Below is the code:
AnonymousAWSCredentials awsCreds = new AnonymousAWSCredentials();
AWSCognitoIdentityProvider provider = AWSCognitoIdentityProviderClientBuilder.standard()
.withCredentials(new AWSStaticCredentialsProvider(awsCreds))
.withRegion(//region)
.build();
AdminInitiateAuthRequest authRequest = new AdminInitiateAuthRequest()
.withAuthFlow(AuthFlowType.USER_PASSWORD_AUTH)
.withClientId("")
.withUserPoolId("")
.withAuthParameters(map);
Map<String,String> map = new HashMap<>();
map.put("USERNAME","");
map.put("PASSWORD","");
Here map will have username and password.
Can someone help on how to configure authentication in Java in order to generate the id token and access token? Thanks in advance!!
Your code may look like below. Please note that:
For authentication is used ADMIN_USER_PASSWORD_AUTH flow. Please see AdminInitiateAuth
In Cognito, in client settings, under section "Auth Flows Configuration" the next option should be enabled "Enable username password auth for admin APIs for authentication (ALLOW_ADMIN_USER_PASSWORD_AUTH)" .
public static void auth(String username, String password) { AwsBasicCredentials awsCreds = AwsBasicCredentials.create(AWS_KEY, AWS_SECRET); CognitoIdentityProviderClient identityProviderClient = CognitoIdentityProviderClient.builder() .credentialsProvider(StaticCredentialsProvider.create(awsCreds)) .region(Region.of(REGION)) .build(); final Map<String, String> authParams = new HashMap<>(); authParams.put("USERNAME", username); authParams.put("PASSWORD", password); authParams.put("SECRET_HASH", calculateSecretHash(CLIENT_ID, CLIENT_SECRET, username)); final AdminInitiateAuthRequest authRequest = AdminInitiateAuthRequest.builder() .authFlow(AuthFlowType.ADMIN_USER_PASSWORD_AUTH) .clientId(CLIENT_ID) .userPoolId(POOL_ID) .authParameters(authParams) .build(); AdminInitiateAuthResponse result = identityProviderClient.adminInitiateAuth(authRequest); System.out.println(result.authenticationResult().accessToken()); System.out.println(result.authenticationResult().idToken());
}
Method calculateSecretHash is taken from AWS Documentation Signing Up and Confirming User Accounts :
private static String calculateSecretHash(String userPoolClientId, String userPoolClientSecret, String userName) { final String HMAC_SHA256_ALGORITHM = "HmacSHA256"; SecretKeySpec signingKey = new SecretKeySpec( userPoolClientSecret.getBytes(StandardCharsets.UTF_8), HMAC_SHA256_ALGORITHM); try { Mac mac = Mac.getInstance(HMAC_SHA256_ALGORITHM); mac.init(signingKey); mac.update(userName.getBytes(StandardCharsets.UTF_8)); byte[] rawHmac = mac.doFinal(userPoolClientId.getBytes(StandardCharsets.UTF_8)); return Base64.getEncoder().encodeToString(rawHmac); } catch (Exception e) { throw new RuntimeException("Error while calculating "); }}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.