[英]How to get AccessToken or Session string in WinUI 3 application to initiate set up of AWS Cognito MFA
我正在構建 WinUI 3 桌面應用程序,它使用 AWS Cognito 進行用戶注冊/登錄,在創建用戶后嘗試實施 MFA 設置時遇到了問題。
根據 AWS 文檔,我需要使用AssociateSoftwareTokenRequest
參數調用AssociateSoftwareToken
並設置其“訪問令牌”或“會話字符串”屬性來授權請求:
我的問題是 - 如何從我之前的登錄請求中獲取 AccessToken 或 Session 字符串,然后在 WinUi 3 桌面應用程序中授權AssociateSoftwareToken
?
我搜索並閱讀了 AWS 和 MS 文檔,但在這方面找不到任何有用的信息。
我的代碼片段:
try
{
AmazonCognitoIdentityProviderClient provider = new(new AnonymousAWSCredentials(), FallbackRegionFactory.GetRegionEndpoint())
CognitoUserPool cognitoUserPool = new(poolID, clientID, provider);
CognitoUser cognitoUser = new(username, clientID, cognitoUserPool, provider);
InitiateSrpAuthRequest authRequest = new()
{
Password = password
};
AuthFlowResponse authFlowResponse = await cognitoUser.StartWithSrpAuthAsync(authRequest).ConfigureAwait(false);
if (authFlowResponse.AuthenticationResult is null)
{
if (authFlowResponse.ChallengeName == ChallengeNameType.MFA_SETUP)
{
//At this point I need AccessToken or Session string to to call CognitoSetUpTOTPMFAAsync(string accessToken) to trigger MFA setup...
}
.
//remaining implementation
.
}
return ...
}
catch (Exception e)
{
return ...
}
try
{
AmazonCognitoIdentityProviderClient provider = new(new AnonymousAWSCredentials(), FallbackRegionFactory.GetRegionEndpoint());
AssociateSoftwareTokenRequest associateSoftwareTokenRequest = new()
{
AccessToken = accessToken,
Session = sessionString
};
AssociateSoftwareTokenResponse associateSoftwareTokenResponse = await provider.AssociateSoftwareTokenAsync(associateSoftwareTokenRequest);
.
//remaining implementation
.
return ...
}
catch (Exception)
{
return ...
}
結果表明,在AuthFlowResponse對象中的初始登錄請求后,作為SessionID參數返回了所需的“會話字符串”。 它包含在 Cognito 的每個響應中,可用於提供連續請求。
將此添加到我的代碼中:
...
AuthFlowResponse authFlowResponse = await cognitoUser.StartWithSrpAuthAsync(authRequest);
var sessionId = authFlowResponse.SessionID;
...
然后將sessionId
提供給 MFA 設置AssociateSoftwareTokenRequest
請求:
...
AssociateSoftwareTokenRequest associateSoftwareTokenRequest = new()
{
Session = sessionId
};
AssociateSoftwareTokenResponse associateSoftwareTokenResponse = await provider.AssociateSoftwareTokenAsync(associateSoftwareTokenRequest);
...
然后associateSoftwareTokenResponse
包含SecretCode
值,用於向身份驗證器應用程序注冊。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.