From de1ab47b79a9bcc02acf87da916fbd76af7dc51f Mon Sep 17 00:00:00 2001 From: pmill Date: Sat, 27 Jan 2018 20:34:09 +0000 Subject: [PATCH] Added PasswordResetRequiredException handling --- README.md | 4 +++ examples/login.php | 4 +++ src/CognitoClient.php | 35 ++++++++++++------- .../PasswordResetRequiredException.php | 16 +++++++++ 4 files changed, 47 insertions(+), 12 deletions(-) create mode 100644 src/Exception/PasswordResetRequiredException.php diff --git a/README.md b/README.md index bf8c96e..4b12265 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,10 @@ before running them. Version History --------------- +0.2.2 (27/01/2018) + +* Added handling for password reset required responses + 0.2.1 (25/01/2018) * Added method to return full token payload diff --git a/examples/login.php b/examples/login.php index 3ff3119..55ade70 100644 --- a/examples/login.php +++ b/examples/login.php @@ -1,6 +1,7 @@ getChallengeName() === CognitoClient::CHALLENGE_NEW_PASSWORD_REQUIRED) { $authenticationResponse = $client->respondToNewPasswordRequiredChallenge($username, 'password_new', $e->getSession()); } +} catch (PasswordResetRequiredException $e) { + die("PASSWORD RESET REQUIRED"); } + var_dump($authenticationResponse); \ No newline at end of file diff --git a/src/CognitoClient.php b/src/CognitoClient.php index ee3096a..f99348e 100644 --- a/src/CognitoClient.php +++ b/src/CognitoClient.php @@ -2,6 +2,7 @@ namespace pmill\AwsCognito; use Aws\CognitoIdentityProvider\CognitoIdentityProviderClient; +use Aws\CognitoIdentityProvider\Exception\CognitoIdentityProviderException; use Exception; use Jose\Component\Core\AlgorithmManager; use Jose\Component\Core\Converter\StandardConverter; @@ -67,18 +68,28 @@ public function __construct(CognitoIdentityProviderClient $client) */ public function authenticate($username, $password) { - $response = $this->client->adminInitiateAuth([ - 'AuthFlow' => 'ADMIN_NO_SRP_AUTH', - 'AuthParameters' => [ - 'USERNAME' => $username, - 'PASSWORD' => $password, - 'SECRET_HASH' => $this->cognitoSecretHash($username), - ], - 'ClientId' => $this->appClientId, - 'UserPoolId' => $this->userPoolId, - ]); - - return $this->handleAuthenticateResponse($response->toArray()); + try { + $response = $this->client->adminInitiateAuth([ + 'AuthFlow' => 'ADMIN_NO_SRP_AUTH', + 'AuthParameters' => [ + 'USERNAME' => $username, + 'PASSWORD' => $password, + 'SECRET_HASH' => $this->cognitoSecretHash($username), + ], + 'ClientId' => $this->appClientId, + 'UserPoolId' => $this->userPoolId, + ]); + + return $this->handleAuthenticateResponse($response->toArray()); + } catch (CognitoIdentityProviderException $e) { + $errorClass = "pmill\\AwsCognito\\Exception\\" . $e->getAwsErrorCode(); + + if (class_exists($errorClass)) { + throw new $errorClass($e); + } else { + throw $e; + } + } } /** diff --git a/src/Exception/PasswordResetRequiredException.php b/src/Exception/PasswordResetRequiredException.php new file mode 100644 index 0000000..2a1d7e1 --- /dev/null +++ b/src/Exception/PasswordResetRequiredException.php @@ -0,0 +1,16 @@ +