基于 Java 的 AWS Cognito 预注册 Lambda 触发器:自动确认用户并验证 email
[英]Java-based AWS Cognito Pre-Sign-up Lambda Trigger: Automatically confirm user and validate email
问题描述
I am developing a Java-based AWS Cognito Pre-Sign-up Lambda trigger to automatically confirm the user and set their email as verified.
我正在开发一个基于 Java 的 AWS Cognito Pre-Sign-up Lambda 触发器来自动确认用户并将他们的 email 设置为已验证。
Per the AWS documentation , "Amazon Cognito passes event information to your Lambda function. The function then returns the same event object back to Amazon Cognito, with any changes in the response." Per the AWS documentation , "Amazon Cognito passes event information to your Lambda function. The function then returns the same event object back to Amazon Cognito, with any changes in the response." I've seen documentation (and numerous StackOverflow discussions) about how "autoConfirmUser" and "autoVerifyEmail" should be used in a Pre-Sign-up Lambda response;我看过有关如何在注册前 Lambda 响应中使用“autoConfirmUser”和“autoVerifyEmail”的文档(以及大量 StackOverflow 讨论); examples are even provided for Node.js and Python.甚至还为 Node.js 和 Python 提供了示例。
While it seems straightforward to do similar in Java, I am apparently not returning the expected response and my users are being created without being automagically confirmed and email verified.虽然在 Java 中做类似的事情似乎很简单,但我显然没有返回预期的响应,并且我的用户是在没有自动确认和 email 验证的情况下创建的。
With the Function registered and set as the Pre sign-up trigger on my Cognito User Pool, l can see my Lambda is invoked each time a user is created (such as through the admin console using "Create User").将 Function 注册并设置为我的 Cognito 用户池上的注册前触发器后,我可以看到每次创建用户时都会调用我的 Lambda(例如通过管理控制台使用“创建用户”)。 Logging the request coming into the Lambda, the request is:记录进入 Lambda 的请求,请求是:
{
version = 1, region = us - east - 1, userPoolId = us - east - 1_1 IhOKuyug, userName = user@test.com, callerContext = {
awsSdkVersion = aws - sdk - unknown - unknown,
clientId = CLIENT_ID_NOT_APPLICABLE
}, triggerSource = PreSignUp_AdminCreateUser, request = {
userAttributes = {
phone_number = +15555555555,
email = user@test.com
},
validationData = null
}, response = {
autoConfirmUser = false,
autoVerifyEmail = false,
autoVerifyPhone = false
}
}
My Lambda is:我的 Lambda 是:
public class PreSignUpRequestHandler implements RequestHandler {
@Override
public Object handleRequest(Object requestObject, Context context) {
Map requestObjectMap = (Map) requestObject;
Map<String, Object> responseData = (Map) requestObjectMap.get("response");
responseData.put("autoConfirmUser", true);
responseData.put("autoVerifyEmail", true);
responseData.put("autoVerifyPhone", false);
Gson gson = new GsonBuilder().setPrettyPrinting().create();
String jsonResponse = gson.toJson(requestObject);
context.getLogger().log("Response JSON: " + jsonResponse);
return requestObject;
}
}
Using the AWS Cognito General Settings > Users and Group > Create user, the user is created but the account status is listed as "FORCE_CHANGE_PASSWORD" and the email verified is listed as "-".使用 AWS Cognito 常规设置 > 用户和组 > 创建用户,创建用户,但账户状态列为“FORCE_CHANGE_PASSWORD”,验证的 email 列为“-”。 A user created prior to the Lambda expression being assigned as the trigger that went through the confirmation/validation process has the account status listed as "CONFIRMED" and email verified listed as "true".在 Lambda 表达式被指定为通过确认/验证过程的触发器之前创建的用户具有列为“已确认”和 email 已验证列为“真”的帐户状态。
Looking at CloudWatch, the above Lambda produced:查看 CloudWatch,上面的 Lambda 产生:
Response JSON:
{
"version": "1",
"region": "us-east-1",
"userPoolId": "us-east-1_1IhOKuyRR",
"userName": "user@test.com",
"callerContext": {
"awsSdkVersion": "aws-sdk-unknown-unknown",
"clientId": "CLIENT_ID_NOT_APPLICABLE"
},
"triggerSource": "PreSignUp_AdminCreateUser",
"request": {
"userAttributes": {
"phone_number": "+5555555555",
"email": "user@test.com"
}
},
"response": {
"autoConfirmUser": true,
"autoVerifyEmail": true,
"autoVerifyPhone": false
}
}
Clearly, the user was created and the Lambda was fired.显然,创建了用户并解雇了 Lambda。 Yet, despite the Lambda returning "autoConfirmUser" and "autoVerifyEmail" as both true, the user was created without these response settings being applied.然而,尽管 Lambda 将“autoConfirmUser”和“autoVerifyEmail”都返回为 true,但在创建用户时并未应用这些响应设置。
What am I missing and what am I doing wrong?我错过了什么,我做错了什么?
1 个解决方案
解决方案1
0 2022-02-04 18:08:35
I was able to solve my issue.我能够解决我的问题。
The code sample above worked correctly with no changes.上面的代码示例正常工作,没有任何更改。
For others that encounter this issue (including my future self), the key piece of information was in a note in the documentation :对于遇到此问题的其他人(包括我未来的自己),关键信息位于文档中的注释中:
NOTE:
Response parameters autoVerifyPhone, autoVerifyEmail and autoConfirmUser are ignored by Amazon Cognito when the Pre Sign-up lambda is triggered by the AdminCreateUser API.
As all of my prior testing was performed in the Admin console, upon reading this I realized I should perform testing from my app.由于我之前的所有测试都是在管理控制台中执行的,因此在阅读本文后,我意识到我应该从我的应用程序中执行测试。 Sure enough, when testing from the app the Lambda worked as expected without modification.果然,当从应用程序测试时,Lambda 按预期工作,无需修改。
To summarize, when developing a Cognito Pre-Sign-up Lambda trigger the trigger will not produce the desired results (ie: a user confirmed with a verified email) when executed from the AWS admin console UI but will when executed from your application.总而言之,在开发 Cognito 预注册 Lambda 触发器时,触发器在从 AWS 管理控制台 UI 执行时不会产生所需的结果(即:用户通过已验证的电子邮件确认),但在从您的应用程序执行时会产生。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.