gpt4 book ai didi

amazon-web-services - 在 AWS Cognito 中模拟用户

转载 作者:行者123 更新时间:2023-12-03 15:46:30 26 4
gpt4 key购买 nike

我有一个使用 Cognito 的文件服务器,因此用户可以通过使用基本身份验证或 OAuth2.0 授权代码流对自己进行身份验证来进行访问。

我希望外部应用程序能够使用客户端凭据流对自己进行身份验证,然后能够模拟用户。有没有办法用 Cognito 做到这一点?

最佳答案

我能够通过为 Cognito 触发器创建自定义 lambda 来做到这一点:定义身份验证挑战、创建身份验证挑战和验证身份验证挑战。

我的要求是我希望我的后端使用 secret然后为任何 Cognito 用户获取访问和刷新 token 。

定义身份验证挑战 Lambda

exports.handler = async event => {
if (
event.request.session &&
event.request.session.length >= 3 &&
event.request.session.slice(-1)[0].challengeResult === false
) {
// The user provided a wrong answer 3 times; fail auth
event.response.issueTokens = false;
event.response.failAuthentication = true;
} else if (
event.request.session &&
event.request.session.length &&
event.request.session.slice(-1)[0].challengeResult === true
) {
// The user provided the right answer; succeed auth
event.response.issueTokens = true;
event.response.failAuthentication = false;
} else {
// The user did not provide a correct answer yet; present challenge
event.response.issueTokens = false;
event.response.failAuthentication = false;
event.response.challengeName = 'CUSTOM_CHALLENGE';
}
return event;
};

创建身份验证挑战 Lambda

exports.handler = async event => {
if (event.request.challengeName == 'CUSTOM_CHALLENGE') {
// The value set for publicChallengeParameters is arbitrary for our
// purposes, but something must be set
event.response.publicChallengeParameters = { foo: 'bar' };
}
return event;
};

验证身份验证挑战 Lambda

exports.handler = async event => {
if (event.request.challengeName == 'CUSTOM_CHALLENGE') {
// The value set for publicChallengeParameters is arbitrary for our
// purposes, but something must be set
event.response.publicChallengeParameters = { foo: 'bar' };
}
return event;
};

然后我可以使用一些 JS,使用 amazon-cognito-identity-js , 提供 secret 并获取 token :

var authenticationData = {
Username : 'username'
};
var authenticationDetails = new AmazonCognitoIdentity.AuthenticationDetails(authenticationData);
var poolData = {
UserPoolId : '...', // Your user pool id here
ClientId : '...' // Your client id here
};
var userPool = new AmazonCognitoIdentity.CognitoUserPool(poolData);
var userData = {
Username : 'username',
Pool : userPool
};
var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);

cognitoUser.setAuthenticationFlowType('CUSTOM_AUTH');

cognitoUser.initiateAuth(authenticationDetails, {
onSuccess: function(result) {
// User authentication was successful
},
onFailure: function(err) {
// User authentication was not successful
},
customChallenge: function(challengeParameters) {
// User authentication depends on challenge response
var challengeResponses = 'secret'
cognitoUser.sendCustomChallengeAnswer(challengeResponses, this);
}
});

关于amazon-web-services - 在 AWS Cognito 中模拟用户,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/48305896/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com