private RespondToAuthChallengeRequest CreateDevicePasswordVerifierAuthRequest()

in src/Amazon.Extensions.CognitoAuthentication/CognitoUserAuthentication.cs [139:186]

• 40 lines of code
• 3 McCabe index (conditional complexity)

        private RespondToAuthChallengeRequest CreateDevicePasswordVerifierAuthRequest(RespondToAuthChallengeResponse challenge,
                                                                                   string deviceKeyGroup,
                                                                                   string devicePassword,
                                                                                   Tuple<BigInteger, BigInteger> tupleAa)
        {
            string deviceKey = challenge.ChallengeParameters[CognitoConstants.ChlgParamDeviceKey];
            string username = challenge.ChallengeParameters[CognitoConstants.ChlgParamUsername];
            string secretBlock = challenge.ChallengeParameters[CognitoConstants.ChlgParamSecretBlock];
            string salt = challenge.ChallengeParameters[CognitoConstants.ChlgParamSalt];
            BigInteger srpb = BigIntegerExtensions.FromUnsignedLittleEndianHex(challenge.ChallengeParameters[CognitoConstants.ChlgParamSrpB]);

            if ((srpb.TrueMod(AuthenticationHelper.N)).Equals(BigInteger.Zero))
            {
                throw new ArgumentException("SRP error, B mod N cannot be zero.", "challenge");
            }

            string timeStr = DateTime.UtcNow.ToString("ddd MMM d HH:mm:ss \"UTC\" yyyy", CultureInfo.InvariantCulture);

            var claimBytes = AuthenticationHelper.AuthenticateDevice(username, deviceKey, devicePassword, deviceKeyGroup, salt,
                challenge.ChallengeParameters[CognitoConstants.ChlgParamSrpB], secretBlock, timeStr, tupleAa);


            string claimB64 = Convert.ToBase64String(claimBytes);
            Dictionary<string, string> srpAuthResponses = new Dictionary<string, string>(StringComparer.Ordinal)
            {
                {CognitoConstants.ChlgParamPassSecretBlock, secretBlock},
                {CognitoConstants.ChlgParamPassSignature, claimB64},
                {CognitoConstants.ChlgParamUsername, username },
                {CognitoConstants.ChlgParamTimestamp, timeStr },
                {CognitoConstants.ChlgParamDeviceKey, Device.DeviceKey }
            };

            if (!string.IsNullOrEmpty(ClientSecret))
            {
                SecretHash = CognitoAuthHelper.GetUserPoolSecretHash(Username, ClientID, ClientSecret);
                srpAuthResponses.Add(CognitoConstants.ChlgParamSecretHash, SecretHash);
            }

            RespondToAuthChallengeRequest authChallengeRequest = new RespondToAuthChallengeRequest()
            {
                ChallengeName = challenge.ChallengeName,
                ClientId = ClientID,
                Session = challenge.Session,
                ChallengeResponses = srpAuthResponses
            };

            return authChallengeRequest;
        }