/**
 * Verify the verification code sent on the user phone.
 *
 * @param username User for which we are submitting the verification code.
 * @param code     Verification code delivered to the user.
 * @return if the verification is successful.
 */
boolean VerifyAccessCode(String username, String code) {
    AnonymousAWSCredentials awsCreds = new AnonymousAWSCredentials();
    AWSCognitoIdentityProvider cognitoIdentityProvider = AWSCognitoIdentityProviderClientBuilder
            .standard()
            .withCredentials(new AWSStaticCredentialsProvider(awsCreds))
            .withRegion(Regions.fromName(REGION))
            .build();

    ConfirmSignUpRequest confirmSignUpRequest = new ConfirmSignUpRequest();
    confirmSignUpRequest.setUsername(username);
    confirmSignUpRequest.setConfirmationCode(code);
    confirmSignUpRequest.setClientId(CLIENTAPP_ID);

    try {
        ConfirmSignUpResult confirmSignUpResult = cognitoIdentityProvider.confirmSignUp(confirmSignUpRequest);
    } catch (Exception ex) {
        System.out.println(ex);
        return false;
    }
    return true;
}
 

/**
 * Method to orchestrate the SRP Authentication
 *
 * @param username Username for the SRP request
 * @param password Password for the SRP request
 * @return the JWT token if the request is successful else null.
 */
String PerformSRPAuthentication(String username, String password) {
    String authresult = null;

    InitiateAuthRequest initiateAuthRequest = initiateUserSrpAuthRequest(username);
    try {
        AnonymousAWSCredentials awsCreds = new AnonymousAWSCredentials();
        AWSCognitoIdentityProvider cognitoIdentityProvider = AWSCognitoIdentityProviderClientBuilder
                .standard()
                .withCredentials(new AWSStaticCredentialsProvider(awsCreds))
                .withRegion(Regions.fromName(this.region))
                .build();
        InitiateAuthResult initiateAuthResult = cognitoIdentityProvider.initiateAuth(initiateAuthRequest);
        if (ChallengeNameType.PASSWORD_VERIFIER.toString().equals(initiateAuthResult.getChallengeName())) {
            RespondToAuthChallengeRequest challengeRequest = userSrpAuthRequest(initiateAuthResult, password);
            RespondToAuthChallengeResult result = cognitoIdentityProvider.respondToAuthChallenge(challengeRequest);
            //System.out.println(result);
            System.out.println(CognitoJWTParser.getPayload(result.getAuthenticationResult().getIdToken()));
            authresult = result.getAuthenticationResult().getIdToken();
        }
    } catch (final Exception ex) {
        System.out.println("Exception" + ex);

    }
    return authresult;
}
 

/**
 * Sign up the user to the user pool
 *
 * @param username    User name for the sign up
 * @param password    Password for the sign up
 * @param email       email used to sign up
 * @param phonenumber phone number to sign up.
 * @return whether the call was successful or not.
 */
boolean SignUpUser(String username, String password, String email, String phonenumber) {
    AnonymousAWSCredentials awsCreds = new AnonymousAWSCredentials();
    AWSCognitoIdentityProvider cognitoIdentityProvider = AWSCognitoIdentityProviderClientBuilder
            .standard()
            .withCredentials(new AWSStaticCredentialsProvider(awsCreds))
            .withRegion(Regions.fromName(REGION))
            .build();

    SignUpRequest signUpRequest = new SignUpRequest();
    signUpRequest.setClientId(CLIENTAPP_ID);
    signUpRequest.setUsername(username);
    signUpRequest.setPassword(password);
    List<AttributeType> list = new ArrayList<>();

    AttributeType attributeType = new AttributeType();
    attributeType.setName("phone_number");
    attributeType.setValue(phonenumber);
    list.add(attributeType);

    AttributeType attributeType1 = new AttributeType();
    attributeType1.setName("email");
    attributeType1.setValue(email);
    list.add(attributeType1);

    signUpRequest.setUserAttributes(list);

    try {
        SignUpResult result = cognitoIdentityProvider.signUp(signUpRequest);
    } catch (Exception e) {
        System.out.println(e);
        return false;
    }
    return true;
}
 

/**
 * <p>
 * Build an AWS cognito identity provider, based on the parameters defined in the CognitoResources interface.
 * </p>
 * 
 * @return
 */
protected AWSCognitoIdentityProvider getAmazonCognitoIdentityClient() {
    AWSCredentials credentials = getCredentials(cognitoID, cognitoKey);
    AWSCredentialsProvider credProvider = new AWSStaticCredentialsProvider( credentials );
    AWSCognitoIdentityProvider client = AWSCognitoIdentityProviderClientBuilder.standard()
                                                                                .withCredentials(credProvider)
                                                                                .withRegion(region)
                                                                                .build();
    return client;
 }
 

public static void main(String[] args) {

        AWSCognitoIdentityProvider cognitoIdentityProvider = AWSCognitoIdentityProviderClientBuilder.defaultClient();

        // Create User in UserPool using AdminCreateUser
        // @see <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminCreateUser.html">label</a>
        cognitoIdentityProvider.adminCreateUser(
                new AdminCreateUserRequest()
                        .withUserPoolId(USERPOOL_ID)
                        .withUsername(USERNAME)
                        .withTemporaryPassword(USER_TEMP_PASSWORD)
                        .withUserAttributes(
                                new AttributeType()
                                        .withName("phone_number")
                                        .withValue(PHONE_NUMBER),
                                new AttributeType()
                                        .withName("phone_number_verified")
                                        .withValue("true"),
                                new AttributeType()
                                        .withName("email")
                                        .withValue(USER_EMAIL)));

        SMSMfaSettingsType sMSMfaSettings = new SMSMfaSettingsType().withPreferredMfa(Boolean.TRUE).withEnabled(Boolean.TRUE);

        // Set MFA preferred type for the User using AdminSetUserMFAPreference
        // @see <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserMFAPreference.html">label</a>
        cognitoIdentityProvider.adminSetUserMFAPreference(
                new AdminSetUserMFAPreferenceRequest()
                        .withSMSMfaSettings(sMSMfaSettings)
                        .withUserPoolId(USERPOOL_ID)
                        .withUsername(USERNAME));

        // Add MFA Options type for the User using AdminSetUserSettings
        // @see <a href="https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserSettings.html">label</a>
        cognitoIdentityProvider.adminSetUserSettings(
                new AdminSetUserSettingsRequest()
                        .withUserPoolId(USERPOOL_ID)
                        .withUsername(USERNAME)
                        .withMFAOptions(Arrays.asList(
                                new MFAOptionType()
                                        .withDeliveryMedium("SMS")
                                        .withAttributeName("phone_number"))));


        // Validate the data created/updated in this class.
        AdminGetUserResult user = cognitoIdentityProvider.adminGetUser(
                new AdminGetUserRequest()
                        .withUserPoolId(USERPOOL_ID)
                        .withUsername(USERNAME));
        assert (user.getUsername().equals(USERNAME));
        assert (!user.getMFAOptions().isEmpty());
        assert (user.getMFAOptions().get(0).getDeliveryMedium().equals("SMS"));
        assert (user.getPreferredMfaSetting().equals("SMS_MFA"));
        assert (user.getEnabled());
    }