondToAuthChallenge API call.
*/
public void setSession(String session) {
this.session = session;
}
/**
*
* The session that should pass both ways in challenge-response calls to the service. If the caller must pass
* another challenge, they return a session with other challenge parameters. This session should be passed as it is
* to the next RespondToAuthChallenge API call.
*
*
* @return The session that should pass both ways in challenge-response calls to the service. If the caller must
* pass another challenge, they return a session with other challenge parameters. This session should be
* passed as it is to the next RespondToAuthChallenge API call.
*/
public String getSession() {
return this.session;
}
/**
*
* The session that should pass both ways in challenge-response calls to the service. If the caller must pass
* another challenge, they return a session with other challenge parameters. This session should be passed as it is
* to the next RespondToAuthChallenge API call.
*
*
* @param session
* The session that should pass both ways in challenge-response calls to the service. If the caller must pass
* another challenge, they return a session with other challenge parameters. This session should be passed as
* it is to the next RespondToAuthChallenge API call.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public InitiateAuthResult withSession(String session) {
setSession(session);
return this;
}
/**
*
* The challenge parameters. These are returned in the InitiateAuth response if you must pass another
* challenge. The responses in this parameter should be used to compute inputs to the next call (
* RespondToAuthChallenge).
*
*
* All challenges require USERNAME and SECRET_HASH (if applicable).
*
*
* @return The challenge parameters. These are returned in the InitiateAuth response if you must pass
* another challenge. The responses in this parameter should be used to compute inputs to the next call (
* RespondToAuthChallenge).
*
* All challenges require USERNAME and SECRET_HASH (if applicable).
*/
public java.util.Map getChallengeParameters() {
return challengeParameters;
}
/**
*
* The challenge parameters. These are returned in the InitiateAuth response if you must pass another
* challenge. The responses in this parameter should be used to compute inputs to the next call (
* RespondToAuthChallenge).
*
*
* All challenges require USERNAME and SECRET_HASH (if applicable).
*
*
* @param challengeParameters
* The challenge parameters. These are returned in the InitiateAuth response if you must pass
* another challenge. The responses in this parameter should be used to compute inputs to the next call (
* RespondToAuthChallenge).
*
* All challenges require USERNAME and SECRET_HASH (if applicable).
*/
public void setChallengeParameters(java.util.Map challengeParameters) {
this.challengeParameters = challengeParameters;
}
/**
*
* The challenge parameters. These are returned in the InitiateAuth response if you must pass another
* challenge. The responses in this parameter should be used to compute inputs to the next call (
* RespondToAuthChallenge).
*
*
* All challenges require USERNAME and SECRET_HASH (if applicable).
*
*
* @param challengeParameters
* The challenge parameters. These are returned in the InitiateAuth response if you must pass
* another challenge. The responses in this parameter should be used to compute inputs to the next call (
* RespondToAuthChallenge).
*
* All challenges require USERNAME and SECRET_HASH (if applicable).
* @return Returns a reference to this object so that method calls can be chained together.
*/
public InitiateAuthResult withChallengeParameters(java.util.Map challengeParameters) {
setChallengeParameters(challengeParameters);
return this;
}
/**
* Add a single ChallengeParameters entry
*
* @see InitiateAuthResult#withChallengeParameters
* @returns a reference to this object so that method calls can be chained together.
*/
public InitiateAuthResult addChallengeParametersEntry(String key, String value) {
if (null == this.challengeParameters) {
this.challengeParameters = new java.util.HashMap();
}
if (this.challengeParameters.containsKey(key))
throw new IllegalArgumentException("Duplicated keys (" + key.toString() + ") are provided.");
this.challengeParameters.put(key, value);
return this;
}
/**
* Removes all the entries added into ChallengeParameters.
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public InitiateAuthResult clearChallengeParametersEntries() {
this.challengeParameters = null;
return this;
}
/**
*
* The result of the authentication response. This result is only returned if the caller doesn't need to pass
* another challenge. If the caller does need to pass another challenge before it gets tokens,
* ChallengeName, ChallengeParameters, and Session are returned.
*
*
* @param authenticationResult
* The result of the authentication response. This result is only returned if the caller doesn't need to pass
* another challenge. If the caller does need to pass another challenge before it gets tokens,
* ChallengeName, ChallengeParameters, and Session are returned.
*/
public void setAuthenticationResult(AuthenticationResultType authenticationResult) {
this.authenticationResult = authenticationResult;
}
/**
*
* The result of the authentication response. This result is only returned if the caller doesn't need to pass
* another challenge. If the caller does need to pass another challenge before it gets tokens,
* ChallengeName, ChallengeParameters, and Session are returned.
*
*
* @return The result of the authentication response. This result is only returned if the caller doesn't need to
* pass another challenge. If the caller does need to pass another challenge before it gets tokens,
* ChallengeName, ChallengeParameters, and Session are returned.
*/
public AuthenticationResultType getAuthenticationResult() {
return this.authenticationResult;
}
/**
*
* The result of the authentication response. This result is only returned if the caller doesn't need to pass
* another challenge. If the caller does need to pass another challenge before it gets tokens,
* ChallengeName, ChallengeParameters, and Session are returned.
*
*
* @param authenticationResult
* The result of the authentication response. This result is only returned if the caller doesn't need to pass
* another challenge. If the caller does need to pass another challenge before it gets tokens,
* ChallengeName, ChallengeParameters, and Session are returned.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public InitiateAuthResult withAuthenticationResult(AuthenticationResultType authenticationResult) {
setAuthenticationResult(authenticationResult);
return this;
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getChallengeName() != null)
sb.append("ChallengeName: ").append(getChallengeName()).append(",");
if (getSession() != null)
sb.append("Session: ").append("***Sensitive Data Redacted***").append(",");
if (getChallengeParameters() != null)
sb.append("ChallengeParameters: ").append(getChallengeParameters()).append(",");
if (getAuthenticationResult() != null)
sb.append("AuthenticationResult: ").append(getAuthenticationResult());
sb.append("}");
return sb.toString();
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof InitiateAuthResult == false)
return false;
InitiateAuthResult other = (InitiateAuthResult) obj;
if (other.getChallengeName() == null ^ this.getChallengeName() == null)
return false;
if (other.getChallengeName() != null && other.getChallengeName().equals(this.getChallengeName()) == false)
return false;
if (other.getSession() == null ^ this.getSession() == null)
return false;
if (other.getSession() != null && other.getSession().equals(this.getSession()) == false)
return false;
if (other.getChallengeParameters() == null ^ this.getChallengeParameters() == null)
return false;
if (other.getChallengeParameters() != null && other.getChallengeParameters().equals(this.getChallengeParameters()) == false)
return false;
if (other.getAuthenticationResult() == null ^ this.getAuthenticationResult() == null)
return false;
if (other.getAuthenticationResult() != null && other.getAuthenticationResult().equals(this.getAuthenticationResult()) == false)
return false;
return true;
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getChallengeName() == null) ? 0 : getChallengeName().hashCode());
hashCode = prime * hashCode + ((getSession() == null) ? 0 : getSession().hashCode());
hashCode = prime * hashCode + ((getChallengeParameters() == null) ? 0 : getChallengeParameters().hashCode());
hashCode = prime * hashCode + ((getAuthenticationResult() == null) ? 0 : getAuthenticationResult().hashCode());
return hashCode;
}
@Override
public InitiateAuthResult clone() {
try {
return (InitiateAuthResult) super.clone();
} catch (CloneNotSupportedException e) {
throw new IllegalStateException("Got a CloneNotSupportedException from Object.clone() " + "even though we're Cloneable!", e);
}
}
}