Android Cognito与SAML（O365）

我正试图通过android应用程序将SAML与Amazon Cognito集成。我跟踪了101apps.co.za发布的一系列YouTube视频，通过托管用户界面（使用文档中提供的链接格式）和简单的android应用程序，我成功地在Cognoto控制台上验证了一个手动创建的用户

在我的场景中，我应该使用Office 365电子邮件id和密码对用户进行身份验证，因为这是一个公司环境。 我确实关注了一篇文章，我成功地使用Office 365登录了该文章。 链接- 我能够使用Cognito生成的UI轻松登录。请参阅下图

唯一的问题是，我无法在我的Android应用程序上使用它。下面是我得到的错误

Login failed User does not exist. (Service: AmazonCognitoIdentityProvider; Status Code: 400; Error Code: UserNotFoundException; Request ID: 3cd1e93e-d118-11e8-af77-098f4bda99f1)

下面是我简单的Android应用程序的代码，它有两个文本框，分别是用户名、密码和一个登录按钮。这是在我前面提到的YouTube上的教程系列之后实现的

package com.midassafety.chulankumara.googleauthentication;

import android.support.v7.app.AppCompatActivity;
import android.os.Bundle;
import android.util.Log;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import android.widget.TextView;

import com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoDevice;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUserSession;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.AuthenticationContinuation;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.AuthenticationDetails;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.ChallengeContinuation;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.MultiFactorAuthenticationContinuation;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.handlers.AuthenticationHandler;

import org.w3c.dom.Text;

public class LoginActivity extends AppCompatActivity {

    private static final String TAG = "Cognito";

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_login);

        final EditText editTextUsername = findViewById(R.id.username);
        final EditText editTextPassword = findViewById(R.id.password);

        final AuthenticationHandler authenticationHandler = new AuthenticationHandler() {
            @Override
            public void onSuccess(CognitoUserSession cognitoUserSession, CognitoDevice cognitoDevice) {
                Log.i(TAG, "Login successfull, can get tokens here");
                cognitoUserSession.getIdToken();
            }

            @Override
            public void getAuthenticationDetails(AuthenticationContinuation authenticationContinuation, String userId) {
                Log.i(TAG, "Login getAuthenticationDetails()...");

                /*need to get the userId & password to continue*/
                AuthenticationDetails authenticationDetails = new AuthenticationDetails(userId, String.valueOf(editTextPassword.getText()), null);

                // Pass the user sign-in credentials to the continuation
                authenticationContinuation.setAuthenticationDetails(authenticationDetails);

                // Allow this sign-in to continue
                authenticationContinuation.continueTask();
            }

            @Override
            public void getMFACode(MultiFactorAuthenticationContinuation multiFactorAuthenticationContinuation) {
                Log.i(TAG, "Login getMFACode()...");
            }

            @Override
            public void authenticationChallenge(ChallengeContinuation challengeContinuation) {
                Log.i(TAG, "Login authenticationChallenge()...");
            }

            @Override
            public void onFailure(Exception e) {
                Log.i(TAG,"Login failed " + e.getLocalizedMessage());
            }
        };

        Button buttonLogin = findViewById(R.id.login);
        buttonLogin.setOnClickListener(new View.OnClickListener() {
            @Override
            public void onClick(View v) {
                CognitoSettings cognitoSettings = new CognitoSettings(LoginActivity.this);

                CognitoUser thisUser = cognitoSettings.getUserPool().getUser(String.valueOf(editTextUsername.getText()));

                Log.i(TAG,"Login button clicked....");

                thisUser.getSessionInBackground(authenticationHandler);
            }
        });
    }
}

这是处理基本设置的CognitoSettings.java类

package com.midassafety.chulankumara.googleauthentication;

import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.os.Bundle;
import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import android.support.v7.app.AppCompatActivity;
import android.util.Log;
import android.view.Gravity;
import android.view.View;
import android.widget.Button;
import android.widget.TextView;
import android.widget.Toast;

import com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUserPool;
import com.amazonaws.regions.Regions;

public class CognitoSettings  {
    private String userPoolId = "ap-southeast-1_######";
    private String clientId = "#############";
    private String clientSecret = "************************redacted********************";
    private Regions cognitoRegion = Regions.AP_SOUTHEAST_1;

    private Context context;

    public CognitoSettings(Context context){
        this.context = context;
    }

    public String getUserPoolId(){
        return userPoolId;
    }

    public String getClientId(){
        return clientId;
    }

    public String getClientSecret() {
        return clientSecret;
    }

    public Regions getCognitoRegion() {
        return cognitoRegion;
    }

    public CognitoUserPool getUserPool(){
        return new CognitoUserPool(context, userPoolId, clientId, clientSecret, cognitoRegion);
    }
}

我检查UserPool并查看我创建的SAML标识提供程序的自动生成组

我上网浏览了一整天，但运气不好

我做错了什么，或者我应该做些什么来验证使用SAML和O365的用户

---

请帮忙

我可以问一下，这种方法是否允许来自任何365租户的用户进行身份验证，还是只针对您的365租户？实际上，现在我不再在这里工作了。就在我离开之前，有人给了我这个任务。因此，请回答您的问题：不，只要您按照AWS网站上的文档配置设置，这将适用于任何365租户。您必须从Microsoft office端进行一些配置。我的问题是移动应用程序，而不是工作完美的web应用程序。我必须再回到这个问题上来。