本文介绍了身份验证AWS Cognito SRP的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在编写一个控制台POC来演示AWS Cognito身份验证-作为我们的API网关身份验证机制(不托管在AWS中),App Pool不是联合身份。

I am writing a console POC to demo AWS cognito authentication - App Pool not federated identity, as our API gateway authentication mechanism (not hosted in AWS). This is being written in C#.

我已经成功创建了一个用户,确认了他们;但是现在我需要进行身份验证以检索一个JWT,我可以传递它并在下游进行验证。

I have successfully created a user, confirmed them; but now I need to authenticate to retrieve a JWT that an I can pass around and validate downstream.

以下代码

 using (var client = new AmazonCognitoIdentityProviderClient())
            {
               var initAuthRequest = new InitiateAuthRequest();
                   initAuthRequest.AuthParameters.Add("USERNAME", username);
                   initAuthRequest.AuthParameters.Add("PASSWORD", password);
                   initAuthRequest.ClientId = clientId;
                   initAuthRequest.AuthFlow = AuthFlowType.USER_SRP_AUTH;
                   var response = client.InitiateAuth(initAuthRequest);
                   WriteLine("auth ok");
            }

此异常:

其他信息:缺少必需的参数SRP_A

Additional information: Missing required parameter SRP_A

我无法在dotnet sdk中找到生成SRP标头的方法,可以有人帮忙吗?

I cannot find a way in the dotnet sdk of generating an SRP header, can anyone help?

感谢
KH

ThanksKH

推荐答案

认知用户池不支持来自.NET SDK的SRP身份验证。您将无法通过 InitiateAuth API调用使用 AuthFlowType.USER_SRP_AUTH

Cognito User Pools does not support SRP authentication from .NET SDK. You will not be able to use AuthFlowType.USER_SRP_AUTH with the InitiateAuth API call.

如果要直接使用USERNAME和PASSWORD登录,可以查看,它使用 API和ADMIN_NO_SRP_AUTH流。

If you want to sign-in using a USERNAME and PASSWORD directly, you can look at the Admin Authentication flow which uses the AdminInitiateAuth API and ADMIN_NO_SRP_AUTH flow.

这篇关于身份验证AWS Cognito SRP的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-01 19:07