Ada lebih banyak contoh AWS SDK yang tersedia di repo Contoh [SDK AWS Doc](https://github.com/awsdocs/aws-doc-sdk-examples). GitHub
Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.
# Gunakan `InitiateAuth` dengan AWS SDK atau CLI
Contoh kode berikut menunjukkan cara menggunakan`InitiateAuth`.
Contoh tindakan adalah kutipan kode dari program yang lebih besar dan harus dijalankan dalam konteks. Anda dapat melihat tindakan ini dalam konteks dalam contoh kode berikut:
+ [Secara otomatis mengonfirmasi pengguna yang dikenal dengan fungsi Lambda](cognito-identity-provider_example_cross_CognitoAutoConfirmUser_section.md)
+ [Secara otomatis memigrasikan pengguna yang dikenal dengan fungsi Lambda](cognito-identity-provider_example_cross_CognitoAutoMigrateUser_section.md)
+ [Mendaftar pengguna dengan kumpulan pengguna yang membutuhkan MFA](cognito-identity-provider_example_cognito-identity-provider_Scenario_SignUpUserWithMfa_section.md)
+ [Menulis data aktivitas khusus dengan fungsi Lambda setelah autentikasi pengguna Amazon Cognito](cognito-identity-provider_example_cross_CognitoCustomActivityLog_section.md)
------
#### [ .NET ]
**SDK untuk .NET**
Ada lebih banyak tentang GitHub. Temukan contoh lengkapnya dan pelajari cara mengatur dan menjalankannya di [Repositori Contoh Kode AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/Cognito#code-examples).
```
///
/// Initiate authorization.
///
/// The client Id of the application.
/// The name of the user who is authenticating.
/// The password for the user who is authenticating.
/// The response from the initiate auth request.
public async Task InitiateAuthAsync(string clientId, string userName, string password)
{
var authParameters = new Dictionary();
authParameters.Add("USERNAME", userName);
authParameters.Add("PASSWORD", password);
var authRequest = new InitiateAuthRequest
{
ClientId = clientId,
AuthParameters = authParameters,
AuthFlow = AuthFlowType.USER_PASSWORD_AUTH,
};
var response = await _cognitoService.InitiateAuthAsync(authRequest);
Console.WriteLine($"Result Challenge is : {response.ChallengeName}");
return response;
}
```
+ Untuk detail API, lihat [InitiateAuth](https://docs.aws.amazon.com/goto/DotNetSDKV3/cognito-idp-2016-04-18/InitiateAuth)di *Referensi AWS SDK untuk .NET API*.
------
#### [ CLI ]
**AWS CLI**
**Untuk masuk ke pengguna**
`initiate-auth`Contoh berikut masuk ke pengguna dengan alur username-password dasar dan tidak ada tantangan tambahan.
```
aws cognito-idp initiate-auth \
--auth-flow USER_PASSWORD_AUTH \
--client-id 1example23456789 \
--analytics-metadata AnalyticsEndpointId=d70b2ba36a8c4dc5a04a0451aEXAMPLE \
--auth-parameters USERNAME=testuser,PASSWORD=[Password] --user-context-data EncodedData=mycontextdata --client-metadata MyTestKey=MyTestValue
```
Output:
```
{
"AuthenticationResult": {
"AccessToken": "eyJra456defEXAMPLE",
"ExpiresIn": 3600,
"TokenType": "Bearer",
"RefreshToken": "eyJra123abcEXAMPLE",
"IdToken": "eyJra789ghiEXAMPLE",
"NewDeviceMetadata": {
"DeviceKey": "us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
"DeviceGroupKey": "-v7w9UcY6"
}
}
}
```
Untuk informasi selengkapnya, lihat [Otentikasi](https://docs.aws.amazon.com/cognito/latest/developerguide/authentication.html) di Panduan Pengembang *Amazon Cognito*.
+ Untuk detail API, lihat [InitiateAuth](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/cognito-idp/initiate-auth.html)di *Referensi AWS CLI Perintah*.
------
#### [ Go ]
**SDK untuk Go V2**
Ada lebih banyak tentang GitHub. Temukan contoh lengkapnya dan pelajari cara mengatur dan menjalankannya di [Repositori Contoh Kode AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/gov2/cognito#code-examples).
```
import (
"context"
"errors"
"log"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider"
"github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider/types"
)
type CognitoActions struct {
CognitoClient *cognitoidentityprovider.Client
}
// SignIn signs in a user to Amazon Cognito using a username and password authentication flow.
func (actor CognitoActions) SignIn(ctx context.Context, clientId string, userName string, password string) (*types.AuthenticationResultType, error) {
var authResult *types.AuthenticationResultType
output, err := actor.CognitoClient.InitiateAuth(ctx, &cognitoidentityprovider.InitiateAuthInput{
AuthFlow: "USER_PASSWORD_AUTH",
ClientId: aws.String(clientId),
AuthParameters: map[string]string{"USERNAME": userName, "PASSWORD": password},
})
if err != nil {
var resetRequired *types.PasswordResetRequiredException
if errors.As(err, &resetRequired) {
log.Println(*resetRequired.Message)
} else {
log.Printf("Couldn't sign in user %v. Here's why: %v\n", userName, err)
}
} else {
authResult = output.AuthenticationResult
}
return authResult, err
}
```
+ Untuk detail API, lihat [InitiateAuth](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider#Client.InitiateAuth)di *Referensi AWS SDK untuk Go API*.
------
#### [ JavaScript ]
**SDK untuk JavaScript (v3)**
Ada lebih banyak tentang GitHub. Temukan contoh lengkapnya dan pelajari cara mengatur dan menjalankannya di [Repositori Contoh Kode AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/cognito-identity-provider#code-examples).
```
const initiateAuth = ({ username, password, clientId }) => {
const client = new CognitoIdentityProviderClient({});
const command = new InitiateAuthCommand({
AuthFlow: AuthFlowType.USER_PASSWORD_AUTH,
AuthParameters: {
USERNAME: username,
PASSWORD: password,
},
ClientId: clientId,
});
return client.send(command);
};
```
+ Untuk detail API, lihat [InitiateAuth](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/cognito-identity-provider/command/InitiateAuthCommand)di *Referensi AWS SDK untuk JavaScript API*.
------
#### [ Python ]
**SDK untuk Python (Boto3)**
Ada lebih banyak tentang GitHub. Temukan contoh lengkapnya dan pelajari cara mengatur dan menjalankannya di [Repositori Contoh Kode AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/cognito#code-examples).
Contoh ini menunjukkan cara memulai otentikasi dengan perangkat yang dilacak. Untuk menyelesaikan proses masuk, klien harus merespons tantangan Secure Remote Password (SRP) dengan benar.
```
class CognitoIdentityProviderWrapper:
"""Encapsulates Amazon Cognito actions"""
def __init__(self, cognito_idp_client, user_pool_id, client_id, client_secret=None):
"""
:param cognito_idp_client: A Boto3 Amazon Cognito Identity Provider client.
:param user_pool_id: The ID of an existing Amazon Cognito user pool.
:param client_id: The ID of a client application registered with the user pool.
:param client_secret: The client secret, if the client has a secret.
"""
self.cognito_idp_client = cognito_idp_client
self.user_pool_id = user_pool_id
self.client_id = client_id
self.client_secret = client_secret
def sign_in_with_tracked_device(
self,
user_name,
password,
device_key,
device_group_key,
device_password,
aws_srp,
):
"""
Signs in to Amazon Cognito as a user who has a tracked device. Signing in
with a tracked device lets a user sign in without entering a new MFA code.
Signing in with a tracked device requires that the client respond to the SRP
protocol. The scenario associated with this example uses the warrant package
to help with SRP calculations.
For more information on SRP, see https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol.
:param user_name: The user that is associated with the device.
:param password: The user's password.
:param device_key: The key of a tracked device.
:param device_group_key: The group key of a tracked device.
:param device_password: The password that is associated with the device.
:param aws_srp: A class that helps with SRP calculations. The scenario
associated with this example uses the warrant package.
:return: The result of the authentication. When successful, this contains an
access token for the user.
"""
try:
srp_helper = aws_srp.AWSSRP(
username=user_name,
password=device_password,
pool_id="_",
client_id=self.client_id,
client_secret=None,
client=self.cognito_idp_client,
)
response_init = self.cognito_idp_client.initiate_auth(
ClientId=self.client_id,
AuthFlow="USER_PASSWORD_AUTH",
AuthParameters={
"USERNAME": user_name,
"PASSWORD": password,
"DEVICE_KEY": device_key,
},
)
if response_init["ChallengeName"] != "DEVICE_SRP_AUTH":
raise RuntimeError(
f"Expected DEVICE_SRP_AUTH challenge but got {response_init['ChallengeName']}."
)
auth_params = srp_helper.get_auth_params()
auth_params["DEVICE_KEY"] = device_key
response_auth = self.cognito_idp_client.respond_to_auth_challenge(
ClientId=self.client_id,
ChallengeName="DEVICE_SRP_AUTH",
ChallengeResponses=auth_params,
)
if response_auth["ChallengeName"] != "DEVICE_PASSWORD_VERIFIER":
raise RuntimeError(
f"Expected DEVICE_PASSWORD_VERIFIER challenge but got "
f"{response_init['ChallengeName']}."
)
challenge_params = response_auth["ChallengeParameters"]
challenge_params["USER_ID_FOR_SRP"] = device_group_key + device_key
cr = srp_helper.process_challenge(challenge_params, {"USERNAME": user_name})
cr["USERNAME"] = user_name
cr["DEVICE_KEY"] = device_key
response_verifier = self.cognito_idp_client.respond_to_auth_challenge(
ClientId=self.client_id,
ChallengeName="DEVICE_PASSWORD_VERIFIER",
ChallengeResponses=cr,
)
auth_tokens = response_verifier["AuthenticationResult"]
except ClientError as err:
logger.error(
"Couldn't start client sign in for %s. Here's why: %s: %s",
user_name,
err.response["Error"]["Code"],
err.response["Error"]["Message"],
)
raise
else:
return auth_tokens
```
+ Untuk detail API, lihat [InitiateAuth](https://docs.aws.amazon.com/goto/boto3/cognito-idp-2016-04-18/InitiateAuth)di *AWS SDK for Python (Boto3) Referensi* API.
------