private RespondToAuthChallengeRequest CreateSrpPasswordVerifierAuthRequest()

in src/Amazon.Extensions.CognitoAuthentication/CognitoUserAuthentication.cs [810:863]

• 46 lines of code
• 7 McCabe index (conditional complexity)

        private RespondToAuthChallengeRequest CreateSrpPasswordVerifierAuthRequest(InitiateAuthResponse challenge,
                                                                                   string password,
                                                                                   Tuple<BigInteger, BigInteger> tupleAa)
        {
            if (challenge == null)
                throw new ArgumentNullException(nameof(challenge), $"{nameof(challenge)} cannot be null");
            if (challenge.ChallengeParameters == null)
                throw new ArgumentNullException(nameof(challenge.ChallengeParameters), $"{nameof(challenge.ChallengeParameters)} cannot be null");
            string username = challenge.ChallengeParameters[CognitoConstants.ChlgParamUsername];
            string poolName = PoolName;
            string secretBlock = challenge.ChallengeParameters[CognitoConstants.ChlgParamSecretBlock];
            string salt = challenge.ChallengeParameters[CognitoConstants.ChlgParamSalt];
            BigInteger srpb = BigIntegerExtensions.FromUnsignedLittleEndianHex(challenge.ChallengeParameters[CognitoConstants.ChlgParamSrpB]);

            if (srpb.TrueMod(AuthenticationHelper.N).Equals(BigInteger.Zero))
            {
                throw new ArgumentException("SRP error, B mod N cannot be zero.", nameof(challenge));
            }

            DateTime timestamp = DateTime.UtcNow;
            string timeStr = timestamp.ToString("ddd MMM d HH:mm:ss \"UTC\" yyyy", CultureInfo.InvariantCulture);

            byte[] claim = AuthenticationHelper.AuthenticateUser(username, password, poolName, tupleAa, salt,
                challenge.ChallengeParameters[CognitoConstants.ChlgParamSrpB], secretBlock, timeStr);
            string claimBase64 = Convert.ToBase64String(claim);

            Dictionary<string, string> srpAuthResponses = new Dictionary<string, string>(StringComparer.Ordinal)
            {
                {CognitoConstants.ChlgParamPassSecretBlock, secretBlock},
                {CognitoConstants.ChlgParamPassSignature, claimBase64},
                {CognitoConstants.ChlgParamUsername, username },
                {CognitoConstants.ChlgParamTimestamp, timeStr },
            };

            if (!string.IsNullOrEmpty(SecretHash))
            {
                srpAuthResponses.Add(CognitoConstants.ChlgParamSecretHash, SecretHash);
            }

            if (Device != null && !string.IsNullOrEmpty(Device.DeviceKey))
            {
                srpAuthResponses.Add(CognitoConstants.ChlgParamDeviceKey, Device.DeviceKey);
            }

            RespondToAuthChallengeRequest authChallengeRequest = new RespondToAuthChallengeRequest()
            {
                ChallengeName = challenge.ChallengeName,
                ClientId = ClientID,
                Session = challenge.Session,
                ChallengeResponses = srpAuthResponses
            };

            return authChallengeRequest;
        }