LazyStack

LazyStackAuth Library

LazyStackAuth is an independent library that you can use from a C# app to authenticate with an AWS Stack. There is no special or proprietary sauce here but the library does make some assumptions about the configuration of your AWS Cognito resources. If you are using LazyStack to generate these serverless.template files then that is all handled for you. You can certainly use LazyStackAuth with your own stack, review the serverless.template files generated by LazyStack to see how Cognito resources are configured for this library. The LazyStack tutorial is a comprehensive example of using LazyStackAuth and a LazyStack generated ClientSDK in a .NET app.

  • AuthProvider classes

    One or more IAuthProvider implementations implementing calls to the Cognito and/or other auth providers. The AuthProviderCognito class implements comprehensive sign-up, sign-in and user management features against the AWS Cognito UserPool authentication provider.

  • AuthProcess class

    The AuthProcess class implements an INotifyPropertyChanged wrapper around the IAuthProvider interface to provide bindable properties and events suitable for use in an event driven UI.

  • LzHttpClient class

    The LzHttpClient class is a thin wrapper around the standard HttpClient class that knows how to select an appropriate ApiGateway call and then sign the HttpRequests to that AWS ApiGateway appropriately.

State Driven Authentication with AuthProcess

AuthProcess provides a state driven authentication machine implementing a iterative authentication challenge process. The properties and methods of the AuthProcess class are largely self-explanatory so we introduce the AuthProcess class by presenting the simplest happy-path use-cases;

Sign In Happy Path
  1. AuthProcess.IsSignedIn == false // User is not signed in
  2. AuthProcess.StartSignInAsync();
  3. AuthProcess.Login = "login";
  4. AuthProcess.VerifyLoginAsync();
  5. AuthProcess.Password = "password";
  6. VerifyPassword();
  7. AuthProcess.IsSignedIn == true
Sign Up Happy Path
  1. AuthProcess.IsSignedIn == false // User is not signed in
  2. AuthProcess.StartSignUpAsync();
  3. AuthProcess.Login = "login";
  4. AuthProcess.VerifyLoginAsync();
  5. AuthProcess.Password = "password";
  6. VerifyPasswordAsync();
  7. AuthProcess.Email = "myemail@gmail.com";
  8. AuthProcess.VerifyEmail();
  9. // Cognito sends auth code to user's email;
  10. AuthProcess.Code = "code";
  11. AuthProcess.VerifyCodeAsync();
  12. // The user can now Sign In with specified login and password.
Reset Password Happy Path
  1. AuthProcess.IsSignedIn == false // must be signed out to do password reset
  2. AuthProcess.StartResetPasswordAsync();
  3. AuthProcess.Login = "login"
  4. AuthProcess.VerifyLoginAsync();
  5. AuthProcess.NewPassword = "newpassword"
  6. AuthProcess.VerifyNewPasswordAsync();
  7. // AWS Sends validation code to user's email.
  8. AuthProcess.Code = "code";
  9. AuthProcess.VerifyCodeAsync();
  10. // The user can now Sign In with the new password.
Update Password Happy Path
  1. AuthProcess.IsSignedIn == true // must be signed in to update password
  2. AuthProcess.StartUpdatePasswordAsync();
  3. AuthProcess.Password = "currentpassword";
  4. VerifyPasswordAsync();
  5. AuthProcess.NewPassword = "newpassword";
  6. VerifyNewPasswordAsync();
  7. // Password has been changed and should be used on next Sign In.
Update Email Happy Path
  1. AuthProcess.IsSignedIn == true // must be signed in to update email
  2. StartEmailUpdateAsync();
  3. AuthProcess.Email = "newemail@gmail.com"
  4. VerifyEmailAsync();
  5. // AWS sends validation code to user's new email.
  6. AuthProcess.Code = "code";
  7. AuthProcess.VerifyCodeAsync();
  8. // Email has been updated.

Comprehensive State Management and Events

The AuthProcess class implements numerous properties and events that make it very simple to build UI page(s) to support user authentication tasks. The LazyStack tutorial provides a Xamarin single page implementation that illustrates best practice use of AuthProcess in a MVVM architecture.