堆栈内存溢出
  简体   繁体   English

如何在 WinUI 3 应用程序中获取 AccessToken 或 Session 字符串以启动 AWS Cognito MFA 的设置

[英]How to get AccessToken or Session string in WinUI 3 application to initiate set up of AWS Cognito MFA

 原文  2022-06-07 17:46:19       c#/ .net/ amazon-web-services/ amazon-cognito/ winui-3

问题描述

I am building WinUI 3 desktop app which uses AWS Cognito for user sign-up/sign-in and I came across a problem when trying to implement MFA set up after user creation.我正在构建 WinUI 3 桌面应用程序,它使用 AWS Cognito 进行用户注册/登录,在创建用户后尝试实施 MFA 设置时遇到了问题。

According to AWS documentation I need to call AssociateSoftwareToken with AssociateSoftwareTokenRequest parameter and its "Access Token" or "Session String" properties set to authorize the request:根据 AWS 文档,我需要使用AssociateSoftwareTokenRequest参数调用AssociateSoftwareToken并设置其“访问令牌”或“会话字符串”属性来授权请求​​:

https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/CognitoIdentityProvider/MCognitoIdentityProviderAssociateSoftwareTokenAsyncAssociateSoftwareTokenRequestCancellationToken.html https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/CognitoIdentityProvider/MCognitoIdentityProviderAssociateSoftwareTokenAsyncAssociateSoftwareTokenRequestCancellationToken.html

https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/CognitoIdentityProvider/TAssociateSoftwareTokenRequest.html https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/CognitoIdentityProvider/TAssociateSoftwareTokenRequest.html

My question is - how can I get the AccessToken or Session string from my preceding sign-in request to then authorize AssociateSoftwareToken in WinUi 3 desktop app?我的问题是 - 如何从我之前的登录请求中获取 AccessToken 或 Session 字符串,然后在 WinUi 3 桌面应用程序中授权AssociateSoftwareToken

I've googled around and read AWS and MS docs but cannot find anything helpful in this regard.我搜索并阅读了 AWS 和 MS 文档,但在这方面找不到任何有用的信息。

My code snippets:我的代码片段:

  1. User sign-in method:用户登录方式:
        try
        {
            AmazonCognitoIdentityProviderClient provider = new(new AnonymousAWSCredentials(), FallbackRegionFactory.GetRegionEndpoint())
            CognitoUserPool cognitoUserPool = new(poolID, clientID, provider);
            CognitoUser cognitoUser = new(username, clientID, cognitoUserPool, provider);
            InitiateSrpAuthRequest authRequest = new()
            {
                Password = password
            };
            AuthFlowResponse authFlowResponse = await cognitoUser.StartWithSrpAuthAsync(authRequest).ConfigureAwait(false);

            if (authFlowResponse.AuthenticationResult is null)
            {  
                if (authFlowResponse.ChallengeName == ChallengeNameType.MFA_SETUP)
                {
                   //At this point I need AccessToken or Session string to to call CognitoSetUpTOTPMFAAsync(string accessToken) to trigger MFA setup...
                }
                .
                //remaining implementation
                .
            }
            return ...
        }
        catch (Exception e)
        {
            return ...
        }
  1. CognitoSetUpTOTPMFAAsync(string accessToken OR string sessionString) CognitoSetUpTOTPMFAAsync(字符串 accessToken 或字符串 sessionString)
        try
        {
            
            AmazonCognitoIdentityProviderClient provider = new(new AnonymousAWSCredentials(), FallbackRegionFactory.GetRegionEndpoint());
            AssociateSoftwareTokenRequest associateSoftwareTokenRequest = new()
            {
                AccessToken = accessToken,
                Session = sessionString               
            };
            AssociateSoftwareTokenResponse associateSoftwareTokenResponse = await provider.AssociateSoftwareTokenAsync(associateSoftwareTokenRequest);
            .
            //remaining implementation
            .
            return ...
        }
        catch (Exception)
        {
            return ...
        }

1 个解决方案

解决方案1
 0 已采纳  2022-06-21 13:44:36

Turns out the required "Session string" is returned after initial sign in request in AuthFlowResponse object as SessionID parameter.结果表明,在AuthFlowResponse对象中的初始登录请求后,作为SessionID参数返回了所需的“会话字符串”。 It is contained in each response from Cognito and can be used to supply with consecutive requests.它包含在 Cognito 的每个响应中,可用于提供连续请求。

Adding this to my code:将此添加到我的代码中:

...
AuthFlowResponse authFlowResponse = await cognitoUser.StartWithSrpAuthAsync(authRequest);
var sessionId = authFlowResponse.SessionID;
...

Then provide sessionId to MFA setup AssociateSoftwareTokenRequest request:然后将sessionId提供给 MFA 设置AssociateSoftwareTokenRequest请求:

...
AssociateSoftwareTokenRequest associateSoftwareTokenRequest = new()
   {
   Session = sessionId                
   };
AssociateSoftwareTokenResponse associateSoftwareTokenResponse = await provider.AssociateSoftwareTokenAsync(associateSoftwareTokenRequest);
...

Then associateSoftwareTokenResponse contains SecretCode value to be used to register with authenticator app.然后associateSoftwareTokenResponse包含SecretCode值,用于向身份验证器应用程序注册。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何获取 AccessToken - How to get AccessToken 如何让 Canvas 在 WinUI 3 中滚动? - How to get Canvas to scroll in WinUI 3? C# WinUI 3 桌面应用程序。 如何设置相关面板或页面的背景图片 - C# WinUI 3 desktop application. How to set background image of relative panel or page 如何从 c# 中的 aws cognito 获取用户属性 - how to get the user attribute from aws cognito in c# 如何在 WinUI 3 应用程序中显示 Bitmap object - How to display Bitmap object in WinUI 3 application 如何在 UWP 和 WinUi 中更改应用程序主题 - How to Change Application Theme in UWP and WinUi WinUI 3 如何设置窗口的最小尺寸 - WinUI 3 How to set Minimum Size of a Window 如何在C#WPF应用程序中保存accessToken - How to save an accessToken in C# WPF application 在.NET Desktop应用程序中使用AWS Cognito - Using AWS Cognito in .NET Desktop Application 您可以通过编程方式获取AWS MFA序列号吗? - Can you get the AWS MFA serial number programatically?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM