{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-binds #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.CognitoIdentityProvider.RespondToAuthChallenge
-- Copyright   : (c) 2013-2021 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
--
-- Responds to the authentication challenge.
--
-- This action might generate an SMS text message. Starting June 1, 2021,
-- U.S. telecom carriers require that you register an origination phone
-- number before you can send SMS messages to U.S. phone numbers. If you
-- use SMS text messages in Amazon Cognito, you must register a phone
-- number with
-- <https://console.aws.amazon.com/pinpoint/home/ Amazon Pinpoint>. Cognito
-- will use the the registered number automatically. Otherwise, Cognito
-- users that must receive SMS messages might be unable to sign up,
-- activate their accounts, or sign in.
--
-- If you have never used SMS text messages with Amazon Cognito or any
-- other Amazon Web Service, Amazon SNS might place your account in SMS
-- sandbox. In
-- /<https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html sandbox mode>/
-- , you’ll have limitations, such as sending messages to only verified
-- phone numbers. After testing in the sandbox environment, you can move
-- out of the SMS sandbox and into production. For more information, see
-- <https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-sms-userpool-settings.html SMS message settings for Cognito User Pools>
-- in the /Amazon Cognito Developer Guide/.
module Amazonka.CognitoIdentityProvider.RespondToAuthChallenge
  ( -- * Creating a Request
    RespondToAuthChallenge (..),
    newRespondToAuthChallenge,

    -- * Request Lenses
    respondToAuthChallenge_clientMetadata,
    respondToAuthChallenge_analyticsMetadata,
    respondToAuthChallenge_challengeResponses,
    respondToAuthChallenge_userContextData,
    respondToAuthChallenge_session,
    respondToAuthChallenge_clientId,
    respondToAuthChallenge_challengeName,

    -- * Destructuring the Response
    RespondToAuthChallengeResponse (..),
    newRespondToAuthChallengeResponse,

    -- * Response Lenses
    respondToAuthChallengeResponse_challengeName,
    respondToAuthChallengeResponse_challengeParameters,
    respondToAuthChallengeResponse_authenticationResult,
    respondToAuthChallengeResponse_session,
    respondToAuthChallengeResponse_httpStatus,
  )
where

import Amazonka.CognitoIdentityProvider.Types
import qualified Amazonka.Core as Core
import qualified Amazonka.Lens as Lens
import qualified Amazonka.Prelude as Prelude
import qualified Amazonka.Request as Request
import qualified Amazonka.Response as Response

-- | The request to respond to an authentication challenge.
--
-- /See:/ 'newRespondToAuthChallenge' smart constructor.
data RespondToAuthChallenge = RespondToAuthChallenge'
  { -- | A map of custom key-value pairs that you can provide as input for any
    -- custom workflows that this action triggers.
    --
    -- You create custom workflows by assigning Lambda functions to user pool
    -- triggers. When you use the RespondToAuthChallenge API action, Amazon
    -- Cognito invokes any functions that are assigned to the following
    -- triggers: /post authentication/, /pre token generation/, /define auth
    -- challenge/, /create auth challenge/, and /verify auth challenge/. When
    -- Amazon Cognito invokes any of these functions, it passes a JSON payload,
    -- which the function receives as input. This payload contains a
    -- @clientMetadata@ attribute, which provides the data that you assigned to
    -- the ClientMetadata parameter in your RespondToAuthChallenge request. In
    -- your function code in Lambda, you can process the @clientMetadata@ value
    -- to enhance your workflow for your specific needs.
    --
    -- For more information, see
    -- <https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html Customizing User Pool Workflows with Lambda Triggers>
    -- in the /Amazon Cognito Developer Guide/.
    --
    -- Take the following limitations into consideration when you use the
    -- ClientMetadata parameter:
    --
    -- -   Amazon Cognito does not store the ClientMetadata value. This data is
    --     available only to Lambda triggers that are assigned to a user pool
    --     to support custom workflows. If your user pool configuration does
    --     not include triggers, the ClientMetadata parameter serves no
    --     purpose.
    --
    -- -   Amazon Cognito does not validate the ClientMetadata value.
    --
    -- -   Amazon Cognito does not encrypt the the ClientMetadata value, so
    --     don\'t use it to provide sensitive information.
    RespondToAuthChallenge -> Maybe (HashMap Text Text)
clientMetadata :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
    -- | The Amazon Pinpoint analytics metadata for collecting metrics for
    -- @RespondToAuthChallenge@ calls.
    RespondToAuthChallenge -> Maybe AnalyticsMetadataType
analyticsMetadata :: Prelude.Maybe AnalyticsMetadataType,
    -- | The challenge responses. These are inputs corresponding to the value of
    -- @ChallengeName@, for example:
    --
    -- @SECRET_HASH@ (if app client is configured with client secret) applies
    -- to all inputs below (including @SOFTWARE_TOKEN_MFA@).
    --
    -- -   @SMS_MFA@: @SMS_MFA_CODE@, @USERNAME@.
    --
    -- -   @PASSWORD_VERIFIER@: @PASSWORD_CLAIM_SIGNATURE@,
    --     @PASSWORD_CLAIM_SECRET_BLOCK@, @TIMESTAMP@, @USERNAME@.
    --
    -- -   @NEW_PASSWORD_REQUIRED@: @NEW_PASSWORD@, any other required
    --     attributes, @USERNAME@.
    --
    -- -   @SOFTWARE_TOKEN_MFA@: @USERNAME@ and @SOFTWARE_TOKEN_MFA_CODE@ are
    --     required attributes.
    --
    -- -   @DEVICE_SRP_AUTH@ requires @USERNAME@, @DEVICE_KEY@, @SRP_A@ (and
    --     @SECRET_HASH@).
    --
    -- -   @DEVICE_PASSWORD_VERIFIER@ requires everything that
    --     @PASSWORD_VERIFIER@ requires plus @DEVICE_KEY@.
    --
    -- -   @MFA_SETUP@ requires @USERNAME@, plus you need to use the session
    --     value returned by @VerifySoftwareToken@ in the @Session@ parameter.
    RespondToAuthChallenge -> Maybe (HashMap Text Text)
challengeResponses :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
    -- | Contextual data such as the user\'s device fingerprint, IP address, or
    -- location used for evaluating the risk of an unexpected event by Amazon
    -- Cognito advanced security.
    RespondToAuthChallenge -> Maybe UserContextDataType
userContextData :: Prelude.Maybe UserContextDataType,
    -- | The session which should be passed both ways in challenge-response calls
    -- to the service. If @InitiateAuth@ or @RespondToAuthChallenge@ API call
    -- determines that the caller needs to go through another challenge, they
    -- return a session with other challenge parameters. This session should be
    -- passed as it is to the next @RespondToAuthChallenge@ API call.
    RespondToAuthChallenge -> Maybe Text
session :: Prelude.Maybe Prelude.Text,
    -- | The app client ID.
    RespondToAuthChallenge -> Sensitive Text
clientId :: Core.Sensitive Prelude.Text,
    -- | The challenge name. For more information, see
    -- <https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html InitiateAuth>.
    --
    -- @ADMIN_NO_SRP_AUTH@ is not a valid value.
    RespondToAuthChallenge -> ChallengeNameType
challengeName :: ChallengeNameType
  }
  deriving (RespondToAuthChallenge -> RespondToAuthChallenge -> Bool
(RespondToAuthChallenge -> RespondToAuthChallenge -> Bool)
-> (RespondToAuthChallenge -> RespondToAuthChallenge -> Bool)
-> Eq RespondToAuthChallenge
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: RespondToAuthChallenge -> RespondToAuthChallenge -> Bool
$c/= :: RespondToAuthChallenge -> RespondToAuthChallenge -> Bool
== :: RespondToAuthChallenge -> RespondToAuthChallenge -> Bool
$c== :: RespondToAuthChallenge -> RespondToAuthChallenge -> Bool
Prelude.Eq, Int -> RespondToAuthChallenge -> ShowS
[RespondToAuthChallenge] -> ShowS
RespondToAuthChallenge -> String
(Int -> RespondToAuthChallenge -> ShowS)
-> (RespondToAuthChallenge -> String)
-> ([RespondToAuthChallenge] -> ShowS)
-> Show RespondToAuthChallenge
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [RespondToAuthChallenge] -> ShowS
$cshowList :: [RespondToAuthChallenge] -> ShowS
show :: RespondToAuthChallenge -> String
$cshow :: RespondToAuthChallenge -> String
showsPrec :: Int -> RespondToAuthChallenge -> ShowS
$cshowsPrec :: Int -> RespondToAuthChallenge -> ShowS
Prelude.Show, (forall x. RespondToAuthChallenge -> Rep RespondToAuthChallenge x)
-> (forall x.
    Rep RespondToAuthChallenge x -> RespondToAuthChallenge)
-> Generic RespondToAuthChallenge
forall x. Rep RespondToAuthChallenge x -> RespondToAuthChallenge
forall x. RespondToAuthChallenge -> Rep RespondToAuthChallenge x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep RespondToAuthChallenge x -> RespondToAuthChallenge
$cfrom :: forall x. RespondToAuthChallenge -> Rep RespondToAuthChallenge x
Prelude.Generic)

-- |
-- Create a value of 'RespondToAuthChallenge' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'clientMetadata', 'respondToAuthChallenge_clientMetadata' - A map of custom key-value pairs that you can provide as input for any
-- custom workflows that this action triggers.
--
-- You create custom workflows by assigning Lambda functions to user pool
-- triggers. When you use the RespondToAuthChallenge API action, Amazon
-- Cognito invokes any functions that are assigned to the following
-- triggers: /post authentication/, /pre token generation/, /define auth
-- challenge/, /create auth challenge/, and /verify auth challenge/. When
-- Amazon Cognito invokes any of these functions, it passes a JSON payload,
-- which the function receives as input. This payload contains a
-- @clientMetadata@ attribute, which provides the data that you assigned to
-- the ClientMetadata parameter in your RespondToAuthChallenge request. In
-- your function code in Lambda, you can process the @clientMetadata@ value
-- to enhance your workflow for your specific needs.
--
-- For more information, see
-- <https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html Customizing User Pool Workflows with Lambda Triggers>
-- in the /Amazon Cognito Developer Guide/.
--
-- Take the following limitations into consideration when you use the
-- ClientMetadata parameter:
--
-- -   Amazon Cognito does not store the ClientMetadata value. This data is
--     available only to Lambda triggers that are assigned to a user pool
--     to support custom workflows. If your user pool configuration does
--     not include triggers, the ClientMetadata parameter serves no
--     purpose.
--
-- -   Amazon Cognito does not validate the ClientMetadata value.
--
-- -   Amazon Cognito does not encrypt the the ClientMetadata value, so
--     don\'t use it to provide sensitive information.
--
-- 'analyticsMetadata', 'respondToAuthChallenge_analyticsMetadata' - The Amazon Pinpoint analytics metadata for collecting metrics for
-- @RespondToAuthChallenge@ calls.
--
-- 'challengeResponses', 'respondToAuthChallenge_challengeResponses' - The challenge responses. These are inputs corresponding to the value of
-- @ChallengeName@, for example:
--
-- @SECRET_HASH@ (if app client is configured with client secret) applies
-- to all inputs below (including @SOFTWARE_TOKEN_MFA@).
--
-- -   @SMS_MFA@: @SMS_MFA_CODE@, @USERNAME@.
--
-- -   @PASSWORD_VERIFIER@: @PASSWORD_CLAIM_SIGNATURE@,
--     @PASSWORD_CLAIM_SECRET_BLOCK@, @TIMESTAMP@, @USERNAME@.
--
-- -   @NEW_PASSWORD_REQUIRED@: @NEW_PASSWORD@, any other required
--     attributes, @USERNAME@.
--
-- -   @SOFTWARE_TOKEN_MFA@: @USERNAME@ and @SOFTWARE_TOKEN_MFA_CODE@ are
--     required attributes.
--
-- -   @DEVICE_SRP_AUTH@ requires @USERNAME@, @DEVICE_KEY@, @SRP_A@ (and
--     @SECRET_HASH@).
--
-- -   @DEVICE_PASSWORD_VERIFIER@ requires everything that
--     @PASSWORD_VERIFIER@ requires plus @DEVICE_KEY@.
--
-- -   @MFA_SETUP@ requires @USERNAME@, plus you need to use the session
--     value returned by @VerifySoftwareToken@ in the @Session@ parameter.
--
-- 'userContextData', 'respondToAuthChallenge_userContextData' - Contextual data such as the user\'s device fingerprint, IP address, or
-- location used for evaluating the risk of an unexpected event by Amazon
-- Cognito advanced security.
--
-- 'session', 'respondToAuthChallenge_session' - The session which should be passed both ways in challenge-response calls
-- to the service. If @InitiateAuth@ or @RespondToAuthChallenge@ API call
-- determines that the caller needs to go through another challenge, they
-- return a session with other challenge parameters. This session should be
-- passed as it is to the next @RespondToAuthChallenge@ API call.
--
-- 'clientId', 'respondToAuthChallenge_clientId' - The app client ID.
--
-- 'challengeName', 'respondToAuthChallenge_challengeName' - The challenge name. For more information, see
-- <https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html InitiateAuth>.
--
-- @ADMIN_NO_SRP_AUTH@ is not a valid value.
newRespondToAuthChallenge ::
  -- | 'clientId'
  Prelude.Text ->
  -- | 'challengeName'
  ChallengeNameType ->
  RespondToAuthChallenge
newRespondToAuthChallenge :: Text -> ChallengeNameType -> RespondToAuthChallenge
newRespondToAuthChallenge Text
pClientId_ ChallengeNameType
pChallengeName_ =
  RespondToAuthChallenge' :: Maybe (HashMap Text Text)
-> Maybe AnalyticsMetadataType
-> Maybe (HashMap Text Text)
-> Maybe UserContextDataType
-> Maybe Text
-> Sensitive Text
-> ChallengeNameType
-> RespondToAuthChallenge
RespondToAuthChallenge'
    { $sel:clientMetadata:RespondToAuthChallenge' :: Maybe (HashMap Text Text)
clientMetadata =
        Maybe (HashMap Text Text)
forall a. Maybe a
Prelude.Nothing,
      $sel:analyticsMetadata:RespondToAuthChallenge' :: Maybe AnalyticsMetadataType
analyticsMetadata = Maybe AnalyticsMetadataType
forall a. Maybe a
Prelude.Nothing,
      $sel:challengeResponses:RespondToAuthChallenge' :: Maybe (HashMap Text Text)
challengeResponses = Maybe (HashMap Text Text)
forall a. Maybe a
Prelude.Nothing,
      $sel:userContextData:RespondToAuthChallenge' :: Maybe UserContextDataType
userContextData = Maybe UserContextDataType
forall a. Maybe a
Prelude.Nothing,
      $sel:session:RespondToAuthChallenge' :: Maybe Text
session = Maybe Text
forall a. Maybe a
Prelude.Nothing,
      $sel:clientId:RespondToAuthChallenge' :: Sensitive Text
clientId = Tagged Text (Identity Text)
-> Tagged (Sensitive Text) (Identity (Sensitive Text))
forall a. Iso' (Sensitive a) a
Core._Sensitive (Tagged Text (Identity Text)
 -> Tagged (Sensitive Text) (Identity (Sensitive Text)))
-> Text -> Sensitive Text
forall t b. AReview t b -> b -> t
Lens.# Text
pClientId_,
      $sel:challengeName:RespondToAuthChallenge' :: ChallengeNameType
challengeName = ChallengeNameType
pChallengeName_
    }

-- | A map of custom key-value pairs that you can provide as input for any
-- custom workflows that this action triggers.
--
-- You create custom workflows by assigning Lambda functions to user pool
-- triggers. When you use the RespondToAuthChallenge API action, Amazon
-- Cognito invokes any functions that are assigned to the following
-- triggers: /post authentication/, /pre token generation/, /define auth
-- challenge/, /create auth challenge/, and /verify auth challenge/. When
-- Amazon Cognito invokes any of these functions, it passes a JSON payload,
-- which the function receives as input. This payload contains a
-- @clientMetadata@ attribute, which provides the data that you assigned to
-- the ClientMetadata parameter in your RespondToAuthChallenge request. In
-- your function code in Lambda, you can process the @clientMetadata@ value
-- to enhance your workflow for your specific needs.
--
-- For more information, see
-- <https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html Customizing User Pool Workflows with Lambda Triggers>
-- in the /Amazon Cognito Developer Guide/.
--
-- Take the following limitations into consideration when you use the
-- ClientMetadata parameter:
--
-- -   Amazon Cognito does not store the ClientMetadata value. This data is
--     available only to Lambda triggers that are assigned to a user pool
--     to support custom workflows. If your user pool configuration does
--     not include triggers, the ClientMetadata parameter serves no
--     purpose.
--
-- -   Amazon Cognito does not validate the ClientMetadata value.
--
-- -   Amazon Cognito does not encrypt the the ClientMetadata value, so
--     don\'t use it to provide sensitive information.
respondToAuthChallenge_clientMetadata :: Lens.Lens' RespondToAuthChallenge (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
respondToAuthChallenge_clientMetadata :: (Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
-> RespondToAuthChallenge -> f RespondToAuthChallenge
respondToAuthChallenge_clientMetadata = (RespondToAuthChallenge -> Maybe (HashMap Text Text))
-> (RespondToAuthChallenge
    -> Maybe (HashMap Text Text) -> RespondToAuthChallenge)
-> Lens
     RespondToAuthChallenge
     RespondToAuthChallenge
     (Maybe (HashMap Text Text))
     (Maybe (HashMap Text Text))
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RespondToAuthChallenge' {Maybe (HashMap Text Text)
clientMetadata :: Maybe (HashMap Text Text)
$sel:clientMetadata:RespondToAuthChallenge' :: RespondToAuthChallenge -> Maybe (HashMap Text Text)
clientMetadata} -> Maybe (HashMap Text Text)
clientMetadata) (\s :: RespondToAuthChallenge
s@RespondToAuthChallenge' {} Maybe (HashMap Text Text)
a -> RespondToAuthChallenge
s {$sel:clientMetadata:RespondToAuthChallenge' :: Maybe (HashMap Text Text)
clientMetadata = Maybe (HashMap Text Text)
a} :: RespondToAuthChallenge) ((Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
 -> RespondToAuthChallenge -> f RespondToAuthChallenge)
-> ((Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
    -> Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
-> (Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
-> RespondToAuthChallenge
-> f RespondToAuthChallenge
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. AnIso
  (HashMap Text Text)
  (HashMap Text Text)
  (HashMap Text Text)
  (HashMap Text Text)
-> Iso
     (Maybe (HashMap Text Text))
     (Maybe (HashMap Text Text))
     (Maybe (HashMap Text Text))
     (Maybe (HashMap Text Text))
forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping AnIso
  (HashMap Text Text)
  (HashMap Text Text)
  (HashMap Text Text)
  (HashMap Text Text)
forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | The Amazon Pinpoint analytics metadata for collecting metrics for
-- @RespondToAuthChallenge@ calls.
respondToAuthChallenge_analyticsMetadata :: Lens.Lens' RespondToAuthChallenge (Prelude.Maybe AnalyticsMetadataType)
respondToAuthChallenge_analyticsMetadata :: (Maybe AnalyticsMetadataType -> f (Maybe AnalyticsMetadataType))
-> RespondToAuthChallenge -> f RespondToAuthChallenge
respondToAuthChallenge_analyticsMetadata = (RespondToAuthChallenge -> Maybe AnalyticsMetadataType)
-> (RespondToAuthChallenge
    -> Maybe AnalyticsMetadataType -> RespondToAuthChallenge)
-> Lens
     RespondToAuthChallenge
     RespondToAuthChallenge
     (Maybe AnalyticsMetadataType)
     (Maybe AnalyticsMetadataType)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RespondToAuthChallenge' {Maybe AnalyticsMetadataType
analyticsMetadata :: Maybe AnalyticsMetadataType
$sel:analyticsMetadata:RespondToAuthChallenge' :: RespondToAuthChallenge -> Maybe AnalyticsMetadataType
analyticsMetadata} -> Maybe AnalyticsMetadataType
analyticsMetadata) (\s :: RespondToAuthChallenge
s@RespondToAuthChallenge' {} Maybe AnalyticsMetadataType
a -> RespondToAuthChallenge
s {$sel:analyticsMetadata:RespondToAuthChallenge' :: Maybe AnalyticsMetadataType
analyticsMetadata = Maybe AnalyticsMetadataType
a} :: RespondToAuthChallenge)

-- | The challenge responses. These are inputs corresponding to the value of
-- @ChallengeName@, for example:
--
-- @SECRET_HASH@ (if app client is configured with client secret) applies
-- to all inputs below (including @SOFTWARE_TOKEN_MFA@).
--
-- -   @SMS_MFA@: @SMS_MFA_CODE@, @USERNAME@.
--
-- -   @PASSWORD_VERIFIER@: @PASSWORD_CLAIM_SIGNATURE@,
--     @PASSWORD_CLAIM_SECRET_BLOCK@, @TIMESTAMP@, @USERNAME@.
--
-- -   @NEW_PASSWORD_REQUIRED@: @NEW_PASSWORD@, any other required
--     attributes, @USERNAME@.
--
-- -   @SOFTWARE_TOKEN_MFA@: @USERNAME@ and @SOFTWARE_TOKEN_MFA_CODE@ are
--     required attributes.
--
-- -   @DEVICE_SRP_AUTH@ requires @USERNAME@, @DEVICE_KEY@, @SRP_A@ (and
--     @SECRET_HASH@).
--
-- -   @DEVICE_PASSWORD_VERIFIER@ requires everything that
--     @PASSWORD_VERIFIER@ requires plus @DEVICE_KEY@.
--
-- -   @MFA_SETUP@ requires @USERNAME@, plus you need to use the session
--     value returned by @VerifySoftwareToken@ in the @Session@ parameter.
respondToAuthChallenge_challengeResponses :: Lens.Lens' RespondToAuthChallenge (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
respondToAuthChallenge_challengeResponses :: (Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
-> RespondToAuthChallenge -> f RespondToAuthChallenge
respondToAuthChallenge_challengeResponses = (RespondToAuthChallenge -> Maybe (HashMap Text Text))
-> (RespondToAuthChallenge
    -> Maybe (HashMap Text Text) -> RespondToAuthChallenge)
-> Lens
     RespondToAuthChallenge
     RespondToAuthChallenge
     (Maybe (HashMap Text Text))
     (Maybe (HashMap Text Text))
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RespondToAuthChallenge' {Maybe (HashMap Text Text)
challengeResponses :: Maybe (HashMap Text Text)
$sel:challengeResponses:RespondToAuthChallenge' :: RespondToAuthChallenge -> Maybe (HashMap Text Text)
challengeResponses} -> Maybe (HashMap Text Text)
challengeResponses) (\s :: RespondToAuthChallenge
s@RespondToAuthChallenge' {} Maybe (HashMap Text Text)
a -> RespondToAuthChallenge
s {$sel:challengeResponses:RespondToAuthChallenge' :: Maybe (HashMap Text Text)
challengeResponses = Maybe (HashMap Text Text)
a} :: RespondToAuthChallenge) ((Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
 -> RespondToAuthChallenge -> f RespondToAuthChallenge)
-> ((Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
    -> Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
-> (Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
-> RespondToAuthChallenge
-> f RespondToAuthChallenge
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. AnIso
  (HashMap Text Text)
  (HashMap Text Text)
  (HashMap Text Text)
  (HashMap Text Text)
-> Iso
     (Maybe (HashMap Text Text))
     (Maybe (HashMap Text Text))
     (Maybe (HashMap Text Text))
     (Maybe (HashMap Text Text))
forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping AnIso
  (HashMap Text Text)
  (HashMap Text Text)
  (HashMap Text Text)
  (HashMap Text Text)
forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | Contextual data such as the user\'s device fingerprint, IP address, or
-- location used for evaluating the risk of an unexpected event by Amazon
-- Cognito advanced security.
respondToAuthChallenge_userContextData :: Lens.Lens' RespondToAuthChallenge (Prelude.Maybe UserContextDataType)
respondToAuthChallenge_userContextData :: (Maybe UserContextDataType -> f (Maybe UserContextDataType))
-> RespondToAuthChallenge -> f RespondToAuthChallenge
respondToAuthChallenge_userContextData = (RespondToAuthChallenge -> Maybe UserContextDataType)
-> (RespondToAuthChallenge
    -> Maybe UserContextDataType -> RespondToAuthChallenge)
-> Lens
     RespondToAuthChallenge
     RespondToAuthChallenge
     (Maybe UserContextDataType)
     (Maybe UserContextDataType)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RespondToAuthChallenge' {Maybe UserContextDataType
userContextData :: Maybe UserContextDataType
$sel:userContextData:RespondToAuthChallenge' :: RespondToAuthChallenge -> Maybe UserContextDataType
userContextData} -> Maybe UserContextDataType
userContextData) (\s :: RespondToAuthChallenge
s@RespondToAuthChallenge' {} Maybe UserContextDataType
a -> RespondToAuthChallenge
s {$sel:userContextData:RespondToAuthChallenge' :: Maybe UserContextDataType
userContextData = Maybe UserContextDataType
a} :: RespondToAuthChallenge)

-- | The session which should be passed both ways in challenge-response calls
-- to the service. If @InitiateAuth@ or @RespondToAuthChallenge@ API call
-- determines that the caller needs to go through another challenge, they
-- return a session with other challenge parameters. This session should be
-- passed as it is to the next @RespondToAuthChallenge@ API call.
respondToAuthChallenge_session :: Lens.Lens' RespondToAuthChallenge (Prelude.Maybe Prelude.Text)
respondToAuthChallenge_session :: (Maybe Text -> f (Maybe Text))
-> RespondToAuthChallenge -> f RespondToAuthChallenge
respondToAuthChallenge_session = (RespondToAuthChallenge -> Maybe Text)
-> (RespondToAuthChallenge -> Maybe Text -> RespondToAuthChallenge)
-> Lens
     RespondToAuthChallenge
     RespondToAuthChallenge
     (Maybe Text)
     (Maybe Text)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RespondToAuthChallenge' {Maybe Text
session :: Maybe Text
$sel:session:RespondToAuthChallenge' :: RespondToAuthChallenge -> Maybe Text
session} -> Maybe Text
session) (\s :: RespondToAuthChallenge
s@RespondToAuthChallenge' {} Maybe Text
a -> RespondToAuthChallenge
s {$sel:session:RespondToAuthChallenge' :: Maybe Text
session = Maybe Text
a} :: RespondToAuthChallenge)

-- | The app client ID.
respondToAuthChallenge_clientId :: Lens.Lens' RespondToAuthChallenge Prelude.Text
respondToAuthChallenge_clientId :: (Text -> f Text)
-> RespondToAuthChallenge -> f RespondToAuthChallenge
respondToAuthChallenge_clientId = (RespondToAuthChallenge -> Sensitive Text)
-> (RespondToAuthChallenge
    -> Sensitive Text -> RespondToAuthChallenge)
-> Lens
     RespondToAuthChallenge
     RespondToAuthChallenge
     (Sensitive Text)
     (Sensitive Text)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RespondToAuthChallenge' {Sensitive Text
clientId :: Sensitive Text
$sel:clientId:RespondToAuthChallenge' :: RespondToAuthChallenge -> Sensitive Text
clientId} -> Sensitive Text
clientId) (\s :: RespondToAuthChallenge
s@RespondToAuthChallenge' {} Sensitive Text
a -> RespondToAuthChallenge
s {$sel:clientId:RespondToAuthChallenge' :: Sensitive Text
clientId = Sensitive Text
a} :: RespondToAuthChallenge) ((Sensitive Text -> f (Sensitive Text))
 -> RespondToAuthChallenge -> f RespondToAuthChallenge)
-> ((Text -> f Text) -> Sensitive Text -> f (Sensitive Text))
-> (Text -> f Text)
-> RespondToAuthChallenge
-> f RespondToAuthChallenge
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. (Text -> f Text) -> Sensitive Text -> f (Sensitive Text)
forall a. Iso' (Sensitive a) a
Core._Sensitive

-- | The challenge name. For more information, see
-- <https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html InitiateAuth>.
--
-- @ADMIN_NO_SRP_AUTH@ is not a valid value.
respondToAuthChallenge_challengeName :: Lens.Lens' RespondToAuthChallenge ChallengeNameType
respondToAuthChallenge_challengeName :: (ChallengeNameType -> f ChallengeNameType)
-> RespondToAuthChallenge -> f RespondToAuthChallenge
respondToAuthChallenge_challengeName = (RespondToAuthChallenge -> ChallengeNameType)
-> (RespondToAuthChallenge
    -> ChallengeNameType -> RespondToAuthChallenge)
-> Lens
     RespondToAuthChallenge
     RespondToAuthChallenge
     ChallengeNameType
     ChallengeNameType
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RespondToAuthChallenge' {ChallengeNameType
challengeName :: ChallengeNameType
$sel:challengeName:RespondToAuthChallenge' :: RespondToAuthChallenge -> ChallengeNameType
challengeName} -> ChallengeNameType
challengeName) (\s :: RespondToAuthChallenge
s@RespondToAuthChallenge' {} ChallengeNameType
a -> RespondToAuthChallenge
s {$sel:challengeName:RespondToAuthChallenge' :: ChallengeNameType
challengeName = ChallengeNameType
a} :: RespondToAuthChallenge)

instance Core.AWSRequest RespondToAuthChallenge where
  type
    AWSResponse RespondToAuthChallenge =
      RespondToAuthChallengeResponse
  request :: RespondToAuthChallenge -> Request RespondToAuthChallenge
request = Service -> RespondToAuthChallenge -> Request RespondToAuthChallenge
forall a. (ToRequest a, ToJSON a) => Service -> a -> Request a
Request.postJSON Service
defaultService
  response :: Logger
-> Service
-> Proxy RespondToAuthChallenge
-> ClientResponse ClientBody
-> m (Either
        Error (ClientResponse (AWSResponse RespondToAuthChallenge)))
response =
    (Int
 -> ResponseHeaders
 -> Object
 -> Either String (AWSResponse RespondToAuthChallenge))
-> Logger
-> Service
-> Proxy RespondToAuthChallenge
-> ClientResponse ClientBody
-> m (Either
        Error (ClientResponse (AWSResponse RespondToAuthChallenge)))
forall (m :: * -> *) a.
MonadResource m =>
(Int -> ResponseHeaders -> Object -> Either String (AWSResponse a))
-> Logger
-> Service
-> Proxy a
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse a)))
Response.receiveJSON
      ( \Int
s ResponseHeaders
h Object
x ->
          Maybe ChallengeNameType
-> Maybe (HashMap Text Text)
-> Maybe AuthenticationResultType
-> Maybe Text
-> Int
-> RespondToAuthChallengeResponse
RespondToAuthChallengeResponse'
            (Maybe ChallengeNameType
 -> Maybe (HashMap Text Text)
 -> Maybe AuthenticationResultType
 -> Maybe Text
 -> Int
 -> RespondToAuthChallengeResponse)
-> Either String (Maybe ChallengeNameType)
-> Either
     String
     (Maybe (HashMap Text Text)
      -> Maybe AuthenticationResultType
      -> Maybe Text
      -> Int
      -> RespondToAuthChallengeResponse)
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x Object -> Text -> Either String (Maybe ChallengeNameType)
forall a. FromJSON a => Object -> Text -> Either String (Maybe a)
Core..?> Text
"ChallengeName")
            Either
  String
  (Maybe (HashMap Text Text)
   -> Maybe AuthenticationResultType
   -> Maybe Text
   -> Int
   -> RespondToAuthChallengeResponse)
-> Either String (Maybe (HashMap Text Text))
-> Either
     String
     (Maybe AuthenticationResultType
      -> Maybe Text -> Int -> RespondToAuthChallengeResponse)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ( Object
x Object -> Text -> Either String (Maybe (Maybe (HashMap Text Text)))
forall a. FromJSON a => Object -> Text -> Either String (Maybe a)
Core..?> Text
"ChallengeParameters"
                            Either String (Maybe (Maybe (HashMap Text Text)))
-> Maybe (HashMap Text Text)
-> Either String (Maybe (HashMap Text Text))
forall (f :: * -> *) a. Functor f => f (Maybe a) -> a -> f a
Core..!@ Maybe (HashMap Text Text)
forall a. Monoid a => a
Prelude.mempty
                        )
            Either
  String
  (Maybe AuthenticationResultType
   -> Maybe Text -> Int -> RespondToAuthChallengeResponse)
-> Either String (Maybe AuthenticationResultType)
-> Either
     String (Maybe Text -> Int -> RespondToAuthChallengeResponse)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Either String (Maybe AuthenticationResultType)
forall a. FromJSON a => Object -> Text -> Either String (Maybe a)
Core..?> Text
"AuthenticationResult")
            Either String (Maybe Text -> Int -> RespondToAuthChallengeResponse)
-> Either String (Maybe Text)
-> Either String (Int -> RespondToAuthChallengeResponse)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Either String (Maybe Text)
forall a. FromJSON a => Object -> Text -> Either String (Maybe a)
Core..?> Text
"Session")
            Either String (Int -> RespondToAuthChallengeResponse)
-> Either String Int
-> Either String RespondToAuthChallengeResponse
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Int -> Either String Int
forall (f :: * -> *) a. Applicative f => a -> f a
Prelude.pure (Int -> Int
forall a. Enum a => a -> Int
Prelude.fromEnum Int
s))
      )

instance Prelude.Hashable RespondToAuthChallenge

instance Prelude.NFData RespondToAuthChallenge

instance Core.ToHeaders RespondToAuthChallenge where
  toHeaders :: RespondToAuthChallenge -> ResponseHeaders
toHeaders =
    ResponseHeaders -> RespondToAuthChallenge -> ResponseHeaders
forall a b. a -> b -> a
Prelude.const
      ( [ResponseHeaders] -> ResponseHeaders
forall a. Monoid a => [a] -> a
Prelude.mconcat
          [ HeaderName
"X-Amz-Target"
              HeaderName -> ByteString -> ResponseHeaders
forall a. ToHeader a => HeaderName -> a -> ResponseHeaders
Core.=# ( ByteString
"AWSCognitoIdentityProviderService.RespondToAuthChallenge" ::
                          Prelude.ByteString
                      ),
            HeaderName
"Content-Type"
              HeaderName -> ByteString -> ResponseHeaders
forall a. ToHeader a => HeaderName -> a -> ResponseHeaders
Core.=# ( ByteString
"application/x-amz-json-1.1" ::
                          Prelude.ByteString
                      )
          ]
      )

instance Core.ToJSON RespondToAuthChallenge where
  toJSON :: RespondToAuthChallenge -> Value
toJSON RespondToAuthChallenge' {Maybe Text
Maybe (HashMap Text Text)
Maybe AnalyticsMetadataType
Maybe UserContextDataType
Sensitive Text
ChallengeNameType
challengeName :: ChallengeNameType
clientId :: Sensitive Text
session :: Maybe Text
userContextData :: Maybe UserContextDataType
challengeResponses :: Maybe (HashMap Text Text)
analyticsMetadata :: Maybe AnalyticsMetadataType
clientMetadata :: Maybe (HashMap Text Text)
$sel:challengeName:RespondToAuthChallenge' :: RespondToAuthChallenge -> ChallengeNameType
$sel:clientId:RespondToAuthChallenge' :: RespondToAuthChallenge -> Sensitive Text
$sel:session:RespondToAuthChallenge' :: RespondToAuthChallenge -> Maybe Text
$sel:userContextData:RespondToAuthChallenge' :: RespondToAuthChallenge -> Maybe UserContextDataType
$sel:challengeResponses:RespondToAuthChallenge' :: RespondToAuthChallenge -> Maybe (HashMap Text Text)
$sel:analyticsMetadata:RespondToAuthChallenge' :: RespondToAuthChallenge -> Maybe AnalyticsMetadataType
$sel:clientMetadata:RespondToAuthChallenge' :: RespondToAuthChallenge -> Maybe (HashMap Text Text)
..} =
    [Pair] -> Value
Core.object
      ( [Maybe Pair] -> [Pair]
forall a. [Maybe a] -> [a]
Prelude.catMaybes
          [ (Text
"ClientMetadata" Text -> HashMap Text Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (HashMap Text Text -> Pair)
-> Maybe (HashMap Text Text) -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe (HashMap Text Text)
clientMetadata,
            (Text
"AnalyticsMetadata" Text -> AnalyticsMetadataType -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (AnalyticsMetadataType -> Pair)
-> Maybe AnalyticsMetadataType -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe AnalyticsMetadataType
analyticsMetadata,
            (Text
"ChallengeResponses" Text -> HashMap Text Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (HashMap Text Text -> Pair)
-> Maybe (HashMap Text Text) -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe (HashMap Text Text)
challengeResponses,
            (Text
"UserContextData" Text -> UserContextDataType -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (UserContextDataType -> Pair)
-> Maybe UserContextDataType -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe UserContextDataType
userContextData,
            (Text
"Session" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=) (Text -> Pair) -> Maybe Text -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe Text
session,
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"ClientId" Text -> Sensitive Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Sensitive Text
clientId),
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just
              (Text
"ChallengeName" Text -> ChallengeNameType -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= ChallengeNameType
challengeName)
          ]
      )

instance Core.ToPath RespondToAuthChallenge where
  toPath :: RespondToAuthChallenge -> ByteString
toPath = ByteString -> RespondToAuthChallenge -> ByteString
forall a b. a -> b -> a
Prelude.const ByteString
"/"

instance Core.ToQuery RespondToAuthChallenge where
  toQuery :: RespondToAuthChallenge -> QueryString
toQuery = QueryString -> RespondToAuthChallenge -> QueryString
forall a b. a -> b -> a
Prelude.const QueryString
forall a. Monoid a => a
Prelude.mempty

-- | The response to respond to the authentication challenge.
--
-- /See:/ 'newRespondToAuthChallengeResponse' smart constructor.
data RespondToAuthChallengeResponse = RespondToAuthChallengeResponse'
  { -- | The challenge name. For more information, see
    -- <https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html InitiateAuth>.
    RespondToAuthChallengeResponse -> Maybe ChallengeNameType
challengeName :: Prelude.Maybe ChallengeNameType,
    -- | The challenge parameters. For more information, see
    -- <https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html InitiateAuth>.
    RespondToAuthChallengeResponse -> Maybe (HashMap Text Text)
challengeParameters :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
    -- | The result returned by the server in response to the request to respond
    -- to the authentication challenge.
    RespondToAuthChallengeResponse -> Maybe AuthenticationResultType
authenticationResult :: Prelude.Maybe AuthenticationResultType,
    -- | The session which should be passed both ways in challenge-response calls
    -- to the service. If the caller needs to go through another challenge,
    -- they return a session with other challenge parameters. This session
    -- should be passed as it is to the next @RespondToAuthChallenge@ API call.
    RespondToAuthChallengeResponse -> Maybe Text
session :: Prelude.Maybe Prelude.Text,
    -- | The response's http status code.
    RespondToAuthChallengeResponse -> Int
httpStatus :: Prelude.Int
  }
  deriving (RespondToAuthChallengeResponse
-> RespondToAuthChallengeResponse -> Bool
(RespondToAuthChallengeResponse
 -> RespondToAuthChallengeResponse -> Bool)
-> (RespondToAuthChallengeResponse
    -> RespondToAuthChallengeResponse -> Bool)
-> Eq RespondToAuthChallengeResponse
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: RespondToAuthChallengeResponse
-> RespondToAuthChallengeResponse -> Bool
$c/= :: RespondToAuthChallengeResponse
-> RespondToAuthChallengeResponse -> Bool
== :: RespondToAuthChallengeResponse
-> RespondToAuthChallengeResponse -> Bool
$c== :: RespondToAuthChallengeResponse
-> RespondToAuthChallengeResponse -> Bool
Prelude.Eq, Int -> RespondToAuthChallengeResponse -> ShowS
[RespondToAuthChallengeResponse] -> ShowS
RespondToAuthChallengeResponse -> String
(Int -> RespondToAuthChallengeResponse -> ShowS)
-> (RespondToAuthChallengeResponse -> String)
-> ([RespondToAuthChallengeResponse] -> ShowS)
-> Show RespondToAuthChallengeResponse
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [RespondToAuthChallengeResponse] -> ShowS
$cshowList :: [RespondToAuthChallengeResponse] -> ShowS
show :: RespondToAuthChallengeResponse -> String
$cshow :: RespondToAuthChallengeResponse -> String
showsPrec :: Int -> RespondToAuthChallengeResponse -> ShowS
$cshowsPrec :: Int -> RespondToAuthChallengeResponse -> ShowS
Prelude.Show, (forall x.
 RespondToAuthChallengeResponse
 -> Rep RespondToAuthChallengeResponse x)
-> (forall x.
    Rep RespondToAuthChallengeResponse x
    -> RespondToAuthChallengeResponse)
-> Generic RespondToAuthChallengeResponse
forall x.
Rep RespondToAuthChallengeResponse x
-> RespondToAuthChallengeResponse
forall x.
RespondToAuthChallengeResponse
-> Rep RespondToAuthChallengeResponse x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep RespondToAuthChallengeResponse x
-> RespondToAuthChallengeResponse
$cfrom :: forall x.
RespondToAuthChallengeResponse
-> Rep RespondToAuthChallengeResponse x
Prelude.Generic)

-- |
-- Create a value of 'RespondToAuthChallengeResponse' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'challengeName', 'respondToAuthChallengeResponse_challengeName' - The challenge name. For more information, see
-- <https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html InitiateAuth>.
--
-- 'challengeParameters', 'respondToAuthChallengeResponse_challengeParameters' - The challenge parameters. For more information, see
-- <https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html InitiateAuth>.
--
-- 'authenticationResult', 'respondToAuthChallengeResponse_authenticationResult' - The result returned by the server in response to the request to respond
-- to the authentication challenge.
--
-- 'session', 'respondToAuthChallengeResponse_session' - The session which should be passed both ways in challenge-response calls
-- to the service. If the caller needs to go through another challenge,
-- they return a session with other challenge parameters. This session
-- should be passed as it is to the next @RespondToAuthChallenge@ API call.
--
-- 'httpStatus', 'respondToAuthChallengeResponse_httpStatus' - The response's http status code.
newRespondToAuthChallengeResponse ::
  -- | 'httpStatus'
  Prelude.Int ->
  RespondToAuthChallengeResponse
newRespondToAuthChallengeResponse :: Int -> RespondToAuthChallengeResponse
newRespondToAuthChallengeResponse Int
pHttpStatus_ =
  RespondToAuthChallengeResponse' :: Maybe ChallengeNameType
-> Maybe (HashMap Text Text)
-> Maybe AuthenticationResultType
-> Maybe Text
-> Int
-> RespondToAuthChallengeResponse
RespondToAuthChallengeResponse'
    { $sel:challengeName:RespondToAuthChallengeResponse' :: Maybe ChallengeNameType
challengeName =
        Maybe ChallengeNameType
forall a. Maybe a
Prelude.Nothing,
      $sel:challengeParameters:RespondToAuthChallengeResponse' :: Maybe (HashMap Text Text)
challengeParameters = Maybe (HashMap Text Text)
forall a. Maybe a
Prelude.Nothing,
      $sel:authenticationResult:RespondToAuthChallengeResponse' :: Maybe AuthenticationResultType
authenticationResult = Maybe AuthenticationResultType
forall a. Maybe a
Prelude.Nothing,
      $sel:session:RespondToAuthChallengeResponse' :: Maybe Text
session = Maybe Text
forall a. Maybe a
Prelude.Nothing,
      $sel:httpStatus:RespondToAuthChallengeResponse' :: Int
httpStatus = Int
pHttpStatus_
    }

-- | The challenge name. For more information, see
-- <https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html InitiateAuth>.
respondToAuthChallengeResponse_challengeName :: Lens.Lens' RespondToAuthChallengeResponse (Prelude.Maybe ChallengeNameType)
respondToAuthChallengeResponse_challengeName :: (Maybe ChallengeNameType -> f (Maybe ChallengeNameType))
-> RespondToAuthChallengeResponse
-> f RespondToAuthChallengeResponse
respondToAuthChallengeResponse_challengeName = (RespondToAuthChallengeResponse -> Maybe ChallengeNameType)
-> (RespondToAuthChallengeResponse
    -> Maybe ChallengeNameType -> RespondToAuthChallengeResponse)
-> Lens
     RespondToAuthChallengeResponse
     RespondToAuthChallengeResponse
     (Maybe ChallengeNameType)
     (Maybe ChallengeNameType)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RespondToAuthChallengeResponse' {Maybe ChallengeNameType
challengeName :: Maybe ChallengeNameType
$sel:challengeName:RespondToAuthChallengeResponse' :: RespondToAuthChallengeResponse -> Maybe ChallengeNameType
challengeName} -> Maybe ChallengeNameType
challengeName) (\s :: RespondToAuthChallengeResponse
s@RespondToAuthChallengeResponse' {} Maybe ChallengeNameType
a -> RespondToAuthChallengeResponse
s {$sel:challengeName:RespondToAuthChallengeResponse' :: Maybe ChallengeNameType
challengeName = Maybe ChallengeNameType
a} :: RespondToAuthChallengeResponse)

-- | The challenge parameters. For more information, see
-- <https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html InitiateAuth>.
respondToAuthChallengeResponse_challengeParameters :: Lens.Lens' RespondToAuthChallengeResponse (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
respondToAuthChallengeResponse_challengeParameters :: (Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
-> RespondToAuthChallengeResponse
-> f RespondToAuthChallengeResponse
respondToAuthChallengeResponse_challengeParameters = (RespondToAuthChallengeResponse -> Maybe (HashMap Text Text))
-> (RespondToAuthChallengeResponse
    -> Maybe (HashMap Text Text) -> RespondToAuthChallengeResponse)
-> Lens
     RespondToAuthChallengeResponse
     RespondToAuthChallengeResponse
     (Maybe (HashMap Text Text))
     (Maybe (HashMap Text Text))
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RespondToAuthChallengeResponse' {Maybe (HashMap Text Text)
challengeParameters :: Maybe (HashMap Text Text)
$sel:challengeParameters:RespondToAuthChallengeResponse' :: RespondToAuthChallengeResponse -> Maybe (HashMap Text Text)
challengeParameters} -> Maybe (HashMap Text Text)
challengeParameters) (\s :: RespondToAuthChallengeResponse
s@RespondToAuthChallengeResponse' {} Maybe (HashMap Text Text)
a -> RespondToAuthChallengeResponse
s {$sel:challengeParameters:RespondToAuthChallengeResponse' :: Maybe (HashMap Text Text)
challengeParameters = Maybe (HashMap Text Text)
a} :: RespondToAuthChallengeResponse) ((Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
 -> RespondToAuthChallengeResponse
 -> f RespondToAuthChallengeResponse)
-> ((Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
    -> Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
-> (Maybe (HashMap Text Text) -> f (Maybe (HashMap Text Text)))
-> RespondToAuthChallengeResponse
-> f RespondToAuthChallengeResponse
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. AnIso
  (HashMap Text Text)
  (HashMap Text Text)
  (HashMap Text Text)
  (HashMap Text Text)
-> Iso
     (Maybe (HashMap Text Text))
     (Maybe (HashMap Text Text))
     (Maybe (HashMap Text Text))
     (Maybe (HashMap Text Text))
forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping AnIso
  (HashMap Text Text)
  (HashMap Text Text)
  (HashMap Text Text)
  (HashMap Text Text)
forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | The result returned by the server in response to the request to respond
-- to the authentication challenge.
respondToAuthChallengeResponse_authenticationResult :: Lens.Lens' RespondToAuthChallengeResponse (Prelude.Maybe AuthenticationResultType)
respondToAuthChallengeResponse_authenticationResult :: (Maybe AuthenticationResultType
 -> f (Maybe AuthenticationResultType))
-> RespondToAuthChallengeResponse
-> f RespondToAuthChallengeResponse
respondToAuthChallengeResponse_authenticationResult = (RespondToAuthChallengeResponse -> Maybe AuthenticationResultType)
-> (RespondToAuthChallengeResponse
    -> Maybe AuthenticationResultType
    -> RespondToAuthChallengeResponse)
-> Lens
     RespondToAuthChallengeResponse
     RespondToAuthChallengeResponse
     (Maybe AuthenticationResultType)
     (Maybe AuthenticationResultType)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RespondToAuthChallengeResponse' {Maybe AuthenticationResultType
authenticationResult :: Maybe AuthenticationResultType
$sel:authenticationResult:RespondToAuthChallengeResponse' :: RespondToAuthChallengeResponse -> Maybe AuthenticationResultType
authenticationResult} -> Maybe AuthenticationResultType
authenticationResult) (\s :: RespondToAuthChallengeResponse
s@RespondToAuthChallengeResponse' {} Maybe AuthenticationResultType
a -> RespondToAuthChallengeResponse
s {$sel:authenticationResult:RespondToAuthChallengeResponse' :: Maybe AuthenticationResultType
authenticationResult = Maybe AuthenticationResultType
a} :: RespondToAuthChallengeResponse)

-- | The session which should be passed both ways in challenge-response calls
-- to the service. If the caller needs to go through another challenge,
-- they return a session with other challenge parameters. This session
-- should be passed as it is to the next @RespondToAuthChallenge@ API call.
respondToAuthChallengeResponse_session :: Lens.Lens' RespondToAuthChallengeResponse (Prelude.Maybe Prelude.Text)
respondToAuthChallengeResponse_session :: (Maybe Text -> f (Maybe Text))
-> RespondToAuthChallengeResponse
-> f RespondToAuthChallengeResponse
respondToAuthChallengeResponse_session = (RespondToAuthChallengeResponse -> Maybe Text)
-> (RespondToAuthChallengeResponse
    -> Maybe Text -> RespondToAuthChallengeResponse)
-> Lens
     RespondToAuthChallengeResponse
     RespondToAuthChallengeResponse
     (Maybe Text)
     (Maybe Text)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RespondToAuthChallengeResponse' {Maybe Text
session :: Maybe Text
$sel:session:RespondToAuthChallengeResponse' :: RespondToAuthChallengeResponse -> Maybe Text
session} -> Maybe Text
session) (\s :: RespondToAuthChallengeResponse
s@RespondToAuthChallengeResponse' {} Maybe Text
a -> RespondToAuthChallengeResponse
s {$sel:session:RespondToAuthChallengeResponse' :: Maybe Text
session = Maybe Text
a} :: RespondToAuthChallengeResponse)

-- | The response's http status code.
respondToAuthChallengeResponse_httpStatus :: Lens.Lens' RespondToAuthChallengeResponse Prelude.Int
respondToAuthChallengeResponse_httpStatus :: (Int -> f Int)
-> RespondToAuthChallengeResponse
-> f RespondToAuthChallengeResponse
respondToAuthChallengeResponse_httpStatus = (RespondToAuthChallengeResponse -> Int)
-> (RespondToAuthChallengeResponse
    -> Int -> RespondToAuthChallengeResponse)
-> Lens
     RespondToAuthChallengeResponse
     RespondToAuthChallengeResponse
     Int
     Int
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RespondToAuthChallengeResponse' {Int
httpStatus :: Int
$sel:httpStatus:RespondToAuthChallengeResponse' :: RespondToAuthChallengeResponse -> Int
httpStatus} -> Int
httpStatus) (\s :: RespondToAuthChallengeResponse
s@RespondToAuthChallengeResponse' {} Int
a -> RespondToAuthChallengeResponse
s {$sel:httpStatus:RespondToAuthChallengeResponse' :: Int
httpStatus = Int
a} :: RespondToAuthChallengeResponse)

instance
  Prelude.NFData
    RespondToAuthChallengeResponse