0

I have a problem with Awssdk lib from Amazon that I can't understand.

I made an easy Class to authorized and obtain resources from Amazon.

It uses the configuration from user sessionConfig: clientId, identitypoolId,userpoolId, username, password, secret.

And also the request config (signRequest) host, absolutpath, method, region.

var client = AmazonClient(sessionConfig, requestconfig);

With this I can easyly 

  client.GetClientTokens();

That makes a call to CognitoAuth userpools:

 var cred = new CognitoAWSCredentials(_sessionConfig.IdentityPoolId,` RegionEndpoint.EUCentral1);

        var provider = new AmazonCognitoIdentityProviderClient(cred, RegionEndpoint.EUCentral1);

        CognitoUserPool userPool = new CognitoUserPool(_sessionConfig.UserPoolId, _sessionConfig.ClientId, provider);

        CognitoUser user = new CognitoUser(_sessionConfig.UserPoolId, _sessionConfig.ClientId, userPool, provider, _sessionConfig.Secret, _sessionConfig.UserName);

        var authRequest = new InitiateSrpAuthRequest()
        {

            Password = _sessionConfig.Password

        };

        AuthFlowResponse authResponse = await user.StartWithSrpAuthAsync(authRequest).ConfigureAwait(false);

Then I just call 

client.GetApiResource(absolutpath);

And I can get with this auth info the resource from the api.

_requestConfig.AbsolutePath = absolutePath;
            //Signmethod from Amazon
            GetSignedRequest();

            var responses = _webRequest.GetResponse();
            var result = responses.GetResponseStream();
            var data = string.Empty;

            using (var sr = new StreamReader(result))
            {
                data = sr.ReadToEnd();
            }

            return data;

This code works like a charm on my dotnetcore console app, I become tokens access data and user or other api resources.

When I want to use it on a Xamarin.Android solution.

I become, when trying to get the credentials:

user.StartWithSrpAuthAsync(authRequest).ConfigureAwait(false);

Amazon.CognitoIdentity.Model.NotAuthorizedException: Access to Identity 'eu-central-1:xxxxxxxxxxxxxxxxxxxxx' is forbidden.

System.Net.HttpStatusCode.BadRequest

errorCode "NotAuthorizedException"

The only thing I could see it is different is the UserAgent from provider config:

console program:

aws-sdk-dotnet-coreclr/3.3.11.22 aws-sdk-dotnet-core/3.3.29.12 .NET_Core/4.6.26606.02 OS/Microsoft_Windows_10.0.14393

Xamarin.Android app:

aws-sdk-dotnet-pcl/3.3.4.3 aws-sdk-dotnet-core/3.3.29.13 Mono/5.10.1(tarball) OS/ANDROID_7.0 PCL/Xamarin.Android

Console works xamarin throw this exception. Any ideas?

ManuVR
  • 46
  • 3
  • Are you including Google in your Trust Policies? – SushiHangover Dec 13 '18 at 11:08
  • Hello SushiHangover, No, I am not including Google in my trust policies. Can be that this have something to do? I am not using google here, it is amazon cognito and apigateway – ManuVR Dec 13 '18 at 11:12

0 Answers0