Le traduzioni sono generate tramite traduzione automatica. In caso di conflitto tra il contenuto di una traduzione e la versione originale in Inglese, quest'ultima prevarrà.
Esempi di Amazon Cognito Identity Provider utilizzati SDK per Java 2.x
I seguenti esempi di codice mostrano come eseguire azioni e implementare scenari comuni utilizzando Amazon Cognito Identity Provider. AWS SDK for Java 2.x
Le operazioni sono estratti di codice da programmi più grandi e devono essere eseguite nel contesto. Sebbene le operazioni mostrino come richiamare le singole funzioni del servizio, è possibile visualizzarle contestualizzate negli scenari correlati e negli esempi tra servizi.
Scenari: esempi di codice che mostrano come eseguire un'attività specifica richiamando più funzioni all'interno dello stesso servizio.
Ogni esempio include un collegamento a GitHub, dove puoi trovare istruzioni su come configurare ed eseguire il codice nel contesto.
Nozioni di base
Gli esempi di codice seguente mostrano come iniziare a utilizzare Amazon Cognito.
- SDKper Java 2.x
-
Nota
C'è altro su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel Repository di esempi di codice AWS
. import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class ListUserPools { public static void main(String[] args) { CognitoIdentityProviderClient cognitoClient = CognitoIdentityProviderClient.builder() .region(Region.US_EAST_1) .build(); listAllUserPools(cognitoClient); cognitoClient.close(); } public static void listAllUserPools(CognitoIdentityProviderClient cognitoClient) { try { ListUserPoolsRequest request = ListUserPoolsRequest.builder() .maxResults(10) .build(); ListUserPoolsResponse response = cognitoClient.listUserPools(request); response.userPools().forEach(userpool -> { System.out.println("User pool " + userpool.name() + ", User ID " + userpool.id()); }); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } }-
Per API i dettagli, vedi ListUserPoolsin AWS SDK for Java 2.x APIReference.
-
Azioni
Il seguente esempio di codice mostra come utilizzareAdminGetUser.
- SDKper Java 2.x
-
Nota
C'è altro su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel Repository di esempi di codice AWS
. public static void getAdminUser(CognitoIdentityProviderClient identityProviderClient, String userName, String poolId) { try { AdminGetUserRequest userRequest = AdminGetUserRequest.builder() .username(userName) .userPoolId(poolId) .build(); AdminGetUserResponse response = identityProviderClient.adminGetUser(userRequest); System.out.println("User status " + response.userStatusAsString()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } }-
Per API i dettagli, vedi AdminGetUserin AWS SDK for Java 2.x APIReference.
-
Il seguente esempio di codice mostra come utilizzareAdminInitiateAuth.
- SDKper Java 2.x
-
Nota
C'è altro su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel Repository di esempi di codice AWS
. public static AdminInitiateAuthResponse initiateAuth(CognitoIdentityProviderClient identityProviderClient, String clientId, String userName, String password, String userPoolId) { try { Map<String, String> authParameters = new HashMap<>(); authParameters.put("USERNAME", userName); authParameters.put("PASSWORD", password); AdminInitiateAuthRequest authRequest = AdminInitiateAuthRequest.builder() .clientId(clientId) .userPoolId(userPoolId) .authParameters(authParameters) .authFlow(AuthFlowType.ADMIN_USER_PASSWORD_AUTH) .build(); AdminInitiateAuthResponse response = identityProviderClient.adminInitiateAuth(authRequest); System.out.println("Result Challenge is : " + response.challengeName()); return response; } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } return null; }-
Per API i dettagli, vedi AdminInitiateAuthin AWS SDK for Java 2.x APIReference.
-
Il seguente esempio di codice mostra come utilizzareAdminRespondToAuthChallenge.
- SDKper Java 2.x
-
Nota
C'è altro su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel Repository di esempi di codice AWS
. // Respond to an authentication challenge. public static void adminRespondToAuthChallenge(CognitoIdentityProviderClient identityProviderClient, String userName, String clientId, String mfaCode, String session) { System.out.println("SOFTWARE_TOKEN_MFA challenge is generated"); Map<String, String> challengeResponses = new HashMap<>(); challengeResponses.put("USERNAME", userName); challengeResponses.put("SOFTWARE_TOKEN_MFA_CODE", mfaCode); AdminRespondToAuthChallengeRequest respondToAuthChallengeRequest = AdminRespondToAuthChallengeRequest.builder() .challengeName(ChallengeNameType.SOFTWARE_TOKEN_MFA) .clientId(clientId) .challengeResponses(challengeResponses) .session(session) .build(); AdminRespondToAuthChallengeResponse respondToAuthChallengeResult = identityProviderClient .adminRespondToAuthChallenge(respondToAuthChallengeRequest); System.out.println("respondToAuthChallengeResult.getAuthenticationResult()" + respondToAuthChallengeResult.authenticationResult()); }-
Per API i dettagli, vedi AdminRespondToAuthChallengein AWS SDK for Java 2.x APIReference.
-
Il seguente esempio di codice mostra come utilizzareAssociateSoftwareToken.
- SDKper Java 2.x
-
Nota
C'è altro su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel Repository di esempi di codice AWS
. public static String getSecretForAppMFA(CognitoIdentityProviderClient identityProviderClient, String session) { AssociateSoftwareTokenRequest softwareTokenRequest = AssociateSoftwareTokenRequest.builder() .session(session) .build(); AssociateSoftwareTokenResponse tokenResponse = identityProviderClient .associateSoftwareToken(softwareTokenRequest); String secretCode = tokenResponse.secretCode(); System.out.println("Enter this token into Google Authenticator"); System.out.println(secretCode); return tokenResponse.session(); }-
Per API i dettagli, vedi AssociateSoftwareTokenin AWS SDK for Java 2.x APIReference.
-
Il seguente esempio di codice mostra come utilizzareConfirmSignUp.
- SDKper Java 2.x
-
Nota
C'è altro su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel Repository di esempi di codice AWS
. public static void confirmSignUp(CognitoIdentityProviderClient identityProviderClient, String clientId, String code, String userName) { try { ConfirmSignUpRequest signUpRequest = ConfirmSignUpRequest.builder() .clientId(clientId) .confirmationCode(code) .username(userName) .build(); identityProviderClient.confirmSignUp(signUpRequest); System.out.println(userName + " was confirmed"); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } }-
Per API i dettagli, vedi ConfirmSignUpin AWS SDK for Java 2.x APIReference.
-
Il seguente esempio di codice mostra come utilizzareCreateUserPool.
- SDKper Java 2.x
-
Nota
C'è altro su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel Repository di esempi di codice AWS
. import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.CreateUserPoolRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.CreateUserPoolResponse; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class CreateUserPool { public static void main(String[] args) { final String usage = """ Usage: <userPoolName>\s Where: userPoolName - The name to give your user pool when it's created. """; if (args.length != 1) { System.out.println(usage); System.exit(1); } String userPoolName = args[0]; CognitoIdentityProviderClient cognitoClient = CognitoIdentityProviderClient.builder() .region(Region.US_EAST_1) .build(); String id = createPool(cognitoClient, userPoolName); System.out.println("User pool ID: " + id); cognitoClient.close(); } public static String createPool(CognitoIdentityProviderClient cognitoClient, String userPoolName) { try { CreateUserPoolRequest request = CreateUserPoolRequest.builder() .poolName(userPoolName) .build(); CreateUserPoolResponse response = cognitoClient.createUserPool(request); return response.userPool().id(); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } return ""; } }-
Per API i dettagli, vedi CreateUserPoolin AWS SDK for Java 2.x APIReference.
-
Il seguente esempio di codice mostra come utilizzareCreateUserPoolClient.
- SDKper Java 2.x
-
Nota
C'è altro su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel Repository di esempi di codice AWS
. import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.CreateUserPoolClientRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.CreateUserPoolClientResponse; /** * A user pool client app is an application that authenticates with Amazon * Cognito user pools. * When you create a user pool, you can configure app clients that allow mobile * or web applications * to call API operations to authenticate users, manage user attributes and * profiles, * and implement sign-up and sign-in flows. * * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class CreateUserPoolClient { public static void main(String[] args) { final String usage = """ Usage: <clientName> <userPoolId>\s Where: clientName - The name for the user pool client to create. userPoolId - The ID for the user pool. """; if (args.length != 2) { System.out.println(usage); System.exit(1); } String clientName = args[0]; String userPoolId = args[1]; CognitoIdentityProviderClient cognitoClient = CognitoIdentityProviderClient.builder() .region(Region.US_EAST_1) .build(); createPoolClient(cognitoClient, clientName, userPoolId); cognitoClient.close(); } public static void createPoolClient(CognitoIdentityProviderClient cognitoClient, String clientName, String userPoolId) { try { CreateUserPoolClientRequest request = CreateUserPoolClientRequest.builder() .clientName(clientName) .userPoolId(userPoolId) .build(); CreateUserPoolClientResponse response = cognitoClient.createUserPoolClient(request); System.out.println("User pool " + response.userPoolClient().clientName() + " created. ID: " + response.userPoolClient().clientId()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } }-
Per API i dettagli, vedi CreateUserPoolClientin AWS SDK for Java 2.x APIReference.
-
Il seguente esempio di codice mostra come utilizzareListUserPools.
- SDKper Java 2.x
-
Nota
C'è altro su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel Repository di esempi di codice AWS
. import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class ListUserPools { public static void main(String[] args) { CognitoIdentityProviderClient cognitoClient = CognitoIdentityProviderClient.builder() .region(Region.US_EAST_1) .build(); listAllUserPools(cognitoClient); cognitoClient.close(); } public static void listAllUserPools(CognitoIdentityProviderClient cognitoClient) { try { ListUserPoolsRequest request = ListUserPoolsRequest.builder() .maxResults(10) .build(); ListUserPoolsResponse response = cognitoClient.listUserPools(request); response.userPools().forEach(userpool -> { System.out.println("User pool " + userpool.name() + ", User ID " + userpool.id()); }); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } }-
Per API i dettagli, vedi ListUserPoolsin AWS SDK for Java 2.x APIReference.
-
Il seguente esempio di codice mostra come utilizzareListUsers.
- SDKper Java 2.x
-
Nota
C'è altro su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel Repository di esempi di codice AWS
. import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersResponse; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class ListUsers { public static void main(String[] args) { final String usage = """ Usage: <userPoolId>\s Where: userPoolId - The ID given to your user pool when it's created. """; if (args.length != 1) { System.out.println(usage); System.exit(1); } String userPoolId = args[0]; CognitoIdentityProviderClient cognitoClient = CognitoIdentityProviderClient.builder() .region(Region.US_EAST_1) .build(); listAllUsers(cognitoClient, userPoolId); listUsersFilter(cognitoClient, userPoolId); cognitoClient.close(); } public static void listAllUsers(CognitoIdentityProviderClient cognitoClient, String userPoolId) { try { ListUsersRequest usersRequest = ListUsersRequest.builder() .userPoolId(userPoolId) .build(); ListUsersResponse response = cognitoClient.listUsers(usersRequest); response.users().forEach(user -> { System.out.println("User " + user.username() + " Status " + user.userStatus() + " Created " + user.userCreateDate()); }); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } // Shows how to list users by using a filter. public static void listUsersFilter(CognitoIdentityProviderClient cognitoClient, String userPoolId) { try { String filter = "email = \"tblue@noserver.com\""; ListUsersRequest usersRequest = ListUsersRequest.builder() .userPoolId(userPoolId) .filter(filter) .build(); ListUsersResponse response = cognitoClient.listUsers(usersRequest); response.users().forEach(user -> { System.out.println("User with filter applied " + user.username() + " Status " + user.userStatus() + " Created " + user.userCreateDate()); }); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } }-
Per API i dettagli, vedi ListUsersin AWS SDK for Java 2.x APIReference.
-
Il seguente esempio di codice mostra come utilizzareResendConfirmationCode.
- SDKper Java 2.x
-
Nota
C'è altro su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel Repository di esempi di codice AWS
. public static void resendConfirmationCode(CognitoIdentityProviderClient identityProviderClient, String clientId, String userName) { try { ResendConfirmationCodeRequest codeRequest = ResendConfirmationCodeRequest.builder() .clientId(clientId) .username(userName) .build(); ResendConfirmationCodeResponse response = identityProviderClient.resendConfirmationCode(codeRequest); System.out.println("Method of delivery is " + response.codeDeliveryDetails().deliveryMediumAsString()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } }-
Per API i dettagli, vedi ResendConfirmationCodein AWS SDK for Java 2.x APIReference.
-
Il seguente esempio di codice mostra come utilizzareSignUp.
- SDKper Java 2.x
-
Nota
C'è altro su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel Repository di esempi di codice AWS
. public static void signUp(CognitoIdentityProviderClient identityProviderClient, String clientId, String userName, String password, String email) { AttributeType userAttrs = AttributeType.builder() .name("email") .value(email) .build(); List<AttributeType> userAttrsList = new ArrayList<>(); userAttrsList.add(userAttrs); try { SignUpRequest signUpRequest = SignUpRequest.builder() .userAttributes(userAttrsList) .username(userName) .clientId(clientId) .password(password) .build(); identityProviderClient.signUp(signUpRequest); System.out.println("User has been signed up "); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } }-
Per API i dettagli, vedi SignUpin AWS SDK for Java 2.x APIReference.
-
Il seguente esempio di codice mostra come utilizzareVerifySoftwareToken.
- SDKper Java 2.x
-
Nota
C'è altro su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel Repository di esempi di codice AWS
. // Verify the TOTP and register for MFA. public static void verifyTOTP(CognitoIdentityProviderClient identityProviderClient, String session, String code) { try { VerifySoftwareTokenRequest tokenRequest = VerifySoftwareTokenRequest.builder() .userCode(code) .session(session) .build(); VerifySoftwareTokenResponse verifyResponse = identityProviderClient.verifySoftwareToken(tokenRequest); System.out.println("The status of the token is " + verifyResponse.statusAsString()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } }-
Per API i dettagli, vedi VerifySoftwareTokenin AWS SDK for Java 2.x APIReference.
-
Scenari
L'esempio di codice seguente mostra come:
Registra e conferma un utente con nome utente, password e indirizzo e-mail.
Configura l'autenticazione a più fattori associando un'MFAapplicazione all'utente.
Accedi utilizzando una password e un MFA codice.
- SDKper Java 2.x
-
Nota
C'è altro su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel Repository di esempi di codice AWS
. import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.AdminGetUserRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.AdminGetUserResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.AdminInitiateAuthRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.AdminInitiateAuthResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.AdminRespondToAuthChallengeRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.AdminRespondToAuthChallengeResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.AssociateSoftwareTokenRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.AssociateSoftwareTokenResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.AttributeType; import software.amazon.awssdk.services.cognitoidentityprovider.model.AuthFlowType; import software.amazon.awssdk.services.cognitoidentityprovider.model.ChallengeNameType; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.ConfirmSignUpRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.ResendConfirmationCodeRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.ResendConfirmationCodeResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.SignUpRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.VerifySoftwareTokenRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.VerifySoftwareTokenResponse; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.Scanner; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html * * TIP: To set up the required user pool, run the AWS Cloud Development Kit (AWS * CDK) script provided in this GitHub repo at * resources/cdk/cognito_scenario_user_pool_with_mfa. * * This code example performs the following operations: * * 1. Invokes the signUp method to sign up a user. * 2. Invokes the adminGetUser method to get the user's confirmation status. * 3. Invokes the ResendConfirmationCode method if the user requested another * code. * 4. Invokes the confirmSignUp method. * 5. Invokes the AdminInitiateAuth to sign in. This results in being prompted * to set up TOTP (time-based one-time password). (The response is * “ChallengeName”: “MFA_SETUP”). * 6. Invokes the AssociateSoftwareToken method to generate a TOTP MFA private * key. This can be used with Google Authenticator. * 7. Invokes the VerifySoftwareToken method to verify the TOTP and register for * MFA. * 8. Invokes the AdminInitiateAuth to sign in again. This results in being * prompted to submit a TOTP (Response: “ChallengeName”: “SOFTWARE_TOKEN_MFA”). * 9. Invokes the AdminRespondToAuthChallenge to get back a token. */ public class CognitoMVP { public static final String DASHES = new String(new char[80]).replace("\0", "-"); public static void main(String[] args) throws NoSuchAlgorithmException, InvalidKeyException { final String usage = """ Usage: <clientId> <poolId> Where: clientId - The app client Id value that you can get from the AWS CDK script. poolId - The pool Id that you can get from the AWS CDK script.\s """; if (args.length != 2) { System.out.println(usage); System.exit(1); } String clientId = args[0]; String poolId = args[1]; CognitoIdentityProviderClient identityProviderClient = CognitoIdentityProviderClient.builder() .region(Region.US_EAST_1) .build(); System.out.println(DASHES); System.out.println("Welcome to the Amazon Cognito example scenario."); System.out.println(DASHES); System.out.println(DASHES); System.out.println("*** Enter your user name"); Scanner in = new Scanner(System.in); String userName = in.nextLine(); System.out.println("*** Enter your password"); String password = in.nextLine(); System.out.println("*** Enter your email"); String email = in.nextLine(); System.out.println("1. Signing up " + userName); signUp(identityProviderClient, clientId, userName, password, email); System.out.println(DASHES); System.out.println(DASHES); System.out.println("2. Getting " + userName + " in the user pool"); getAdminUser(identityProviderClient, userName, poolId); System.out .println("*** Conformation code sent to " + userName + ". Would you like to send a new code? (Yes/No)"); System.out.println(DASHES); System.out.println(DASHES); String ans = in.nextLine(); if (ans.compareTo("Yes") == 0) { resendConfirmationCode(identityProviderClient, clientId, userName); System.out.println("3. Sending a new confirmation code"); } System.out.println(DASHES); System.out.println(DASHES); System.out.println("4. Enter confirmation code that was emailed"); String code = in.nextLine(); confirmSignUp(identityProviderClient, clientId, code, userName); System.out.println("Rechecking the status of " + userName + " in the user pool"); getAdminUser(identityProviderClient, userName, poolId); System.out.println(DASHES); System.out.println(DASHES); System.out.println("5. Invokes the initiateAuth to sign in"); AdminInitiateAuthResponse authResponse = initiateAuth(identityProviderClient, clientId, userName, password, poolId); String mySession = authResponse.session(); System.out.println(DASHES); System.out.println(DASHES); System.out.println("6. Invokes the AssociateSoftwareToken method to generate a TOTP key"); String newSession = getSecretForAppMFA(identityProviderClient, mySession); System.out.println(DASHES); System.out.println(DASHES); System.out.println("*** Enter the 6-digit code displayed in Google Authenticator"); String myCode = in.nextLine(); System.out.println(DASHES); System.out.println(DASHES); System.out.println("7. Verify the TOTP and register for MFA"); verifyTOTP(identityProviderClient, newSession, myCode); System.out.println(DASHES); System.out.println(DASHES); System.out.println("8. Re-enter a 6-digit code displayed in Google Authenticator"); String mfaCode = in.nextLine(); AdminInitiateAuthResponse authResponse1 = initiateAuth(identityProviderClient, clientId, userName, password, poolId); System.out.println(DASHES); System.out.println(DASHES); System.out.println("9. Invokes the AdminRespondToAuthChallenge"); String session2 = authResponse1.session(); adminRespondToAuthChallenge(identityProviderClient, userName, clientId, mfaCode, session2); System.out.println(DASHES); System.out.println(DASHES); System.out.println("All Amazon Cognito operations were successfully performed"); System.out.println(DASHES); } // Respond to an authentication challenge. public static void adminRespondToAuthChallenge(CognitoIdentityProviderClient identityProviderClient, String userName, String clientId, String mfaCode, String session) { System.out.println("SOFTWARE_TOKEN_MFA challenge is generated"); Map<String, String> challengeResponses = new HashMap<>(); challengeResponses.put("USERNAME", userName); challengeResponses.put("SOFTWARE_TOKEN_MFA_CODE", mfaCode); AdminRespondToAuthChallengeRequest respondToAuthChallengeRequest = AdminRespondToAuthChallengeRequest.builder() .challengeName(ChallengeNameType.SOFTWARE_TOKEN_MFA) .clientId(clientId) .challengeResponses(challengeResponses) .session(session) .build(); AdminRespondToAuthChallengeResponse respondToAuthChallengeResult = identityProviderClient .adminRespondToAuthChallenge(respondToAuthChallengeRequest); System.out.println("respondToAuthChallengeResult.getAuthenticationResult()" + respondToAuthChallengeResult.authenticationResult()); } // Verify the TOTP and register for MFA. public static void verifyTOTP(CognitoIdentityProviderClient identityProviderClient, String session, String code) { try { VerifySoftwareTokenRequest tokenRequest = VerifySoftwareTokenRequest.builder() .userCode(code) .session(session) .build(); VerifySoftwareTokenResponse verifyResponse = identityProviderClient.verifySoftwareToken(tokenRequest); System.out.println("The status of the token is " + verifyResponse.statusAsString()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } public static AdminInitiateAuthResponse initiateAuth(CognitoIdentityProviderClient identityProviderClient, String clientId, String userName, String password, String userPoolId) { try { Map<String, String> authParameters = new HashMap<>(); authParameters.put("USERNAME", userName); authParameters.put("PASSWORD", password); AdminInitiateAuthRequest authRequest = AdminInitiateAuthRequest.builder() .clientId(clientId) .userPoolId(userPoolId) .authParameters(authParameters) .authFlow(AuthFlowType.ADMIN_USER_PASSWORD_AUTH) .build(); AdminInitiateAuthResponse response = identityProviderClient.adminInitiateAuth(authRequest); System.out.println("Result Challenge is : " + response.challengeName()); return response; } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } return null; } public static String getSecretForAppMFA(CognitoIdentityProviderClient identityProviderClient, String session) { AssociateSoftwareTokenRequest softwareTokenRequest = AssociateSoftwareTokenRequest.builder() .session(session) .build(); AssociateSoftwareTokenResponse tokenResponse = identityProviderClient .associateSoftwareToken(softwareTokenRequest); String secretCode = tokenResponse.secretCode(); System.out.println("Enter this token into Google Authenticator"); System.out.println(secretCode); return tokenResponse.session(); } public static void confirmSignUp(CognitoIdentityProviderClient identityProviderClient, String clientId, String code, String userName) { try { ConfirmSignUpRequest signUpRequest = ConfirmSignUpRequest.builder() .clientId(clientId) .confirmationCode(code) .username(userName) .build(); identityProviderClient.confirmSignUp(signUpRequest); System.out.println(userName + " was confirmed"); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } public static void resendConfirmationCode(CognitoIdentityProviderClient identityProviderClient, String clientId, String userName) { try { ResendConfirmationCodeRequest codeRequest = ResendConfirmationCodeRequest.builder() .clientId(clientId) .username(userName) .build(); ResendConfirmationCodeResponse response = identityProviderClient.resendConfirmationCode(codeRequest); System.out.println("Method of delivery is " + response.codeDeliveryDetails().deliveryMediumAsString()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } public static void signUp(CognitoIdentityProviderClient identityProviderClient, String clientId, String userName, String password, String email) { AttributeType userAttrs = AttributeType.builder() .name("email") .value(email) .build(); List<AttributeType> userAttrsList = new ArrayList<>(); userAttrsList.add(userAttrs); try { SignUpRequest signUpRequest = SignUpRequest.builder() .userAttributes(userAttrsList) .username(userName) .clientId(clientId) .password(password) .build(); identityProviderClient.signUp(signUpRequest); System.out.println("User has been signed up "); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } public static void getAdminUser(CognitoIdentityProviderClient identityProviderClient, String userName, String poolId) { try { AdminGetUserRequest userRequest = AdminGetUserRequest.builder() .username(userName) .userPoolId(poolId) .build(); AdminGetUserResponse response = identityProviderClient.adminGetUser(userRequest); System.out.println("User status " + response.userStatusAsString()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } }-
Per API i dettagli, consulta i seguenti argomenti in AWS SDK for Java 2.x APIRiferimento.
-
