fuzzzerd · fuzzzerd · Aug 2, 2022 · May 7, 2022 · Jun 6, 2022 · Jun 6, 2022
diff --git a/FMData.sln b/FMData.sln
@@ -25,6 +25,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "FMData.Xml", "src\FMData.Xm
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "FMData.Xml.Tests", "tests\FMData.Xml.Tests\FMData.Xml.Tests.csproj", "{36143397-0EED-4CA4-9D25-C60A8C93B1FA}"
 EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "FMData.Rest.Auth.FileMakerCloud", "src\FMData.Rest.Auth.Cloud\FMData.Rest.Auth.FileMakerCloud.csproj", "{36772074-2B2B-4FB5-8A48-7F4EA1FB1233}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -95,6 +97,18 @@ Global
 		{36143397-0EED-4CA4-9D25-C60A8C93B1FA}.Release|x64.Build.0 = Release|Any CPU
 		{36143397-0EED-4CA4-9D25-C60A8C93B1FA}.Release|x86.ActiveCfg = Release|Any CPU
 		{36143397-0EED-4CA4-9D25-C60A8C93B1FA}.Release|x86.Build.0 = Release|Any CPU
+		{36772074-2B2B-4FB5-8A48-7F4EA1FB1233}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{36772074-2B2B-4FB5-8A48-7F4EA1FB1233}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{36772074-2B2B-4FB5-8A48-7F4EA1FB1233}.Debug|x64.ActiveCfg = Debug|Any CPU
+		{36772074-2B2B-4FB5-8A48-7F4EA1FB1233}.Debug|x64.Build.0 = Debug|Any CPU
+		{36772074-2B2B-4FB5-8A48-7F4EA1FB1233}.Debug|x86.ActiveCfg = Debug|Any CPU
+		{36772074-2B2B-4FB5-8A48-7F4EA1FB1233}.Debug|x86.Build.0 = Debug|Any CPU
+		{36772074-2B2B-4FB5-8A48-7F4EA1FB1233}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{36772074-2B2B-4FB5-8A48-7F4EA1FB1233}.Release|Any CPU.Build.0 = Release|Any CPU
+		{36772074-2B2B-4FB5-8A48-7F4EA1FB1233}.Release|x64.ActiveCfg = Release|Any CPU
+		{36772074-2B2B-4FB5-8A48-7F4EA1FB1233}.Release|x64.Build.0 = Release|Any CPU
+		{36772074-2B2B-4FB5-8A48-7F4EA1FB1233}.Release|x86.ActiveCfg = Release|Any CPU
+		{36772074-2B2B-4FB5-8A48-7F4EA1FB1233}.Release|x86.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -105,6 +119,7 @@ Global
 		{DF7C8CD9-D26F-4A66-A3C4-95A6E7EF269E} = {6926CF2C-9411-467D-AC6F-06B18C3A41B6}
 		{2CB7F5C1-7D49-4ADE-B137-831D5653958B} = {6926CF2C-9411-467D-AC6F-06B18C3A41B6}
 		{36143397-0EED-4CA4-9D25-C60A8C93B1FA} = {FC1158B5-9752-46DE-B885-B8B553E252B2}
+		{36772074-2B2B-4FB5-8A48-7F4EA1FB1233} = {6926CF2C-9411-467D-AC6F-06B18C3A41B6}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {13001953-EB62-4CE6-82B1-3795390B514E}

diff --git a/src/FMData.Rest.Auth.Cloud/FMData.Rest.Auth.FileMakerCloud.csproj b/src/FMData.Rest.Auth.Cloud/FMData.Rest.Auth.FileMakerCloud.csproj
@@ -0,0 +1,86 @@
+<Project Sdk="Microsoft.NET.Sdk">
+  <PropertyGroup>
+    <TargetFrameworks>netstandard2.0;net6.0</TargetFrameworks>
+    <GeneratePackageOnBuild>true</GeneratePackageOnBuild>
+    <AssemblyTitle>FMData.Rest.Auth.FileMakerCloud</AssemblyTitle>
+    <AssemblyName>FMData.Rest.Auth.FileMakerCloud</AssemblyName>
+    <Description>FileMaker Data API Authentication for FileMaker Cloud.</Description>
+    <NeutralLanguage>en-US</NeutralLanguage>
+    <PackageLicense>https://github.com/fuzzzerd/fmdata/blob/master/LICENSE</PackageLicense>
+    <PackageProjectUrl>https://fmdata.io/</PackageProjectUrl>
+    <PackageIcon>nuget.png</PackageIcon>
+    <PackageReadmeFile>readme.md</PackageReadmeFile>
+    <RepositoryUrl>https://github.com/fuzzzerd/fmdata</RepositoryUrl>
+    <RepositoryType>GitHub</RepositoryType>
+    <Authors>Nate Bross</Authors>
+    <Company />
+    <PackageTags>data-api filemaker dataapi dapi-client data dapi api filemaker-rest filemaker-api netstandard json dotnet-standard</PackageTags>
+    <PublishRepositoryUrl>true</PublishRepositoryUrl>
+    <DebugType>Embedded</DebugType>
+    <IncludeUntrackedSources>true</IncludeUntrackedSources>
+    <ContinuousIntegrationBuild>true</ContinuousIntegrationBuild>
+    <EmbedUntrackedSources>true</EmbedUntrackedSources>
+  </PropertyGroup>
+
+  <ItemGroup Condition="'$(CI)' == 'true'">
+   <EmbeddedFiles Include="$(GeneratedAssemblyInfoFile)" />
+ </ItemGroup>
+
+  <PropertyGroup>
+    <MinVerMinimumMajorMinor>4.3</MinVerMinimumMajorMinor>
+    <MinVerTagPrefix>v</MinVerTagPrefix>
+    <MinVerDefaultPreReleasePhase>beta</MinVerDefaultPreReleasePhase>
+  </PropertyGroup>
+
+  <PropertyGroup>
+    <DocumentationFile>bin\$(Configuration)\$(TargetFramework)\$(AssemblyName).xml</DocumentationFile>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <None Include="..\..\images\nuget.png" Pack="true" PackagePath="\" />
+    <None Include="..\..\readme.md" Pack="true" PackagePath="\" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\FMData\FMData.csproj" />
+  <ProjectReference Include="..\FMData.Rest\FMData.Rest.csproj" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
+    <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.1.1" PrivateAssets="All" />
+    <PackageReference Include="MinVer" Version="3.1.0" PrivateAssets="All" />
+  </ItemGroup>
+
+  <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.0'">
+    <PackageReference Include="Amazon.Extensions.CognitoAuthentication">
+      <Version>2.2.2</Version>
+    </PackageReference>
+    <PackageReference Include="AWSSDK.CognitoIdentityProvider">
+      <Version>3.7.4</Version>
+    </PackageReference>
+  </ItemGroup>
+
+  <ItemGroup Condition="'$(TargetFramework)' == 'net6.0'">
+    <PackageReference Include="Amazon.Extensions.CognitoAuthentication">
+      <Version>2.2.2</Version>
+    </PackageReference>
+    <PackageReference Include="AWSSDK.CognitoIdentityProvider">
+      <Version>3.7.4</Version>
+    </PackageReference>
+  </ItemGroup>
+
+  <ItemGroup Condition="'$(TargetFramework)' == 'net45'">
+    <PackageReference Include="AWSSDK.CognitoIdentityProvider">
+      <Version>3.7.4</Version>
+    </PackageReference>
+  </ItemGroup>
+
+  <Target Name="MyTarget" AfterTargets="MinVer" Condition="'$(APPVEYOR_PULL_REQUEST_NUMBER)' != ''">
+    <PropertyGroup>
+      <PackageVersion>$(MinVerMajor).$(MinVerMinor).$(MinVerPatch)-pr.$(APPVEYOR_PULL_REQUEST_NUMBER).build-id.$(APPVEYOR_BUILD_ID).$(MinVerPreRelease)</PackageVersion>
+      <PackageVersion Condition="'$(MinVerBuildMetadata)' != ''">$(PackageVersion)+$(MinVerBuildMetadata)</PackageVersion>
+      <Version>$(PackageVersion)</Version>
+    </PropertyGroup>
+  </Target>
+</Project>
diff --git a/src/FMData.Rest.Auth.Cloud/FileMakerCloudAuthTokenProvider.cs b/src/FMData.Rest.Auth.Cloud/FileMakerCloudAuthTokenProvider.cs
@@ -0,0 +1,59 @@
+using System.Net.Http.Headers;
+using System.Threading.Tasks;
+using Amazon.CognitoIdentityProvider;
+using Amazon.Extensions.CognitoAuthentication;
+using Amazon.Runtime;
+using Amazon;
+
+namespace FMData.Rest
+{
+    /// <summary>
+    /// FileMaker Cloud authentication provider (AWS Cognito)
+    /// </summary>
+    public class FileMakerCloudAuthTokenProvider : IAuthTokenProvider
+    {
+        private readonly ConnectionInfo _conn;
+
+        /// <summary>
+        /// Constructor 
+        /// </summary>
+        /// <param name="conn">Connection config values</param>
+        public FileMakerCloudAuthTokenProvider(ConnectionInfo conn)
+        {
+            _conn = conn;
+        }
+
+        /// <summary>
+        /// Connection config values
+        /// </summary>
+        public ConnectionInfo ConnectionInfo { get => _conn; }
+
+        /// <summary>
+        /// Gets the AuthenticationHeaderValue
+        /// </summary>
+        /// <returns>AuthenticationHeaderValue</returns>
+        public async Task<AuthenticationHeaderValue> GetAuthenticationHeaderValue()
+        {
+            var region = RegionEndpoint.GetBySystemName(_conn.RegionEndpoint);
+            var identityProviderClient = new AmazonCognitoIdentityProviderClient(new AnonymousAWSCredentials(), region);
+            string token = await GetToken(identityProviderClient).ConfigureAwait(false);
+            return AuthenticationHeaderValue.Parse("FMID " + token);
+        }
+
+        /// <summary>
+        /// Provide an AWS Cognito Identiy Token
+        /// </summary>
+        /// <param name="identityProviderClient"><see href="https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/CognitoIdentityProvider/TCognitoIdentityProviderClient.html">AmazonCognitoIdentityProviderClient</see></param>
+        /// <returns>returns the IdToken of the AuthenticationResult</returns>
+        private async Task<string> GetToken(AmazonCognitoIdentityProviderClient identityProviderClient)
+        {
+            var userpool = new CognitoUserPool(ConnectionInfo.CognitoUserPoolID, ConnectionInfo.CognitoClientID, identityProviderClient);
+            var user = new CognitoUser(ConnectionInfo.Username, ConnectionInfo.CognitoClientID, userpool, identityProviderClient);
+            var initiateSrpAuthRequest = new InitiateSrpAuthRequest(); //SRP means Secure Remote Password
+            initiateSrpAuthRequest.Password = ConnectionInfo.Password;
+
+            var response = await user.StartWithSrpAuthAsync(initiateSrpAuthRequest).ConfigureAwait(false);
+            return response.AuthenticationResult.IdToken;
+        }
+    }
+}
diff --git a/src/FMData.Rest/DefaultAuthTokenProvider.cs b/src/FMData.Rest/DefaultAuthTokenProvider.cs
@@ -0,0 +1,42 @@
+using System;
+using System.Net.Http.Headers;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace FMData.Rest
+{
+    /// <summary>
+    /// Default authentication provider
+    /// </summary>
+    public class DefaultAuthTokenProvider : IAuthTokenProvider
+    {
+        private readonly ConnectionInfo _conn;
+
+        /// <summary>
+        /// Constructor 
+        /// </summary>
+        /// <param name="conn">Provide Connection details</param>
+        public DefaultAuthTokenProvider(ConnectionInfo conn)
+        {
+            _conn = conn;
+        }
+
+        /// <summary>
+        /// Connection config values
+        /// </summary>
+        public ConnectionInfo ConnectionInfo { get => _conn; }
+
+        /// <summary>
+        /// Get base64 encoded AuthenticationHeaderValue
+        /// </summary>
+        /// <returns></returns>
+        /// <exception cref="ArgumentException"></exception>
+        public Task<AuthenticationHeaderValue> GetAuthenticationHeaderValue()
+        {
+            if (string.IsNullOrEmpty(_conn.Username)) throw new ArgumentException("Username is a required parameter.");
+            if (string.IsNullOrEmpty(_conn.Password)) throw new ArgumentException("Password is a required parameter.");
+            var header = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(Encoding.ASCII.GetBytes($"{_conn.Username}:{_conn.Password}")));
+            return Task.FromResult(header);
+        }
+    }
+}
diff --git a/src/FMData.Rest/FileMakerRestClient.cs b/src/FMData.Rest/FileMakerRestClient.cs
@@ -1,4 +1,4 @@
-using FMData.Rest.Requests;
+using FMData.Rest.Requests;
 using FMData.Rest.Responses;
 using Newtonsoft.Json;
 using Newtonsoft.Json.Linq;
@@ -18,7 +18,7 @@ namespace FMData.Rest
     /// <summary>
     /// FileMaker Data API Client Implementation.
     /// </summary>
-    public class FileMakerRestClient : FileMakerApiClientBase, IFileMakerApiClient
+    public class FileMakerRestClient : FileMakerApiClientBase, IFileMakerRestClient
     {
         #region Request Factories
         /// <summary>
@@ -50,6 +50,8 @@ public class FileMakerRestClient : FileMakerApiClientBase, IFileMakerApiClient
         private AuthenticationHeaderValue _authHeader;
         private DateTime _dataTokenLastUse = DateTime.MinValue;
 
+        private readonly IAuthTokenProvider _authTokenProvider;
+
         #region Constructors
         /// <summary>
         /// Create a FileMakerRestClient with a new instance of HttpClient.
@@ -68,9 +70,18 @@ public FileMakerRestClient(string fmsUri, string file, string user, string pass)
         /// <param name="client">The HttpClient instance to use.</param>
         /// <param name="conn">The connection information for FMS.</param>
         public FileMakerRestClient(HttpClient client, ConnectionInfo conn)
-            : base(client, conn)
-        {
+            : this(client, new DefaultAuthTokenProvider(conn))
+        { }
 
+        /// <summary>
+        /// FM Data Constructor with HttpClient, ConnectionInfo and an authentication provider. Useful for Dependency Injection situations.
+        /// </summary>
+        /// <param name="client">The HttpClient instance to use.</param>
+        /// <param name="authTokenProvider">Authentication provider</param>
+        public FileMakerRestClient(HttpClient client, IAuthTokenProvider authTokenProvider)
+            : base(client, authTokenProvider.ConnectionInfo)
+        {
+            _authTokenProvider = authTokenProvider;
 #if NETSTANDARD1_3
             var header = new System.Net.Http.Headers.ProductHeaderValue("FMData.Rest", "4");
             var userAgent = new System.Net.Http.Headers.ProductInfoHeaderValue(header);
@@ -82,6 +93,7 @@ public FileMakerRestClient(HttpClient client, ConnectionInfo conn)
 #endif
             Client.DefaultRequestHeaders.UserAgent.Add(userAgent);
         }
+
         #endregion
 
         #region API Endpoint Functions
@@ -161,23 +173,18 @@ public FileMakerRestClient(HttpClient client, ConnectionInfo conn)
         /// </summary>
         private async Task UpdateTokenDateAsync()
         {
-            if (!IsAuthenticated) { await RefreshTokenAsync(UserName, Password).ConfigureAwait(false); }
+            if (!IsAuthenticated) { await RefreshTokenAsync().ConfigureAwait(false); }
             _dataTokenLastUse = DateTime.UtcNow;
         }
 
         /// <summary>
         /// Refreshes the internally stored authentication token from filemaker server.
         /// </summary>
-        /// <param name="username">Username of the account to authenticate.</param>
-        /// <param name="password">Password of the account to authenticate.</param>
         /// <returns>An AuthResponse from deserialized from FileMaker Server json response.</returns>
-        public async Task<AuthResponse> RefreshTokenAsync(string username, string password)
+        public async Task<AuthResponse> RefreshTokenAsync()
         {
-            // parameter checks
-            if (string.IsNullOrEmpty(username)) throw new ArgumentException("Username is a required parameter.");
-            if (string.IsNullOrEmpty(password)) throw new ArgumentException("Password is a required parameter.");
+            var authHeader = await _authTokenProvider.GetAuthenticationHeaderValue().ConfigureAwait(false);
 
-            var authHeader = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(Encoding.ASCII.GetBytes($"{username}:{password}")));
             var requestMessage = new HttpRequestMessage(HttpMethod.Post, AuthEndpoint());
             requestMessage.Headers.Authorization = authHeader;
             requestMessage.Content = new StringContent("{ }", Encoding.UTF8, "application/json");
@@ -854,10 +861,7 @@ public override async Task<IReadOnlyCollection<string>> GetDatabasesAsync()
             var requestMessage = new HttpRequestMessage(HttpMethod.Get, $"{FmsUri}/fmi/data/v1/databases");
 
             // special non-token auth to list databases
-            requestMessage.Headers.Authorization = new AuthenticationHeaderValue("basic", Convert.ToBase64String(
-                    Encoding.UTF8.GetBytes($"{UserName}:{Password}")
-                )
-            );
+            requestMessage.Headers.Authorization = await _authTokenProvider.GetAuthenticationHeaderValue().ConfigureAwait(false);
 
             // run the patch action
             var response = await Client.SendAsync(requestMessage).ConfigureAwait(false);

diff --git a/src/FMData.Rest/IAuthTokenProvider.cs b/src/FMData.Rest/IAuthTokenProvider.cs
@@ -0,0 +1,22 @@
+using System.Net.Http.Headers;
+using System.Threading.Tasks;
+
+namespace FMData.Rest
+{
+    /// <summary>
+    /// FileMaker REST Client Auth Provider Interface.
+    /// </summary>
+    public interface IAuthTokenProvider
+    {
+        /// <summary>
+        /// Connection config values
+        /// </summary>
+        ConnectionInfo ConnectionInfo { get; }
+
+        /// <summary>
+        /// Provide the AuthenticationHeaderValue
+        /// </summary>
+        /// <returns>AuthenticationHeaderValue</returns>
+        Task<AuthenticationHeaderValue> GetAuthenticationHeaderValue();
+    }
+}
diff --git a/src/FMData.Rest/IFileMakerRestClient.cs b/src/FMData.Rest/IFileMakerRestClient.cs
@@ -13,12 +13,8 @@ public interface IFileMakerRestClient : IFileMakerApiClient
         /// <summary>
         /// Refreshes the internally stored authentication token from filemaker server.
         /// </summary>
-        /// <param name="username">Username of the account to authenticate.</param>
-        /// <param name="password">Password of the account to authenticate.</param>
         /// <returns>An AuthResponse from deserialized from FileMaker Server json response.</returns>
-        Task<AuthResponse> RefreshTokenAsync(
-            string username,
-            string password);
+        Task<AuthResponse> RefreshTokenAsync();
 
         /// <summary>
         /// Logs the user out and nullifies the token.
@@ -129,4 +125,4 @@ Task<HttpResponseMessage> ExecuteRequestAsync(
         /// </summary>
         bool IsAuthenticated { get; }
     }
-}
+}