Need support Cognito USER_SRP_AUTH in Java SDK

[wyalchemy]

Describe the feature

There are JS SDK doing USER_SRP_AUTH, there are extension package (https://github.com/aws/aws-sdk-net-extensions-cognito) for .Net to support USER_SRP_AUTH.
But there is NO Java SDK support USER_SRP_AUTH. Please add support USER_SRP_AUTH in JAVA SDK. Or at least, please provide extension Java package to support USER_SRP_AUTH!

Is your Feature Request related to a problem?

Yes,
First, there is NO any document clearly describing:
How to calculate the value A (which N and g values should be used to calculate value A)?
How to provide/calculate the challenge response values?
Existing documents do NOT have clear enough information for developers to implement USER_SRP_AUTH: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RespondToAuthChallenge.html#API_RespondToAuthChallenge_ResponseSyntax

Having Java SDK support USER_SRP_AUTH is AWS's responsibility, which can ensure the SDK is consistent with the Service Server side implementation.

Proposed Solution

No response

Describe alternatives you've considered

No response

Acknowledge

• I may be able to implement this feature request

AWS Java SDK version used

2.17.75

JDK version used

1.8

Operating System and version

Windows, Linux

[debora-ito]

Hi @wyalchemy I'm not very clear on what is being asked regarding USER_SRP_AUTH, can you elaborate?

The CognitoIdentityProviderClient does provide a InitiateAuth operation with USER_SRP_AUTH as one of the options in AuthFlowType, but I'm assuming this is not what you're looking for, is it?

[wyalchemy]

Thanks for the reply!
No, what the CognitoIdentityProviderClient provides is NOT what we expect. It just has general function and document about the SRP AUTH flow, without enough information/document(which N and g value should be used to calculate the value A? Which information and how to calculate the value to response the challenge response) for developer to really implement it.
We expect the Java SDK provide function like doSRPAuth(String user, String password) to return the token after successful SRP auth. Like what the JS SDK and .Net extension package(https://github.com/aws/aws-sdk-net-extensions-cognito) provide.

I have clear information about why we need such AWS official Java SDK or extension package? Here are the reasons:

1. There is NO document clearly bringing out which N and g value is used to calculate the value A, nor document about how to calculate the value to response to the challenge response.
2. There is JS SDK, and .Net extension package doing what we need, but just NO such Java package.

[debora-ito]

@wyalchemy sorry for the long pause in response here.

1. There are some information about the formula parts in this Knowledge Center post, which refers to the Amplify JS AuthenticationHelper.js for some of the values.
   https://aws.amazon.com/premiumsupport/knowledge-center/cognito-user-pool-remembered-devices/

2. Currently, there's no plans for a high-level library for Cognito Authentication in the AWS SDK for Java roadmap.

Browsing through the Amplify documentation I see that USER_SRP_AUTH flow is supported in the Amplify Android lib, have you tried it out? Apologies in advance as I'm not super familiar with Cognito or the Amplify tools, so the amplify-android lib may not be exactly what you're looking for either.

[github-actions]

It looks like this issue has not been active for more than five days. In the absence of more information, we will be closing this issue soon. If you find that this is still a problem, please add a comment to prevent automatic closure, or if the issue is already closed please feel free to reopen it.