用户身份池使用AmazonCognito-JavaSDK对用户进行身份验证
文档中似乎没有明确的方法来实现这一点。在创建了一个用户池,然后在Cognito中针对用户池创建了一个提供者之后,我该如何验证用户名和密码用户身份池使用AmazonCognito-JavaSDK对用户进行身份验证,java,amazon-cognito,Java,Amazon Cognito,文档中似乎没有明确的方法来实现这一点。在创建了一个用户池,然后在Cognito中针对用户池创建了一个提供者之后,我该如何验证用户名和密码 我发现了这一点,但看起来密码是在一个单独的数据库中管理的,而不是在Cognito中。我假设您使用的是Android移动SDK,并且您已经完成了所有设置。首先,您需要连接到用户池: CognitoUserPool userPool = new CognitoUserPool( context, userP
我发现了这一点,但看起来密码是在一个单独的数据库中管理的,而不是在Cognito中。我假设您使用的是Android移动SDK,并且您已经完成了所有设置。首先,您需要连接到用户池:
CognitoUserPool userPool = new CognitoUserPool(
context, userPoolId, clientId, clientSecret);
然后,选择要进行身份验证的用户:
CognitoUser user = userPool.getUser(userId);
然后,写下答案。当(如果)代码需要用户名和密码时,Cognito将调用您的代码,而不是您调用它
AuthenticationHandler handler = new AuthenticationHandler {
@Override
public void onSuccess(CognitoUserSession userSession) {
// Authentication was successful, the "userSession" will have the current valid tokens
}
@Override
public void getAuthenticationDetails(final AuthenticationContinuation continuation, final String userID) {
// User authentication details, userId and password are required to continue.
// Use the "continuation" object to pass the user authentication details
// After the user authentication details are available, wrap them in an AuthenticationDetails class
// Along with userId and password, parameters for user pools for Lambda can be passed here
// The validation parameters "validationParameters" are passed in as a Map<String, String>
AuthenticationDetails authDetails = new AuthenticationDetails(userId, password, validationParameters);
// Now allow the authentication to continue
continuation.setAuthenticationDetails(authDetails);
continuation.continueTask();
}
/* Handle 2FA, challenges, etc as needed */
};
如果一切顺利,您现在应该有一个带有有效令牌的会话
此示例基于,其中也有注册新用户、注销等示例。我假设您使用的是Android移动SDK,并且您已经完成了所有设置。首先,您需要连接到用户池:
CognitoUserPool userPool = new CognitoUserPool(
context, userPoolId, clientId, clientSecret);
然后,选择要进行身份验证的用户:
CognitoUser user = userPool.getUser(userId);
然后,写下答案。当(如果)代码需要用户名和密码时,Cognito将调用您的代码,而不是您调用它
AuthenticationHandler handler = new AuthenticationHandler {
@Override
public void onSuccess(CognitoUserSession userSession) {
// Authentication was successful, the "userSession" will have the current valid tokens
}
@Override
public void getAuthenticationDetails(final AuthenticationContinuation continuation, final String userID) {
// User authentication details, userId and password are required to continue.
// Use the "continuation" object to pass the user authentication details
// After the user authentication details are available, wrap them in an AuthenticationDetails class
// Along with userId and password, parameters for user pools for Lambda can be passed here
// The validation parameters "validationParameters" are passed in as a Map<String, String>
AuthenticationDetails authDetails = new AuthenticationDetails(userId, password, validationParameters);
// Now allow the authentication to continue
continuation.setAuthenticationDetails(authDetails);
continuation.continueTask();
}
/* Handle 2FA, challenges, etc as needed */
};
如果一切顺利,您现在应该有一个带有有效令牌的会话
此示例基于,其中还包含注册新用户、注销等示例。如果您有用户池,则应针对用户池进行身份验证。看 对于后端,您可以使用如下内容:
Map<String, String> params = new HashMap<>();
params.put("USERNAME", userId);
params.put("SECRET_HASH", calculateSecretHash(userId));
params.put("PASSWORD", rawPassword);
AdminInitiateAuthRequest request = new AdminInitiateAuthRequest()
.withUserPoolId("YOUR_USER_POOL_ID")
.withClientId("YOUR_USER_POOL_APP_CLIENT_ID")
.withAuthFlow(AuthFlowType.ADMIN_NO_SRP_AUTH)
.withAuthParameters(params);
AWSCognitoIdentityProvider identityProvider = AWSCognitoIdentityProviderClientBuilder.standard()
.withCredentials(credentialsProvider)
.withRegion(Regions.US_WEST_2)
.build();
AdminInitiateAuthResult result = identityProvider.adminInitiateAuth(request);
如果计划跨提供者聚合身份,则只需要联邦身份池。在这种情况下,您仍然需要对用户池进行身份验证,并对标识池使用经过身份验证的用户id。如果您有用户池,则应针对用户池进行身份验证。看 对于后端,您可以使用如下内容:
Map<String, String> params = new HashMap<>();
params.put("USERNAME", userId);
params.put("SECRET_HASH", calculateSecretHash(userId));
params.put("PASSWORD", rawPassword);
AdminInitiateAuthRequest request = new AdminInitiateAuthRequest()
.withUserPoolId("YOUR_USER_POOL_ID")
.withClientId("YOUR_USER_POOL_APP_CLIENT_ID")
.withAuthFlow(AuthFlowType.ADMIN_NO_SRP_AUTH)
.withAuthParameters(params);
AWSCognitoIdentityProvider identityProvider = AWSCognitoIdentityProviderClientBuilder.standard()
.withCredentials(credentialsProvider)
.withRegion(Regions.US_WEST_2)
.build();
AdminInitiateAuthResult result = identityProvider.adminInitiateAuth(request);
如果计划跨提供者聚合身份,则只需要联邦身份池。在这种情况下,您仍然需要对用户池进行身份验证,并对标识池使用经过身份验证的用户id。对不起,我没有使用Mobile SDK。我正在使用Java SDK。似乎出于某种原因,移动SDK提供了比Java SDK更容易理解的API…对不起,我没有使用移动SDK。我正在使用Java SDK。似乎出于某种原因,移动SDK提供了比Java SDK更容易理解的API。。。