stackoom
  简体   繁体   中英

Amazon Cognito log users in with username and password

 原文  2014-12-12 09:48:00       java/ ios/ amazon-web-services/ amazon-cognito

Question

Is this possible with AWS Cognito? Also i would like to add a "relationship" between users and entities in DynamoDB.

Anyone been in this scenario - or am i using the wrong services from AWS?

3 answers

solution1
 4  2017-04-26 01:19:36

If anyone should need actual code for the Java SDK, here's an example of authenticating on the back-end: 

Map<String, String> params = new HashMap<>();
params.put("USERNAME", userId);
params.put("SECRET_HASH", calculateSecretHash(userId));
params.put("PASSWORD", rawPassword);

AdminInitiateAuthRequest request = new AdminInitiateAuthRequest()
    .withUserPoolId("YOUR_USER_POOL_ID")
    .withClientId("YOUR_USER_POOL_APP_CLIENT_ID")
    .withAuthFlow(AuthFlowType.ADMIN_NO_SRP_AUTH)
    .withAuthParameters(params);

AWSCognitoIdentityProvider identityProvider = AWSCognitoIdentityProviderClientBuilder.standard()
        .withCredentials(credentialsProvider)
        .withRegion(Regions.US_WEST_2)
        .build();
AdminInitiateAuthResult result = identityProvider.adminInitiateAuth(request);

Helper function: 

private String calculateSecretHash(@Nonnull String userName) {

  SecretKeySpec signingKey = new SecretKeySpec(m_clientSecret.getBytes(StandardCharsets.UTF_8), HmacAlgorithms.HMAC_SHA_256.toString());
  try {
    Mac mac = Mac.getInstance(HmacAlgorithms.HMAC_SHA_256.toString());
    mac.init(signingKey);
    mac.update(userName.getBytes(StandardCharsets.UTF_8));
    byte[] rawHmac = mac.doFinal(m_clientId.getBytes(StandardCharsets.UTF_8));
    return Base64.encodeBase64String(rawHmac);

  } catch (Exception ex) {
    throw new PgkbRuntimeException("Error calculating secret hash", ex);
  }
}

solution2
 3 ACCPTED  2016-07-19 22:12:00

For anyone else who finds this question, this is now possible with Cognito User Pools. More information is available here .

solution3
 -1  2014-12-12 10:13:52

Cognito is not meant to store credentials information of a user, it may be possible to use it so by using the userid as a key, it is better to use Facebook or likes if you want to offload the login process.

Regarding relationships, dynamo is a key/value datastore, they work best if your transaction requires couple of retrievals by key, like session info, settings, cart info. It will not suite for queries like find all friends, all places my friend visited, for such you may consider a graphdb, also a reqular RDBMS will easily work for reasonable amount of data.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Extract username from AdminInitiateAuthResult in Amazon Cognito How to register `Amazon Cognito` users with an AWS Lambda Java function? How to register users to Amazon Cognito identity user pool by using Java changing the default username and password provided by netbeans and using the username -password combination I mention in the tomcat-users.xml Trying to store username and password in a database and having it check if the username and password match to log in Authenticate users with SpringSecurity using a WebService that requires a username and password Spring Security - Differentiate between wrong username/password combination and unauthorised users User Roles in Amazon Cognito Log username/password for 401 authentication error spring boot Amazon cognito: identity not found
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM