[英]How to get AccessToken or Session string in WinUI 3 application to initiate set up of AWS Cognito MFA
I am building WinUI 3 desktop app which uses AWS Cognito for user sign-up/sign-in and I came across a problem when trying to implement MFA set up after user creation.我正在构建 WinUI 3 桌面应用程序,它使用 AWS Cognito 进行用户注册/登录,在创建用户后尝试实施 MFA 设置时遇到了问题。
According to AWS documentation I need to call AssociateSoftwareToken
with AssociateSoftwareTokenRequest
parameter and its "Access Token" or "Session String" properties set to authorize the request:根据 AWS 文档,我需要使用
AssociateSoftwareTokenRequest
参数调用AssociateSoftwareToken
并设置其“访问令牌”或“会话字符串”属性来授权请求:
https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/CognitoIdentityProvider/MCognitoIdentityProviderAssociateSoftwareTokenAsyncAssociateSoftwareTokenRequestCancellationToken.html https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/CognitoIdentityProvider/MCognitoIdentityProviderAssociateSoftwareTokenAsyncAssociateSoftwareTokenRequestCancellationToken.html
https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/CognitoIdentityProvider/TAssociateSoftwareTokenRequest.html https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/CognitoIdentityProvider/TAssociateSoftwareTokenRequest.html
My question is - how can I get the AccessToken or Session string from my preceding sign-in request to then authorize AssociateSoftwareToken
in WinUi 3 desktop app?我的问题是 - 如何从我之前的登录请求中获取 AccessToken 或 Session 字符串,然后在 WinUi 3 桌面应用程序中授权
AssociateSoftwareToken
?
I've googled around and read AWS and MS docs but cannot find anything helpful in this regard.我搜索并阅读了 AWS 和 MS 文档,但在这方面找不到任何有用的信息。
My code snippets:我的代码片段:
try
{
AmazonCognitoIdentityProviderClient provider = new(new AnonymousAWSCredentials(), FallbackRegionFactory.GetRegionEndpoint())
CognitoUserPool cognitoUserPool = new(poolID, clientID, provider);
CognitoUser cognitoUser = new(username, clientID, cognitoUserPool, provider);
InitiateSrpAuthRequest authRequest = new()
{
Password = password
};
AuthFlowResponse authFlowResponse = await cognitoUser.StartWithSrpAuthAsync(authRequest).ConfigureAwait(false);
if (authFlowResponse.AuthenticationResult is null)
{
if (authFlowResponse.ChallengeName == ChallengeNameType.MFA_SETUP)
{
//At this point I need AccessToken or Session string to to call CognitoSetUpTOTPMFAAsync(string accessToken) to trigger MFA setup...
}
.
//remaining implementation
.
}
return ...
}
catch (Exception e)
{
return ...
}
try
{
AmazonCognitoIdentityProviderClient provider = new(new AnonymousAWSCredentials(), FallbackRegionFactory.GetRegionEndpoint());
AssociateSoftwareTokenRequest associateSoftwareTokenRequest = new()
{
AccessToken = accessToken,
Session = sessionString
};
AssociateSoftwareTokenResponse associateSoftwareTokenResponse = await provider.AssociateSoftwareTokenAsync(associateSoftwareTokenRequest);
.
//remaining implementation
.
return ...
}
catch (Exception)
{
return ...
}
Turns out the required "Session string" is returned after initial sign in request in AuthFlowResponse object as SessionID parameter.结果表明,在AuthFlowResponse对象中的初始登录请求后,作为SessionID参数返回了所需的“会话字符串”。 It is contained in each response from Cognito and can be used to supply with consecutive requests.
它包含在 Cognito 的每个响应中,可用于提供连续请求。
Adding this to my code:将此添加到我的代码中:
...
AuthFlowResponse authFlowResponse = await cognitoUser.StartWithSrpAuthAsync(authRequest);
var sessionId = authFlowResponse.SessionID;
...
Then provide sessionId
to MFA setup AssociateSoftwareTokenRequest
request:然后将
sessionId
提供给 MFA 设置AssociateSoftwareTokenRequest
请求:
...
AssociateSoftwareTokenRequest associateSoftwareTokenRequest = new()
{
Session = sessionId
};
AssociateSoftwareTokenResponse associateSoftwareTokenResponse = await provider.AssociateSoftwareTokenAsync(associateSoftwareTokenRequest);
...
Then associateSoftwareTokenResponse
contains SecretCode
value to be used to register with authenticator app.然后
associateSoftwareTokenResponse
包含SecretCode
值,用于向身份验证器应用程序注册。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.