java - 使用来自 java 的 cognito 进行身份验证
问题描述
我正在使用 java sdk 使用 cognito 对自己进行身份验证,但是在使用 ADMIN_NO_SRP_AUTH 类型时它会抛出以下错误
我的代码
String PerformSRPAuthentication(String username, String password) { String authresult = null;
AdminInitiateAuthRequest initiateAuthRequest = initiateUserSrpAuthRequest(username,password);
try {
BasicAWSCredentials awsCreds = new BasicAWSCredentials("xxxxxM6ZEVLVF", "xxxxx+4t7NgpkRycoGbnXDu9wlZ");
AWSCognitoIdentityProvider cognitoIdentityProvider = AWSCognitoIdentityProviderClientBuilder
.standard()
.withCredentials(new AWSStaticCredentialsProvider(awsCreds))
.withRegion(Regions.fromName(this.region))
.build();
AdminInitiateAuthResult initiateAuthResult = cognitoIdentityProvider.adminInitiateAuth(initiateAuthRequest);
RespondToAuthChallengeRequest challengeRequest = helper.userSrpAuthRequest(initiateAuthResult, password);
RespondToAuthChallengeResult result = cognitoIdentityProvider.respondToAuthChallenge(challengeRequest);
//System.out.println(result);
System.out.println(CognitoJWTParser.getPayload(result.getAuthenticationResult().getIdToken()));
authresult = result.getAuthenticationResult().getIdToken();
} catch (Exception ex) {
ex.printStackTrace();
}
return authresult;
}
私人 AdminInitiateAuthRequest 发起用户SrpAuthRequest(字符串用户名,字符串密码){
AdminInitiateAuthRequest initiateAuthRequest = new AdminInitiateAuthRequest();
initiateAuthRequest.setAuthFlow(AuthFlowType.ADMIN_NO_SRP_AUTH);
initiateAuthRequest.setClientId(this.clientId);
initiateAuthRequest.setUserPoolId(this.userPoolID);
//Only to be used if the pool contains the secret key.
//initiateAuthRequest.addAuthParametersEntry("SECRET_HASH", this.calculateSecretHash(this.clientId,this.secretKey,username));
initiateAuthRequest.addAuthParametersEntry("USERNAME", username);
initiateAuthRequest.addAuthParametersEntry("PASSWORD", password);
initiateAuthRequest.addAuthParametersEntry("SRP_A", helper.getA().toString(16));
return initiateAuthRequest;
}
com.amazonaws.services.cognitoidp.model.NotAuthorizedException:无法验证客户端 xxxxxxxxxx 的秘密哈希(服务:AWSCognitoIdentityProvider;状态代码:400;错误代码:NotAuthorizedException;请求 ID:e7ad165b-3087-4cc5-9ee9-55c42ed3bf02)
解决方案
推荐阅读
- python - 从列值中高效地解析和组织信息
- python - 如何让用户选择一个文件将被存储的位置?
- python - 字符串和点填充
- python-3.x - 访问网页时服务器运行出错
- javascript - Sinon 存根无法处理导出的函数
- javascript - 搜索列表,只需要叶子
- unity3d - 从统一直接部署到 hololens 模拟器
- python - 来自 GitHub 的 Sign Language Glove 项目:帮助理解代码
- amazon-s3 - 使用 AWS Glue 创建表并移动数据集
- mysql - springboot+mybatis批量插入mysql,linux比windows慢很多。什么可能导致它?