[英]How to configure AWS user cognito authentication flow for generating identity token,access token in Java sdk backend?
下面是代碼:
AnonymousAWSCredentials awsCreds = new AnonymousAWSCredentials();
AWSCognitoIdentityProvider provider = AWSCognitoIdentityProviderClientBuilder.standard()
.withCredentials(new AWSStaticCredentialsProvider(awsCreds))
.withRegion(//region)
.build();
AdminInitiateAuthRequest authRequest = new AdminInitiateAuthRequest()
.withAuthFlow(AuthFlowType.USER_PASSWORD_AUTH)
.withClientId("")
.withUserPoolId("")
.withAuthParameters(map);
Map<String,String> map = new HashMap<>();
map.put("USERNAME","");
map.put("PASSWORD","");
這里地圖將有用戶名和密碼。
有人可以幫助如何在 Java 中配置身份驗證以生成 id 令牌和訪問令牌嗎? 提前致謝!!
您的代碼可能如下所示。 請注意:
使用 ADMIN_USER_PASSWORD_AUTH 流進行身份驗證。 請參閱AdminInitiateAuth
在 Cognito 中,在客戶端設置中,在“Auth Flows Configuration”部分下,應啟用下一個選項“Enable username password auth for admin APIs for authentication (ALLOW_ADMIN_USER_PASSWORD_AUTH)” 。
public static void auth(String username, String password) { AwsBasicCredentials awsCreds = AwsBasicCredentials.create(AWS_KEY, AWS_SECRET); CognitoIdentityProviderClient identityProviderClient = CognitoIdentityProviderClient.builder() .credentialsProvider(StaticCredentialsProvider.create(awsCreds)) .region(Region.of(REGION)) .build(); final Map<String, String> authParams = new HashMap<>(); authParams.put("USERNAME", username); authParams.put("PASSWORD", password); authParams.put("SECRET_HASH", calculateSecretHash(CLIENT_ID, CLIENT_SECRET, username)); final AdminInitiateAuthRequest authRequest = AdminInitiateAuthRequest.builder() .authFlow(AuthFlowType.ADMIN_USER_PASSWORD_AUTH) .clientId(CLIENT_ID) .userPoolId(POOL_ID) .authParameters(authParams) .build(); AdminInitiateAuthResponse result = identityProviderClient.adminInitiateAuth(authRequest); System.out.println(result.authenticationResult().accessToken()); System.out.println(result.authenticationResult().idToken());}
方法 calculateSecretHash 取自 AWS Documentation Signing Up and Confirming User Accounts :
private static String calculateSecretHash(String userPoolClientId, String userPoolClientSecret, String userName) { final String HMAC_SHA256_ALGORITHM = "HmacSHA256"; SecretKeySpec signingKey = new SecretKeySpec( userPoolClientSecret.getBytes(StandardCharsets.UTF_8), HMAC_SHA256_ALGORITHM); try { Mac mac = Mac.getInstance(HMAC_SHA256_ALGORITHM); mac.init(signingKey); mac.update(userName.getBytes(StandardCharsets.UTF_8)); byte[] rawHmac = mac.doFinal(userPoolClientId.getBytes(StandardCharsets.UTF_8)); return Base64.getEncoder().encodeToString(rawHmac); } catch (Exception e) { throw new RuntimeException("Error while calculating "); }}
如何使用適用於Java的Amazon Cognito身份SDK訪問用戶池
[英]How to Access User Pools using the Amazon Cognito Identity SDK for Java
適用於通過Cognito用戶池為Oauth客戶端憑據流身份驗證提供服務的AWS Java SDK嗎?
[英]AWS Java SDK for service to service Oauth client credentential flow authentication with Cognito user pool?
如何在 Microsoft 授權碼流程中獲取刷新令牌 - java sdk
[英]How to obtain refresh token in Microsoft Authorization Code flow - java sdk
用戶身份池使用Amazon Cognito對用戶進行身份驗證-Java SDK
[英]User Identity Pool Authenticate user with Amazon Cognito - Java SDK
如何通過 OAuth 流和 Java 從 Reddit 檢索訪問令牌
[英]How to retrieve access token from Reddit via OAuth flow with Java
如何使用符合 oidc 的令牌在 Java 中為 Graph API 獲取第二個訪問令牌。 OBO流程
[英]How to obtain 2nd access token in Java for Graph API with a oidc compliant token. OBO flow
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.