class AwsSRP::Flow
AWS Cognito flow
Attributes
password[R]
pool_id[R]
srp[R]
username[R]
Public Class Methods
new(pool_id, username, password)
click to toggle source
# File lib/aws_srp/flow.rb, line 8 def initialize(pool_id, username, password) @pool_id = pool_id @username = username @password = password @srp = SRP.new end
Public Instance Methods
init_auth()
click to toggle source
# File lib/aws_srp/flow.rb, line 20 def init_auth { AuthParameters: { USERNAME: username, SRP_A: srp.aa.str } } end
now()
click to toggle source
# File lib/aws_srp/flow.rb, line 16 def now @now ||= Time.now.utc.strftime('%a %b %-e %H:%M:%S UTC %Y') end
verify_password(response)
click to toggle source
# File lib/aws_srp/flow.rb, line 29 def verify_password(response) response = PasswordVerifierResponse.new(response) srp.username = [pool_id, response.user_id].join srp.password = password srp.salt = response.salt srp.bb = response.bb hmac = Hasher.new(srp.hkdf) .update(pool_id) .update(response.user_id) .update(response.secret_block, base64: true) .update(now) { ChallengeName: response.challenge_name, ChallengeResponses: { USERNAME: response.user_id, PASSWORD_CLAIM_SECRET_BLOCK: response.secret_block, TIMESTAMP: now, PASSWORD_CLAIM_SIGNATURE: hmac.digest64 } } end