1

Cognito IDP allows below 3 AWS CLI to Signup, Confirm and Generate ID Token:

  1. aws cognito-idp sign-up --region ap-south-1 --client-id xxx --username xx@xx.com --password xxx

  2. aws cognito-idp confirm-sign-up --client-id xxxx --username xxx@xx.com --confirmation-code xxx

  3. aws cognito-idp initiate-auth --auth-flow USER_PASSWORD_AUTH --client-id xx --auth-parameters USERNAME=xx,PASSWORD=xx

I'm able to initiate Step 1 and Step 2 via AWSCognitoIdentityProvider.signUp() & AWSCognitoIdentityProvider.confirmSignup(). However the Step 3 fails irrespective of valid creds.

Below is the code used:

public String initiateAuth(String username, String password) {
     String idToken = null;
     AWSCognitoIdentityProvider cognitoClient;
     Map<String, String> authParams = new HashMap<String, String>();
     authParams.put("USERNAME", username);
     authParams.put("PASSWORD", password);
     InitiateAuthRequest initiateAuthRequest = new InitiateAuthRequest(); 
     initiateAuthRequest.setAuthFlow("USER_PASSWORD_AUTH");
     initiateAuthRequest.setClientId(CLIENT_ID);
     initiateAuthRequest.setAuthParameters(authParams);
     
/*       
       // I have tried enabling as below
     initiateAuthRequest.setAuthFlow(AuthFlowType.USER_PASSWORD_AUTH);
     initiateAuthRequest.addAuthParametersEntry("USERNAME", username);
     initiateAuthRequest.addAuthParametersEntry("PASSWORD", password);
*/   

     try {
            cognitoClient = getAmazonCognitoIdentityClient();
            
            InitiateAuthResult result =  cognitoClient.initiateAuth(initiateAuthRequest);
            idToken = result.getAuthenticationResult().getIdToken();
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
            idToken = "false";
        } finally {
            System.out.println("AWS COgnito Status = " + idToken);
        }
    return idToken;
}
Naveen Jadav
  • 46
  • 4

1 Answers1

0

Try this way. Where identityProvider is IAmazonCognitoIdentityProvider and UserPool is CognitoUserPool

public string SignIn(string username, string password, CancellationToken token)
{
     try
     {
         var cUser = new CognitoUser(username, CognitoUserPoolAppId, UserPool, identityProvider);
         var authRequest = new InitiateSrpAuthRequest()
         {
             Password = password
         };
         var response = await cUser.StartWithSrpAuthAsync(authRequest);
         return response.AuthenticationResult.IdToken;
     }
     catch(Exception exc)
     {
         return string.Empty;
     }
}
José Ramón Barro
  • 9
  • 1