기계 번역으로 제공되는 번역입니다. 제공된 번역과 원본 영어의 내용이 상충하는 경우에는 영어 버전이 우선합니다.
자바 2.x를 사용하는 SDK Amazon Cognito 자격 증명 공급자 예제
다음 코드 예제는 Amazon Cognito ID AWS SDK for Java 2.x 공급자와 함께 사용하여 작업을 수행하고 일반적인 시나리오를 구현하는 방법을 보여줍니다.
작업은 대규모 프로그램에서 발췌한 코드이며 컨텍스트에 맞춰 실행해야 합니다. 작업은 개별 서비스 함수를 호출하는 방법을 보여 주며 관련 시나리오와 교차 서비스 예시에서 컨텍스트에 맞는 작업을 볼 수 있습니다.
시나리오는 동일한 서비스 내에서 여러 함수를 호출하여 특정 태스크를 수행하는 방법을 보여주는 코드 예시입니다.
각 예제에는 컨텍스트에서 코드를 설정하고 실행하는 방법에 대한 지침을 찾을 수 있는 링크가 포함되어 있습니다. GitHub
시작하기
다음 코드 예제에서는 Amazon Cognito 사용을 시작하는 방법을 보여줍니다.
- SDKJava 2.x의 경우
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예시 리포지토리
에서 전체 예시를 찾고 설정 및 실행하는 방법을 배워보세요. import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class ListUserPools { public static void main(String[] args) { CognitoIdentityProviderClient cognitoClient = CognitoIdentityProviderClient.builder() .region(Region.US_EAST_1) .build(); listAllUserPools(cognitoClient); cognitoClient.close(); } public static void listAllUserPools(CognitoIdentityProviderClient cognitoClient) { try { ListUserPoolsRequest request = ListUserPoolsRequest.builder() .maxResults(10) .build(); ListUserPoolsResponse response = cognitoClient.listUserPools(request); response.userPools().forEach(userpool -> { System.out.println("User pool " + userpool.name() + ", User ID " + userpool.id()); }); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } }-
자세한 API 내용은 ListUserPools AWS SDK for Java 2.xAPI참조를 참조하십시오.
-
작업
다음 코드 예시에서는 AdminGetUser을 사용하는 방법을 보여 줍니다.
- SDK자바 2.x의 경우
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예시 리포지토리
에서 전체 예시를 찾고 설정 및 실행하는 방법을 배워보세요. public static void getAdminUser(CognitoIdentityProviderClient identityProviderClient, String userName, String poolId) { try { AdminGetUserRequest userRequest = AdminGetUserRequest.builder() .username(userName) .userPoolId(poolId) .build(); AdminGetUserResponse response = identityProviderClient.adminGetUser(userRequest); System.out.println("User status " + response.userStatusAsString()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } }-
자세한 API 내용은 AdminGetUser AWS SDK for Java 2.xAPI참조를 참조하십시오.
-
다음 코드 예시에서는 AdminInitiateAuth을 사용하는 방법을 보여 줍니다.
- SDK자바 2.x의 경우
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예시 리포지토리
에서 전체 예시를 찾고 설정 및 실행하는 방법을 배워보세요. public static AdminInitiateAuthResponse initiateAuth(CognitoIdentityProviderClient identityProviderClient, String clientId, String userName, String password, String userPoolId) { try { Map<String, String> authParameters = new HashMap<>(); authParameters.put("USERNAME", userName); authParameters.put("PASSWORD", password); AdminInitiateAuthRequest authRequest = AdminInitiateAuthRequest.builder() .clientId(clientId) .userPoolId(userPoolId) .authParameters(authParameters) .authFlow(AuthFlowType.ADMIN_USER_PASSWORD_AUTH) .build(); AdminInitiateAuthResponse response = identityProviderClient.adminInitiateAuth(authRequest); System.out.println("Result Challenge is : " + response.challengeName()); return response; } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } return null; }-
자세한 API 내용은 AdminInitiateAuth AWS SDK for Java 2.xAPI참조를 참조하십시오.
-
다음 코드 예시에서는 AdminRespondToAuthChallenge을 사용하는 방법을 보여 줍니다.
- SDK자바 2.x의 경우
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예시 리포지토리
에서 전체 예시를 찾고 설정 및 실행하는 방법을 배워보세요. // Respond to an authentication challenge. public static void adminRespondToAuthChallenge(CognitoIdentityProviderClient identityProviderClient, String userName, String clientId, String mfaCode, String session) { System.out.println("SOFTWARE_TOKEN_MFA challenge is generated"); Map<String, String> challengeResponses = new HashMap<>(); challengeResponses.put("USERNAME", userName); challengeResponses.put("SOFTWARE_TOKEN_MFA_CODE", mfaCode); AdminRespondToAuthChallengeRequest respondToAuthChallengeRequest = AdminRespondToAuthChallengeRequest.builder() .challengeName(ChallengeNameType.SOFTWARE_TOKEN_MFA) .clientId(clientId) .challengeResponses(challengeResponses) .session(session) .build(); AdminRespondToAuthChallengeResponse respondToAuthChallengeResult = identityProviderClient .adminRespondToAuthChallenge(respondToAuthChallengeRequest); System.out.println("respondToAuthChallengeResult.getAuthenticationResult()" + respondToAuthChallengeResult.authenticationResult()); }-
자세한 API 내용은 AdminRespondToAuthChallenge AWS SDK for Java 2.xAPI참조를 참조하십시오.
-
다음 코드 예시에서는 AssociateSoftwareToken을 사용하는 방법을 보여 줍니다.
- SDK자바 2.x의 경우
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예시 리포지토리
에서 전체 예시를 찾고 설정 및 실행하는 방법을 배워보세요. public static String getSecretForAppMFA(CognitoIdentityProviderClient identityProviderClient, String session) { AssociateSoftwareTokenRequest softwareTokenRequest = AssociateSoftwareTokenRequest.builder() .session(session) .build(); AssociateSoftwareTokenResponse tokenResponse = identityProviderClient .associateSoftwareToken(softwareTokenRequest); String secretCode = tokenResponse.secretCode(); System.out.println("Enter this token into Google Authenticator"); System.out.println(secretCode); return tokenResponse.session(); }-
자세한 API 내용은 AssociateSoftwareToken AWS SDK for Java 2.xAPI참조를 참조하십시오.
-
다음 코드 예시에서는 ConfirmSignUp을 사용하는 방법을 보여 줍니다.
- SDK자바 2.x의 경우
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예시 리포지토리
에서 전체 예시를 찾고 설정 및 실행하는 방법을 배워보세요. public static void confirmSignUp(CognitoIdentityProviderClient identityProviderClient, String clientId, String code, String userName) { try { ConfirmSignUpRequest signUpRequest = ConfirmSignUpRequest.builder() .clientId(clientId) .confirmationCode(code) .username(userName) .build(); identityProviderClient.confirmSignUp(signUpRequest); System.out.println(userName + " was confirmed"); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } }-
자세한 API 내용은 ConfirmSignUp AWS SDK for Java 2.xAPI참조를 참조하십시오.
-
다음 코드 예시에서는 CreateUserPool을 사용하는 방법을 보여 줍니다.
- SDK자바 2.x의 경우
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예시 리포지토리
에서 전체 예시를 찾고 설정 및 실행하는 방법을 배워보세요. import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.CreateUserPoolRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.CreateUserPoolResponse; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class CreateUserPool { public static void main(String[] args) { final String usage = """ Usage: <userPoolName>\s Where: userPoolName - The name to give your user pool when it's created. """; if (args.length != 1) { System.out.println(usage); System.exit(1); } String userPoolName = args[0]; CognitoIdentityProviderClient cognitoClient = CognitoIdentityProviderClient.builder() .region(Region.US_EAST_1) .build(); String id = createPool(cognitoClient, userPoolName); System.out.println("User pool ID: " + id); cognitoClient.close(); } public static String createPool(CognitoIdentityProviderClient cognitoClient, String userPoolName) { try { CreateUserPoolRequest request = CreateUserPoolRequest.builder() .poolName(userPoolName) .build(); CreateUserPoolResponse response = cognitoClient.createUserPool(request); return response.userPool().id(); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } return ""; } }-
자세한 API 내용은 CreateUserPool AWS SDK for Java 2.xAPI참조를 참조하십시오.
-
다음 코드 예시에서는 CreateUserPoolClient을 사용하는 방법을 보여 줍니다.
- SDK자바 2.x의 경우
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예시 리포지토리
에서 전체 예시를 찾고 설정 및 실행하는 방법을 배워보세요. import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.CreateUserPoolClientRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.CreateUserPoolClientResponse; /** * A user pool client app is an application that authenticates with Amazon * Cognito user pools. * When you create a user pool, you can configure app clients that allow mobile * or web applications * to call API operations to authenticate users, manage user attributes and * profiles, * and implement sign-up and sign-in flows. * * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class CreateUserPoolClient { public static void main(String[] args) { final String usage = """ Usage: <clientName> <userPoolId>\s Where: clientName - The name for the user pool client to create. userPoolId - The ID for the user pool. """; if (args.length != 2) { System.out.println(usage); System.exit(1); } String clientName = args[0]; String userPoolId = args[1]; CognitoIdentityProviderClient cognitoClient = CognitoIdentityProviderClient.builder() .region(Region.US_EAST_1) .build(); createPoolClient(cognitoClient, clientName, userPoolId); cognitoClient.close(); } public static void createPoolClient(CognitoIdentityProviderClient cognitoClient, String clientName, String userPoolId) { try { CreateUserPoolClientRequest request = CreateUserPoolClientRequest.builder() .clientName(clientName) .userPoolId(userPoolId) .build(); CreateUserPoolClientResponse response = cognitoClient.createUserPoolClient(request); System.out.println("User pool " + response.userPoolClient().clientName() + " created. ID: " + response.userPoolClient().clientId()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } }-
자세한 API 내용은 CreateUserPoolClient AWS SDK for Java 2.xAPI참조를 참조하십시오.
-
다음 코드 예시에서는 ListUserPools을 사용하는 방법을 보여 줍니다.
- SDK자바 2.x의 경우
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예시 리포지토리
에서 전체 예시를 찾고 설정 및 실행하는 방법을 배워보세요. import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class ListUserPools { public static void main(String[] args) { CognitoIdentityProviderClient cognitoClient = CognitoIdentityProviderClient.builder() .region(Region.US_EAST_1) .build(); listAllUserPools(cognitoClient); cognitoClient.close(); } public static void listAllUserPools(CognitoIdentityProviderClient cognitoClient) { try { ListUserPoolsRequest request = ListUserPoolsRequest.builder() .maxResults(10) .build(); ListUserPoolsResponse response = cognitoClient.listUserPools(request); response.userPools().forEach(userpool -> { System.out.println("User pool " + userpool.name() + ", User ID " + userpool.id()); }); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } }-
자세한 API 내용은 ListUserPools AWS SDK for Java 2.xAPI참조를 참조하십시오.
-
다음 코드 예시에서는 ListUsers을 사용하는 방법을 보여 줍니다.
- SDK자바 2.x의 경우
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예시 리포지토리
에서 전체 예시를 찾고 설정 및 실행하는 방법을 배워보세요. import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.ListUsersResponse; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class ListUsers { public static void main(String[] args) { final String usage = """ Usage: <userPoolId>\s Where: userPoolId - The ID given to your user pool when it's created. """; if (args.length != 1) { System.out.println(usage); System.exit(1); } String userPoolId = args[0]; CognitoIdentityProviderClient cognitoClient = CognitoIdentityProviderClient.builder() .region(Region.US_EAST_1) .build(); listAllUsers(cognitoClient, userPoolId); listUsersFilter(cognitoClient, userPoolId); cognitoClient.close(); } public static void listAllUsers(CognitoIdentityProviderClient cognitoClient, String userPoolId) { try { ListUsersRequest usersRequest = ListUsersRequest.builder() .userPoolId(userPoolId) .build(); ListUsersResponse response = cognitoClient.listUsers(usersRequest); response.users().forEach(user -> { System.out.println("User " + user.username() + " Status " + user.userStatus() + " Created " + user.userCreateDate()); }); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } // Shows how to list users by using a filter. public static void listUsersFilter(CognitoIdentityProviderClient cognitoClient, String userPoolId) { try { String filter = "email = \"tblue@noserver.com\""; ListUsersRequest usersRequest = ListUsersRequest.builder() .userPoolId(userPoolId) .filter(filter) .build(); ListUsersResponse response = cognitoClient.listUsers(usersRequest); response.users().forEach(user -> { System.out.println("User with filter applied " + user.username() + " Status " + user.userStatus() + " Created " + user.userCreateDate()); }); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } }-
자세한 API 내용은 ListUsers AWS SDK for Java 2.xAPI참조를 참조하십시오.
-
다음 코드 예시에서는 ResendConfirmationCode을 사용하는 방법을 보여 줍니다.
- SDK자바 2.x의 경우
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예시 리포지토리
에서 전체 예시를 찾고 설정 및 실행하는 방법을 배워보세요. public static void resendConfirmationCode(CognitoIdentityProviderClient identityProviderClient, String clientId, String userName) { try { ResendConfirmationCodeRequest codeRequest = ResendConfirmationCodeRequest.builder() .clientId(clientId) .username(userName) .build(); ResendConfirmationCodeResponse response = identityProviderClient.resendConfirmationCode(codeRequest); System.out.println("Method of delivery is " + response.codeDeliveryDetails().deliveryMediumAsString()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } }-
자세한 API 내용은 ResendConfirmationCode AWS SDK for Java 2.xAPI참조를 참조하십시오.
-
다음 코드 예시에서는 SignUp을 사용하는 방법을 보여 줍니다.
- SDK자바 2.x의 경우
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예시 리포지토리
에서 전체 예시를 찾고 설정 및 실행하는 방법을 배워보세요. public static void signUp(CognitoIdentityProviderClient identityProviderClient, String clientId, String userName, String password, String email) { AttributeType userAttrs = AttributeType.builder() .name("email") .value(email) .build(); List<AttributeType> userAttrsList = new ArrayList<>(); userAttrsList.add(userAttrs); try { SignUpRequest signUpRequest = SignUpRequest.builder() .userAttributes(userAttrsList) .username(userName) .clientId(clientId) .password(password) .build(); identityProviderClient.signUp(signUpRequest); System.out.println("User has been signed up "); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } }-
자세한 API 내용은 SignUp AWS SDK for Java 2.xAPI참조를 참조하십시오.
-
다음 코드 예시에서는 VerifySoftwareToken을 사용하는 방법을 보여 줍니다.
- SDK자바 2.x의 경우
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예시 리포지토리
에서 전체 예시를 찾고 설정 및 실행하는 방법을 배워보세요. // Verify the TOTP and register for MFA. public static void verifyTOTP(CognitoIdentityProviderClient identityProviderClient, String session, String code) { try { VerifySoftwareTokenRequest tokenRequest = VerifySoftwareTokenRequest.builder() .userCode(code) .session(session) .build(); VerifySoftwareTokenResponse verifyResponse = identityProviderClient.verifySoftwareToken(tokenRequest); System.out.println("The status of the token is " + verifyResponse.statusAsString()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } }-
자세한 API 내용은 VerifySoftwareToken AWS SDK for Java 2.xAPI참조를 참조하십시오.
-
시나리오
다음 코드 예시는 다음과 같은 작업을 수행하는 방법을 보여줍니다.
사용자 이름, 암호 및 이메일 주소로 사용자를 가입시키고 확인합니다.
MFA애플리케이션을 사용자와 연결하여 다단계 인증을 설정합니다.
비밀번호와 코드를 사용하여 로그인합니다. MFA
- SDK자바 2.x의 경우
-
참고
더 많은 내용이 있습니다. GitHub AWS 코드 예시 리포지토리
에서 전체 예시를 찾고 설정 및 실행하는 방법을 배워보세요. import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.AdminGetUserRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.AdminGetUserResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.AdminInitiateAuthRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.AdminInitiateAuthResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.AdminRespondToAuthChallengeRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.AdminRespondToAuthChallengeResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.AssociateSoftwareTokenRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.AssociateSoftwareTokenResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.AttributeType; import software.amazon.awssdk.services.cognitoidentityprovider.model.AuthFlowType; import software.amazon.awssdk.services.cognitoidentityprovider.model.ChallengeNameType; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.ConfirmSignUpRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.ResendConfirmationCodeRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.ResendConfirmationCodeResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.SignUpRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.VerifySoftwareTokenRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.VerifySoftwareTokenResponse; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.Scanner; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html * * TIP: To set up the required user pool, run the AWS Cloud Development Kit (AWS * CDK) script provided in this GitHub repo at * resources/cdk/cognito_scenario_user_pool_with_mfa. * * This code example performs the following operations: * * 1. Invokes the signUp method to sign up a user. * 2. Invokes the adminGetUser method to get the user's confirmation status. * 3. Invokes the ResendConfirmationCode method if the user requested another * code. * 4. Invokes the confirmSignUp method. * 5. Invokes the AdminInitiateAuth to sign in. This results in being prompted * to set up TOTP (time-based one-time password). (The response is * “ChallengeName”: “MFA_SETUP”). * 6. Invokes the AssociateSoftwareToken method to generate a TOTP MFA private * key. This can be used with Google Authenticator. * 7. Invokes the VerifySoftwareToken method to verify the TOTP and register for * MFA. * 8. Invokes the AdminInitiateAuth to sign in again. This results in being * prompted to submit a TOTP (Response: “ChallengeName”: “SOFTWARE_TOKEN_MFA”). * 9. Invokes the AdminRespondToAuthChallenge to get back a token. */ public class CognitoMVP { public static final String DASHES = new String(new char[80]).replace("\0", "-"); public static void main(String[] args) throws NoSuchAlgorithmException, InvalidKeyException { final String usage = """ Usage: <clientId> <poolId> Where: clientId - The app client Id value that you can get from the AWS CDK script. poolId - The pool Id that you can get from the AWS CDK script.\s """; if (args.length != 2) { System.out.println(usage); System.exit(1); } String clientId = args[0]; String poolId = args[1]; CognitoIdentityProviderClient identityProviderClient = CognitoIdentityProviderClient.builder() .region(Region.US_EAST_1) .build(); System.out.println(DASHES); System.out.println("Welcome to the Amazon Cognito example scenario."); System.out.println(DASHES); System.out.println(DASHES); System.out.println("*** Enter your user name"); Scanner in = new Scanner(System.in); String userName = in.nextLine(); System.out.println("*** Enter your password"); String password = in.nextLine(); System.out.println("*** Enter your email"); String email = in.nextLine(); System.out.println("1. Signing up " + userName); signUp(identityProviderClient, clientId, userName, password, email); System.out.println(DASHES); System.out.println(DASHES); System.out.println("2. Getting " + userName + " in the user pool"); getAdminUser(identityProviderClient, userName, poolId); System.out .println("*** Conformation code sent to " + userName + ". Would you like to send a new code? (Yes/No)"); System.out.println(DASHES); System.out.println(DASHES); String ans = in.nextLine(); if (ans.compareTo("Yes") == 0) { resendConfirmationCode(identityProviderClient, clientId, userName); System.out.println("3. Sending a new confirmation code"); } System.out.println(DASHES); System.out.println(DASHES); System.out.println("4. Enter confirmation code that was emailed"); String code = in.nextLine(); confirmSignUp(identityProviderClient, clientId, code, userName); System.out.println("Rechecking the status of " + userName + " in the user pool"); getAdminUser(identityProviderClient, userName, poolId); System.out.println(DASHES); System.out.println(DASHES); System.out.println("5. Invokes the initiateAuth to sign in"); AdminInitiateAuthResponse authResponse = initiateAuth(identityProviderClient, clientId, userName, password, poolId); String mySession = authResponse.session(); System.out.println(DASHES); System.out.println(DASHES); System.out.println("6. Invokes the AssociateSoftwareToken method to generate a TOTP key"); String newSession = getSecretForAppMFA(identityProviderClient, mySession); System.out.println(DASHES); System.out.println(DASHES); System.out.println("*** Enter the 6-digit code displayed in Google Authenticator"); String myCode = in.nextLine(); System.out.println(DASHES); System.out.println(DASHES); System.out.println("7. Verify the TOTP and register for MFA"); verifyTOTP(identityProviderClient, newSession, myCode); System.out.println(DASHES); System.out.println(DASHES); System.out.println("8. Re-enter a 6-digit code displayed in Google Authenticator"); String mfaCode = in.nextLine(); AdminInitiateAuthResponse authResponse1 = initiateAuth(identityProviderClient, clientId, userName, password, poolId); System.out.println(DASHES); System.out.println(DASHES); System.out.println("9. Invokes the AdminRespondToAuthChallenge"); String session2 = authResponse1.session(); adminRespondToAuthChallenge(identityProviderClient, userName, clientId, mfaCode, session2); System.out.println(DASHES); System.out.println(DASHES); System.out.println("All Amazon Cognito operations were successfully performed"); System.out.println(DASHES); } // Respond to an authentication challenge. public static void adminRespondToAuthChallenge(CognitoIdentityProviderClient identityProviderClient, String userName, String clientId, String mfaCode, String session) { System.out.println("SOFTWARE_TOKEN_MFA challenge is generated"); Map<String, String> challengeResponses = new HashMap<>(); challengeResponses.put("USERNAME", userName); challengeResponses.put("SOFTWARE_TOKEN_MFA_CODE", mfaCode); AdminRespondToAuthChallengeRequest respondToAuthChallengeRequest = AdminRespondToAuthChallengeRequest.builder() .challengeName(ChallengeNameType.SOFTWARE_TOKEN_MFA) .clientId(clientId) .challengeResponses(challengeResponses) .session(session) .build(); AdminRespondToAuthChallengeResponse respondToAuthChallengeResult = identityProviderClient .adminRespondToAuthChallenge(respondToAuthChallengeRequest); System.out.println("respondToAuthChallengeResult.getAuthenticationResult()" + respondToAuthChallengeResult.authenticationResult()); } // Verify the TOTP and register for MFA. public static void verifyTOTP(CognitoIdentityProviderClient identityProviderClient, String session, String code) { try { VerifySoftwareTokenRequest tokenRequest = VerifySoftwareTokenRequest.builder() .userCode(code) .session(session) .build(); VerifySoftwareTokenResponse verifyResponse = identityProviderClient.verifySoftwareToken(tokenRequest); System.out.println("The status of the token is " + verifyResponse.statusAsString()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } public static AdminInitiateAuthResponse initiateAuth(CognitoIdentityProviderClient identityProviderClient, String clientId, String userName, String password, String userPoolId) { try { Map<String, String> authParameters = new HashMap<>(); authParameters.put("USERNAME", userName); authParameters.put("PASSWORD", password); AdminInitiateAuthRequest authRequest = AdminInitiateAuthRequest.builder() .clientId(clientId) .userPoolId(userPoolId) .authParameters(authParameters) .authFlow(AuthFlowType.ADMIN_USER_PASSWORD_AUTH) .build(); AdminInitiateAuthResponse response = identityProviderClient.adminInitiateAuth(authRequest); System.out.println("Result Challenge is : " + response.challengeName()); return response; } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } return null; } public static String getSecretForAppMFA(CognitoIdentityProviderClient identityProviderClient, String session) { AssociateSoftwareTokenRequest softwareTokenRequest = AssociateSoftwareTokenRequest.builder() .session(session) .build(); AssociateSoftwareTokenResponse tokenResponse = identityProviderClient .associateSoftwareToken(softwareTokenRequest); String secretCode = tokenResponse.secretCode(); System.out.println("Enter this token into Google Authenticator"); System.out.println(secretCode); return tokenResponse.session(); } public static void confirmSignUp(CognitoIdentityProviderClient identityProviderClient, String clientId, String code, String userName) { try { ConfirmSignUpRequest signUpRequest = ConfirmSignUpRequest.builder() .clientId(clientId) .confirmationCode(code) .username(userName) .build(); identityProviderClient.confirmSignUp(signUpRequest); System.out.println(userName + " was confirmed"); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } public static void resendConfirmationCode(CognitoIdentityProviderClient identityProviderClient, String clientId, String userName) { try { ResendConfirmationCodeRequest codeRequest = ResendConfirmationCodeRequest.builder() .clientId(clientId) .username(userName) .build(); ResendConfirmationCodeResponse response = identityProviderClient.resendConfirmationCode(codeRequest); System.out.println("Method of delivery is " + response.codeDeliveryDetails().deliveryMediumAsString()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } public static void signUp(CognitoIdentityProviderClient identityProviderClient, String clientId, String userName, String password, String email) { AttributeType userAttrs = AttributeType.builder() .name("email") .value(email) .build(); List<AttributeType> userAttrsList = new ArrayList<>(); userAttrsList.add(userAttrs); try { SignUpRequest signUpRequest = SignUpRequest.builder() .userAttributes(userAttrsList) .username(userName) .clientId(clientId) .password(password) .build(); identityProviderClient.signUp(signUpRequest); System.out.println("User has been signed up "); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } public static void getAdminUser(CognitoIdentityProviderClient identityProviderClient, String userName, String poolId) { try { AdminGetUserRequest userRequest = AdminGetUserRequest.builder() .username(userName) .userPoolId(poolId) .build(); AdminGetUserResponse response = identityProviderClient.adminGetUser(userRequest); System.out.println("User status " + response.userStatusAsString()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } } }-
자세한 API 내용은 AWS SDK for Java 2.x APIReference의 다음 항목을 참조하십시오.
-
