laravel AWS Cognito 用户身份验证
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/39160321/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
AWS Cognito User Authentication
提问by user3227262
OK. Here is my thing.
好的。这是我的东西。
We are building a small application on top of Lumen/Laravel. We need the user management to be completely taken care by AWS cognito.
我们正在 Lumen/Laravel 之上构建一个小应用程序。我们需要 AWS Cognito 完全负责用户管理。
Basically 2 simple functionalities.
基本上有2个简单的功能。
- Push the user details to AWS cognito user pool upon user signup request.
- Authenticate the user against cognito user pool with simple email/mobile and password upon login request.
- 根据用户注册请求将用户详细信息推送到 AWS cognito 用户池。
- 根据登录请求,使用简单的电子邮件/移动设备和密码针对 cognito 用户池对用户进行身份验证。
We need to do this using PHP.
我们需要使用 PHP 来做到这一点。
Now the problem is, I am not able to find any PHP API docs with a clear procedure or examples. Cognito is providing API;s only for Android, IOS, JS, Unity and Xamarian. I need a similar kind of documentation for PHP.
现在的问题是,我找不到任何带有明确程序或示例的 PHP API 文档。Cognito 仅提供适用于 Android、IOS、JS、Unity 和 Xamarian 的 API。我需要类似的 PHP 文档。
Do anyone has a working example for just the above 2 features using cognito API's with PHP.
有没有人有使用 Cognito API 和 PHP 的上述 2 个功能的工作示例。
Note: I have almost spent more than a day and half figuring out whether and how this can be done. So please just dont send me any link which appears first or second on your google search. High possibility I might have already seen that link with no luck.
注意:我几乎花了一天半的时间来弄清楚是否可以以及如何做到这一点。因此,请不要向我发送任何在您的 google 搜索中出现在第一个或第二个的链接。很有可能我可能已经看到了那个链接,但没有运气。
Any help would be appreciated.
任何帮助,将不胜感激。
采纳答案by Yisha
Unfortunately, there are no working examples for PHP. Currently Cognito supports high level SDKs for those you mentioned, but doesn't support high level SDK for PHP. The low level SDK can be used by calling the APIs mentioned below.
不幸的是,没有适用于 PHP 的工作示例。目前 Cognito 支持您提到的那些高级 SDK,但不支持 PHP 的高级 SDK。可以通过调用下面提到的 API 来使用低级 SDK。
The example below should work with a bit of translation to PHP, as should most of the code inside this SDK https://github.com/aws/aws-sdk-android/blob/master/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/mobileconnectors/cognitoidentityprovider/CognitoUser.java
下面的示例应该对 PHP 进行一些转换,该 SDK 中的大部分代码也应该如此 https://github.com/aws/aws-sdk-android/blob/master/aws-android-sdk-cognitoidentityprovider/ src/main/java/com/amazonaws/mobileconnectors/cognitoidentityprovider/CognitoUser.java
Instead of calling InitiateAuth, you may want to call AdminInitiate auth API with ADMIN_NO_SRP_AUTH parameter, so that you don't need to do SRP computation in PHP. The high level SDKs provide a wrapper around this calculation that manages it for you, but doing it on your own is quite difficult.
您可能希望使用 ADMIN_NO_SRP_AUTH 参数调用 AdminInitiate auth API,而不是调用 InitiateAuth,这样您就不需要在 PHP 中进行 SRP 计算。高级 SDK 提供了一个围绕此计算的包装器,为您管理它,但您自己进行它是非常困难的。
回答by Mohamed Salem Lamiri
In order to be able to use any of the API requests you need first to setup your credentials properly. Doing it server side & outside EC2 instance, you will need to provide your AWS ACCESS KEY & AWS SECRET ACCESS KEY, App client ID, App client Secret and user pool idlike so
为了能够使用任何 API 请求,您首先需要正确设置您的凭据。做服务器端与外界的EC2实例,您需要提供您的AWS访问密钥和AWS访问密钥,App客户端ID,App客户端秘密和用户池ID,像这样
$args = [
'credentials' => [
'key' => 'AAAAAAAAAA',
'secret' => 'abacaaswfas',
],
'region' => 'eu-central-1',
'version' => 'latest',
'app_client_id' => '3asd123adfs1231sdfs',
'app_client_secret' => '1sdf123sdfs123sdfsfsdf132fd3213',
'user_pool_id' => 'eu-central-1_aaaW2Df3',
]
Otherwise you will see all possible kind of errors till you get the proper ID's in place.
否则,您将看到所有可能的错误,直到您获得正确的 ID。
To get AWS ACCESS KEY & AWS SECRET ACCESS KEY go to your AWS console, click on your name then go to account, then again click on your name, go to 'My security credentials' then I guess you'll find your way out ..
要获取 AWS 访问密钥和 AWS 秘密访问密钥,请转到您的 AWS 控制台,单击您的姓名,然后转到帐户,然后再次单击您的姓名,转到“我的安全凭证”,然后我想您会找到出路的。 .
To get App client ID, App client Secret you need to create your User Pool first, then go to App Client and create one. (you can find the pool id under General Settings)
要获得App client ID,App client Secret,你需要先创建你的User Pool,然后去App Client创建一个。(您可以在General Settings下找到池 ID )
A simple Login query
一个简单的登录查询
$client = new CognitoIdentityProviderClient($args);
$client->adminInitiateAuth([
'AuthFlow' => 'ADMIN_NO_SRP_AUTH',
'AuthParameters' => [
'USERNAME' => YOUR_USERNAME_HERE,
'PASSWORD' => YOUR_PASS_HERE,
'SECRET_HASH' => , base64_encode(hash_hmac('sha256', YOUR_USERNAME_HERE . APP_CLIENT_ID, APP_CLIENT_SECRET, true))
],
'ClientId' => APP_CLIENT_ID,
'UserPoolId' => USER_POOL_ID,
]);
if you get this to work you should be able to use any of the Actions listed in the documentation here
如果你让它工作,你应该能够使用这里的文档中列出的任何操作
Note:This is working on API Version 2016-04-18 & PHP 7.1, please make sure you are using the same version or at least there's no major changes in the API before assuming this will work for you.
注意:这适用于API 版本 2016-04-18 和 PHP 7.1,请确保您使用相同的版本,或者至少在 API 中没有重大更改,然后再假设这对您有用。
Note 2:The Id's I used are totally random .. but they should have the same format.
注 2:我使用的 Id 是完全随机的 .. 但它们应该具有相同的格式。
