【发布时间】:2020-06-09 20:07:39
【问题描述】:
我有一个使用 Spring Boot 的 Java 中 Cognito 身份验证代码的简单测试代码。它在我的本地运行良好,但是当我在远程服务器(CentOS)上运行时,它的行为非常奇怪。如果池中不存在用户。不断创建和重新创建新线程并发送请求。
代码:
protected boolean isValidCognito(String username, String password) {
// Retrieving the AWS credentials from the default instance profile credentials instead of ".withCredentials()".
// More info on https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html
AWSCognitoIdentityProvider awsCognitoIDPClient = AWSCognitoIdentityProviderClientBuilder.standard().build();
Map<String,String> authParams =new HashMap<>();
authParams.put("USERNAME", username);
authParams.put("PASSWORD", password);
AdminInitiateAuthRequest initialRequest = new AdminInitiateAuthRequest()
.withAuthFlow(AuthFlowType.ADMIN_NO_SRP_AUTH)
.withAuthParameters(authParams)
.withClientId(COGNITO_CLIENT_ID)
.withUserPoolId(COGNITO_POOL_ID);
try {
// NOTE: I know the request is being sent for sure, so we probably get at least this far
AdminInitiateAuthResult initialResponse = awsCognitoIDPClient.adminInitiateAuth(initialRequest);
Map<String, String> challengeParams = initialResponse.getChallengeParameters();
String cognitoUserIdForSrp = challengeParams.get("USER_ID_FOR_SRP");
String cognitoUserAttributes = challengeParams.get("userAttributes");
logger.debug("Cognito authenticated user ID: " + cognitoUserIdForSrp
+ " with user attributes: " + cognitoUserAttributes);
return true;
} catch (NotAuthorizedException nae) {
logger.error("Invalid Cognito username/password provided for " + authParams.get("USERNAME"));
return false;
} catch (AWSCognitoIdentityProviderException acipe) {
logger.error("Amazon Cognito Identity Provider Error!");
logger.debug("Make sure the user exists in the pool, and ALLOW_ADMIN_USER_PASSWORD_AUTH is enabled.");
return false;
} catch (Exception e) {
logger.error("Unexpected Error: ", e);
return false;
}
}
如果有帮助,请记录:
2020-02-25 17:14:54.919 TRACE 25144 --- [http-nio-8080-exec-98] o.s.t.i.TransactionInterceptor : Getting transaction for [METHOD_NAME]
2020-02-25 17:14:54.926 TRACE 25144 --- [http-nio-8080-exec-98] o.s.t.i.TransactionInterceptor : Completing transaction for [METHOD_NAME]
2020-02-25 17:14:54.935 TRACE 25144 --- [http-nio-8080-exec-98] o.s.t.i.TransactionInterceptor : Getting transaction for [METHOD_NAME]
2020-02-25 17:14:54.942 TRACE 25144 --- [http-nio-8080-exec-98] o.s.t.i.TransactionInterceptor : Completing transaction for [METHOD_NAME]
2020-02-25 17:14:54.950 DEBUG 25144 --- [http-nio-8080-exec-98] c.c.c.r.persistence.CognDaoImpl : There is a user migrated to Cognito with user_id: SOME_UUID
2020-02-25 17:14:54.950 INFO 25144 --- [http-nio-8080-exec-98] c.c.c.r.c.AuthenticationController : my_email@mailinator.com has been migrated. Using Cognito for authentication.
2020-02-25 17:14:56.655 TRACE 25144 --- [http-nio-8080-exec-160] o.s.t.i.TransactionInterceptor : Getting transaction for [METHOD_NAME]
2020-02-25 17:14:56.673 TRACE 25144 --- [http-nio-8080-exec-160] o.s.t.i.TransactionInterceptor : Completing transaction for [METHOD_NAME]
2020-02-25 17:14:56.683 TRACE 25144 --- [http-nio-8080-exec-160] o.s.t.i.TransactionInterceptor : Getting transaction for [METHOD_NAME]
2020-02-25 17:14:56.692 TRACE 25144 --- [http-nio-8080-exec-160] o.s.t.i.TransactionInterceptor : Completing transaction for [METHOD_NAME]
2020-02-25 17:14:56.705 DEBUG 25144 --- [http-nio-8080-exec-160] c.c.c.r.persistence.CogDaoImpl : There is a user migrated to Cognito with user_id: SOME_UUID
2020-02-25 17:14:56.705 INFO 25144 --- [http-nio-8080-exec-160] c.c.c.r.c.AuthenticationController : my_email@mailinator.com has been migrated. Using Cognito for authentication.
...
【问题讨论】:
标签: java spring-boot amazon-cognito