使用 Amazon Cognito - Amazon SDK for Java
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 Amazon Web Services 服务入门

您现在可以使用Amazon S3转移经理(开发人员预览版)中的Amazon SDK for Java2.x 用于加速文件传输。试试一下然后告诉我们您的想法

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

使用 Amazon Cognito

利用 Amazon Cognito,您可以快速地将用户注册或登录功能添加到 Web 或移动应用程序中。此处的示例演示了Amazon Cognito.

创建用户池

用户池是可以为 Web 或移动应用程序配置的用户目录。

要创建用户池,请先构建一个 CreateUserPoolRequest 对象,并将用户池的名称用作该对象的 poolName() 的值。调用createUserPool()您的方式CreateUserPoolRequest,传入到中CreateUserPoolRequest对象。可以将此请求的结果作为 CreateUserPoolResponse 对象捕获,如以下代码段中所示。

导入

import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.CreateUserPoolRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.CreateUserPoolResponse;

代码

public static String createPool(CognitoIdentityProviderClient cognitoClient, String userPoolName ) { try { CreateUserPoolResponse response = cognitoClient.createUserPool( CreateUserPoolRequest.builder() .poolName(userPoolName) .build() ); return response.userPool().id(); } catch (CognitoIdentityProviderException e){ System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } return ""; }

请参阅 GitHub 上的完整示例

列出用户池中的用户

要列出用户池中的用户,请先构建一个 ListUserPoolsRequest 对象,并将最大结果数用作该对象的 maxResults() 的值。调用 CognitoIdentityProviderClientlistUserPools() 方法,并传入 ListUserPoolsRequest 对象。可以将此请求的结果作为 ListUserPoolsResponse 对象捕获,如以下代码段中所示。创建一个 UserPoolDescriptionType 对象以轻松遍历结果并提取每个用户的属性。

导入

import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.ListUserPoolsRequest;

代码

public static void listAllUserPools(CognitoIdentityProviderClient cognitoClient ) { try { ListUserPoolsRequest request = ListUserPoolsRequest.builder() .maxResults(10) .build(); ListUserPoolsResponse response = cognitoClient.listUserPools(request); response.userPools().forEach(userpool -> { System.out.println("User pool " + userpool.name() + ", User ID " + userpool.id() ); } ); } catch (CognitoIdentityProviderException e){ System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } }

请参阅 GitHub 上的完整示例

创建 身份池

身份池是一个容器,可整理来自外部身份提供商的 ID,并为每个用户保留一个唯一标识符。要创建身份池,请先构建一个 CreateIdentityPoolRequest,并将用户池的名称用作其 identityPoolName() 的值。将 allowUnauthenticatedIdentities() 设置为 truefalse。调用 CognitoIdentityClient 对象的 createIdentityPool() 方法,并传入 CreateIdentityPoolRequest 对象。可以将此请求的结果作为 CreateIdentityPoolResponse 对象捕获,如以下代码段中所示。

导入

import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentity.CognitoIdentityClient; import software.amazon.awssdk.services.cognitoidentity.model.CreateIdentityPoolRequest; import software.amazon.awssdk.services.cognitoidentity.model.CreateIdentityPoolResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException;

代码

public static String createIdPool(CognitoIdentityClient cognitoClient, String identityPoolName ) { try { CreateIdentityPoolRequest poolRequest = CreateIdentityPoolRequest.builder() .allowUnauthenticatedIdentities(false) .identityPoolName(identityPoolName) .build() ; CreateIdentityPoolResponse response = cognitoClient.createIdentityPool(poolRequest); return response.identityPoolId(); } catch (CognitoIdentityProviderException e){ System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } return ""; }

请参阅 GitHub 上的完整示例

添加应用程序客户端

要为您的应用程序启用托管 Web 注册或登录 UI,请创建应用程序客户端。要创建应用程序客户端,请先构建一个 CreateUserPoolClientRequest 对象,并将客户端的名称用作该对象的 clientName() 的值。将 userPoolId() 设置为要将此应用程序客户端附加到的用户池的 ID。调用 CognitoIdentityProviderClientcreateUserPoolClient() 方法,并传入 CreateUserPoolClientRequest 对象。可以将此请求的结果作为 CreateUserPoolClientResponse 对象捕获,如以下代码段中所示。

导入

import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import software.amazon.awssdk.services.cognitoidentityprovider.model.CreateUserPoolClientRequest; import software.amazon.awssdk.services.cognitoidentityprovider.model.CreateUserPoolClientResponse;

代码

public static void createPoolClient ( CognitoIdentityProviderClient cognitoClient, String clientName, String userPoolId ) { try { CreateUserPoolClientResponse response = cognitoClient.createUserPoolClient( CreateUserPoolClientRequest.builder() .clientName(clientName) .userPoolId(userPoolId) .build() ); System.out.println("User pool " + response.userPoolClient().clientName() + " created. ID: " + response.userPoolClient().clientId()); } catch (CognitoIdentityProviderException e){ System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } }

请参阅 GitHub 上的完整示例

添加第三方身份提供商

通过添加外部身份提供商 (IdP),可允许您的用户使用该服务的登录机制登录您的应用程序。要添加第三方 IdP,请先构建一个 UpdateIdentityPoolRequest 对象,并将身份池的名称用作该对象的 identityPoolName() 的值。将 allowUnauthenticatedIdentities() 设置为 truefalse,指定 identityPoolId(),并使用 supportedLoginProviders() 定义将受支持的登录提供商。调用 CognitoIdentityClientupdateIdentityPool() 方法,并传入 UpdateIdentityPoolRequest 对象。可以将此请求的结果作为 UpdateIdentityPoolResponse 对象捕获,如以下代码段中所示。

导入

import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentity.CognitoIdentityClient; import software.amazon.awssdk.services.cognitoidentity.model.CognitoIdentityProvider; import software.amazon.awssdk.services.cognitoidentity.model.UpdateIdentityPoolRequest; import software.amazon.awssdk.services.cognitoidentity.model.UpdateIdentityPoolResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException; import java.util.ArrayList; import java.util.List;

代码

public static void createNewUser(CognitoIdentityProviderClient cognitoClient, String userPoolId, String name, String email, String password){ try{ AttributeType userAttrs = AttributeType.builder() .name("email") .value(email) .build(); AdminCreateUserRequest userRequest = AdminCreateUserRequest.builder() .userPoolId(userPoolId) .username(name) .temporaryPassword(password) .userAttributes(userAttrs) .messageAction("SUPPRESS") .build() ; AdminCreateUserResponse response = cognitoClient.adminCreateUser(userRequest); System.out.println("User " + response.user().username() + "is created. Status: " + response.user().userStatus()); } catch (CognitoIdentityProviderException e){ System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } }

请参阅 GitHub 上的完整示例

获取 ID 的凭证

要获取身份池中身份的凭证,请先构建GetCredentialsForIdentityRequest以身份 ID 作为其价值identityId(). 调用 CognitoIdentityClientgetCredentialsForIdentity() 方法,并传入 GetCredentialsForIdentityRequest 对象。可以将此请求的结果作为 GetCredentialsForIdentityResponse 对象捕获,如以下代码段中所示。

导入

import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.cognitoidentity.CognitoIdentityClient; import software.amazon.awssdk.services.cognitoidentity.model.GetCredentialsForIdentityRequest; import software.amazon.awssdk.services.cognitoidentity.model.GetCredentialsForIdentityResponse; import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException;

代码

public static void getCredsForIdentity(CognitoIdentityClient cognitoClient, String identityId) { try { GetCredentialsForIdentityRequest getCredentialsForIdentityRequest = GetCredentialsForIdentityRequest.builder() .identityId(identityId) .build(); GetCredentialsForIdentityResponse response = cognitoClient.getCredentialsForIdentity(getCredentialsForIdentityRequest); System.out.println("Identity ID " + response.identityId() + ", Access key ID " + response.credentials().accessKeyId()); } catch (CognitoIdentityProviderException e) { System.err.println(e.awsErrorDetails().errorMessage()); System.exit(1); } }

请参阅 GitHub 上的完整示例

有关更多信息,请参见 Amazon Cognito 开发人员指南