时间戳

首页 > 解决方案 > 使用来自 java 的 cognito 进行身份验证

java - 使用来自 java 的 cognito 进行身份验证

问题描述

我正在使用 java sdk 使用 cognito 对自己进行身份验证,但是在使用 ADMIN_NO_SRP_AUTH 类型时它会抛出以下错误

我的代码

String PerformSRPAuthentication(String username, String password) { String authresult = null;

    AdminInitiateAuthRequest initiateAuthRequest = initiateUserSrpAuthRequest(username,password);
    try {

        BasicAWSCredentials awsCreds = new BasicAWSCredentials("xxxxxM6ZEVLVF", "xxxxx+4t7NgpkRycoGbnXDu9wlZ");

        AWSCognitoIdentityProvider cognitoIdentityProvider = AWSCognitoIdentityProviderClientBuilder
                .standard()
                .withCredentials(new AWSStaticCredentialsProvider(awsCreds))
                .withRegion(Regions.fromName(this.region))

                .build();

        AdminInitiateAuthResult initiateAuthResult = cognitoIdentityProvider.adminInitiateAuth(initiateAuthRequest);

        RespondToAuthChallengeRequest challengeRequest = helper.userSrpAuthRequest(initiateAuthResult, password);
        RespondToAuthChallengeResult result = cognitoIdentityProvider.respondToAuthChallenge(challengeRequest);
        //System.out.println(result);
        System.out.println(CognitoJWTParser.getPayload(result.getAuthenticationResult().getIdToken()));
        authresult = result.getAuthenticationResult().getIdToken();

    } catch (Exception ex) {
        ex.printStackTrace();

    }

    return authresult;
}

私人 AdminInitiateAuthRequest 发起用户SrpAuthRequest(字符串用户名,字符串密码){

    AdminInitiateAuthRequest initiateAuthRequest = new AdminInitiateAuthRequest();
    initiateAuthRequest.setAuthFlow(AuthFlowType.ADMIN_NO_SRP_AUTH);
    initiateAuthRequest.setClientId(this.clientId);
      initiateAuthRequest.setUserPoolId(this.userPoolID);
    //Only to be used if the pool contains the secret key.
    //initiateAuthRequest.addAuthParametersEntry("SECRET_HASH", this.calculateSecretHash(this.clientId,this.secretKey,username));
    initiateAuthRequest.addAuthParametersEntry("USERNAME", username);
    initiateAuthRequest.addAuthParametersEntry("PASSWORD", password);
    initiateAuthRequest.addAuthParametersEntry("SRP_A", helper.getA().toString(16));
    return initiateAuthRequest;
}

com.amazonaws.services.cognitoidp.model.NotAuthorizedException:无法验证客户端 xxxxxxxxxx 的秘密哈希(服务:AWSCognitoIdentityProvider;状态代码:400;错误代码:NotAuthorizedException;请求 ID:e7ad165b-3087-4cc5-9ee9-55c42ed3bf02)

标签: javaamazon-web-servicessdkamazon-cognito

解决方案

推荐阅读