As traduções são geradas por tradução automática. Em caso de conflito entre o conteúdo da tradução e da versão original em inglês, a versão em inglês prevalecerá.
# Exemplos de código do Provedor de Identidade do Amazon Cognito usando o SDK para Kotlin
Os exemplos de código a seguir mostram como realizar ações e implementar cenários comuns usando o AWS SDK para Kotlin com o Amazon Cognito Identity Provider.
*Ações* são trechos de código de programas maiores e devem ser executadas em contexto. Embora as ações mostrem como chamar perfis de serviço individuais, você pode ver as ações no contexto em seus cenários relacionados.
*Cenários* são exemplos de código que mostram como realizar tarefas específicas chamando várias funções dentro de um serviço ou combinadas com outros Serviços da AWS.
Cada exemplo inclui um link para o código-fonte completo, em que você pode encontrar instruções sobre como configurar e executar o código.
**Topics**
+ [Ações](#actions)
+ [Cenários](#scenarios)
## Ações
### `AdminGetUser`
O código de exemplo a seguir mostra como usar `AdminGetUser`.
**SDK para Kotlin**
Tem mais sobre GitHub. Encontre o exemplo completo e saiba como configurar e executar no [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/cognito#code-examples).
```
suspend fun getAdminUser(
userNameVal: String?,
poolIdVal: String?,
) {
val userRequest =
AdminGetUserRequest {
username = userNameVal
userPoolId = poolIdVal
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
val response = identityProviderClient.adminGetUser(userRequest)
println("User status ${response.userStatus}")
}
}
```
+ Para obter detalhes da API, consulte a [AdminGetUser](https://sdk.amazonaws.com/kotlin/api/latest/index.html)referência da API *AWS SDK for Kotlin*.
### `AdminInitiateAuth`
O código de exemplo a seguir mostra como usar `AdminInitiateAuth`.
**SDK para Kotlin**
Tem mais sobre GitHub. Encontre o exemplo completo e saiba como configurar e executar no [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/cognito#code-examples).
```
suspend fun checkAuthMethod(
clientIdVal: String,
userNameVal: String,
passwordVal: String,
userPoolIdVal: String,
): AdminInitiateAuthResponse {
val authParas = mutableMapOf()
authParas["USERNAME"] = userNameVal
authParas["PASSWORD"] = passwordVal
val authRequest =
AdminInitiateAuthRequest {
clientId = clientIdVal
userPoolId = userPoolIdVal
authParameters = authParas
authFlow = AuthFlowType.AdminUserPasswordAuth
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
val response = identityProviderClient.adminInitiateAuth(authRequest)
println("Result Challenge is ${response.challengeName}")
return response
}
}
```
+ Para obter detalhes da API, consulte a [AdminInitiateAuth](https://sdk.amazonaws.com/kotlin/api/latest/index.html)referência da API *AWS SDK for Kotlin*.
### `AdminRespondToAuthChallenge`
O código de exemplo a seguir mostra como usar `AdminRespondToAuthChallenge`.
**SDK para Kotlin**
Tem mais sobre GitHub. Encontre o exemplo completo e saiba como configurar e executar no [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/cognito#code-examples).
```
// Respond to an authentication challenge.
suspend fun adminRespondToAuthChallenge(
userName: String,
clientIdVal: String?,
mfaCode: String,
sessionVal: String?,
) {
println("SOFTWARE_TOKEN_MFA challenge is generated")
val challengeResponsesOb = mutableMapOf()
challengeResponsesOb["USERNAME"] = userName
challengeResponsesOb["SOFTWARE_TOKEN_MFA_CODE"] = mfaCode
val adminRespondToAuthChallengeRequest =
AdminRespondToAuthChallengeRequest {
challengeName = ChallengeNameType.SoftwareTokenMfa
clientId = clientIdVal
challengeResponses = challengeResponsesOb
session = sessionVal
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
val respondToAuthChallengeResult = identityProviderClient.adminRespondToAuthChallenge(adminRespondToAuthChallengeRequest)
println("respondToAuthChallengeResult.getAuthenticationResult() ${respondToAuthChallengeResult.authenticationResult}")
}
}
```
+ Para obter detalhes da API, consulte a [AdminRespondToAuthChallenge](https://sdk.amazonaws.com/kotlin/api/latest/index.html)referência da API *AWS SDK for Kotlin*.
### `AssociateSoftwareToken`
O código de exemplo a seguir mostra como usar `AssociateSoftwareToken`.
**SDK para Kotlin**
Tem mais sobre GitHub. Encontre o exemplo completo e saiba como configurar e executar no [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/cognito#code-examples).
```
suspend fun getSecretForAppMFA(sessionVal: String?): String? {
val softwareTokenRequest =
AssociateSoftwareTokenRequest {
session = sessionVal
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
val tokenResponse = identityProviderClient.associateSoftwareToken(softwareTokenRequest)
val secretCode = tokenResponse.secretCode
println("Enter this token into Google Authenticator")
println(secretCode)
return tokenResponse.session
}
}
```
+ Para obter detalhes da API, consulte a [AssociateSoftwareToken](https://sdk.amazonaws.com/kotlin/api/latest/index.html)referência da API *AWS SDK for Kotlin*.
### `ConfirmSignUp`
O código de exemplo a seguir mostra como usar `ConfirmSignUp`.
**SDK para Kotlin**
Tem mais sobre GitHub. Encontre o exemplo completo e saiba como configurar e executar no [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/cognito#code-examples).
```
suspend fun confirmSignUp(
clientIdVal: String?,
codeVal: String?,
userNameVal: String?,
) {
val signUpRequest =
ConfirmSignUpRequest {
clientId = clientIdVal
confirmationCode = codeVal
username = userNameVal
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
identityProviderClient.confirmSignUp(signUpRequest)
println("$userNameVal was confirmed")
}
}
```
+ Para obter detalhes da API, consulte a [ConfirmSignUp](https://sdk.amazonaws.com/kotlin/api/latest/index.html)referência da API *AWS SDK for Kotlin*.
### `ListUsers`
O código de exemplo a seguir mostra como usar `ListUsers`.
**SDK para Kotlin**
Tem mais sobre GitHub. Encontre o exemplo completo e saiba como configurar e executar no [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/cognito#code-examples).
```
suspend fun listAllUsers(userPoolId: String) {
val request =
ListUsersRequest {
this.userPoolId = userPoolId
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { cognitoClient ->
val response = cognitoClient.listUsers(request)
response.users?.forEach { user ->
println("The user name is ${user.username}")
}
}
}
```
+ Para obter detalhes da API, consulte a [ListUsers](https://sdk.amazonaws.com/kotlin/api/latest/index.html)referência da API *AWS SDK for Kotlin*.
### `ResendConfirmationCode`
O código de exemplo a seguir mostra como usar `ResendConfirmationCode`.
**SDK para Kotlin**
Tem mais sobre GitHub. Encontre o exemplo completo e saiba como configurar e executar no [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/cognito#code-examples).
```
suspend fun resendConfirmationCode(
clientIdVal: String?,
userNameVal: String?,
) {
val codeRequest =
ResendConfirmationCodeRequest {
clientId = clientIdVal
username = userNameVal
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
val response = identityProviderClient.resendConfirmationCode(codeRequest)
println("Method of delivery is " + (response.codeDeliveryDetails?.deliveryMedium))
}
}
```
+ Para obter detalhes da API, consulte a [ResendConfirmationCode](https://sdk.amazonaws.com/kotlin/api/latest/index.html)referência da API *AWS SDK for Kotlin*.
### `SignUp`
O código de exemplo a seguir mostra como usar `SignUp`.
**SDK para Kotlin**
Tem mais sobre GitHub. Encontre o exemplo completo e saiba como configurar e executar no [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/cognito#code-examples).
```
suspend fun signUp(
clientIdVal: String?,
userNameVal: String?,
passwordVal: String?,
emailVal: String?,
) {
val userAttrs =
AttributeType {
name = "email"
value = emailVal
}
val userAttrsList = mutableListOf()
userAttrsList.add(userAttrs)
val signUpRequest =
SignUpRequest {
userAttributes = userAttrsList
username = userNameVal
clientId = clientIdVal
password = passwordVal
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
identityProviderClient.signUp(signUpRequest)
println("User has been signed up")
}
}
```
+ Para obter detalhes da API, consulte a [SignUp](https://sdk.amazonaws.com/kotlin/api/latest/index.html)referência da API *AWS SDK for Kotlin*.
### `VerifySoftwareToken`
O código de exemplo a seguir mostra como usar `VerifySoftwareToken`.
**SDK para Kotlin**
Tem mais sobre GitHub. Encontre o exemplo completo e saiba como configurar e executar no [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/cognito#code-examples).
```
// Verify the TOTP and register for MFA.
suspend fun verifyTOTP(
sessionVal: String?,
codeVal: String?,
) {
val tokenRequest =
VerifySoftwareTokenRequest {
userCode = codeVal
session = sessionVal
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
val verifyResponse = identityProviderClient.verifySoftwareToken(tokenRequest)
println("The status of the token is ${verifyResponse.status}")
}
}
```
+ Para obter detalhes da API, consulte a [VerifySoftwareToken](https://sdk.amazonaws.com/kotlin/api/latest/index.html)referência da API *AWS SDK for Kotlin*.
## Cenários
### Inscrever um usuário em um grupo de usuários que exija MFA
O exemplo de código a seguir mostra como:
+ Inscrever e confirmar um usuário com nome de usuário, senha e endereço de e-mail.
+ Configurar a autenticação multifator associando uma aplicação de MFA ao usuário.
+ Faça login usando uma senha e um código de MFA.
**SDK para Kotlin**
Tem mais sobre GitHub. Encontre o exemplo completo e saiba como configurar e executar no [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/cognito#code-examples).
```
/**
Before running this Kotlin code example, set up your development environment, including your credentials.
For more information, see the following documentation:
https://docs.aws.amazon.com/sdk-for-kotlin/latest/developer-guide/setup.html
TIP: To set up the required user pool, run the AWS Cloud Development Kit (AWS CDK) script provided in this GitHub repo at resources/cdk/cognito_scenario_user_pool_with_mfa.
This code example performs the following operations:
1. Invokes the signUp method to sign up a user.
2. Invokes the adminGetUser method to get the user's confirmation status.
3. Invokes the ResendConfirmationCode method if the user requested another code.
4. Invokes the confirmSignUp method.
5. Invokes the initiateAuth to sign in. This results in being prompted to set up TOTP (time-based one-time password). (The response is “ChallengeName”: “MFA_SETUP”).
6. Invokes the AssociateSoftwareToken method to generate a TOTP MFA private key. This can be used with Google Authenticator.
7. Invokes the VerifySoftwareToken method to verify the TOTP and register for MFA.
8. Invokes the AdminInitiateAuth to sign in again. This results in being prompted to submit a TOTP (Response: “ChallengeName”: “SOFTWARE_TOKEN_MFA”).
9. Invokes the AdminRespondToAuthChallenge to get back a token.
*/
suspend fun main(args: Array) {
val usage = """
Usage:
Where:
clientId - The app client Id value that you can get from the AWS CDK script.
poolId - The pool Id that you can get from the AWS CDK script.
"""
if (args.size != 2) {
println(usage)
exitProcess(1)
}
val clientId = args[0]
val poolId = args[1]
// Use the console to get data from the user.
println("*** Enter your use name")
val inOb = Scanner(System.`in`)
val userName = inOb.nextLine()
println(userName)
println("*** Enter your password")
val password: String = inOb.nextLine()
println("*** Enter your email")
val email = inOb.nextLine()
println("*** Signing up $userName")
signUp(clientId, userName, password, email)
println("*** Getting $userName in the user pool")
getAdminUser(userName, poolId)
println("*** Conformation code sent to $userName. Would you like to send a new code? (Yes/No)")
val ans = inOb.nextLine()
if (ans.compareTo("Yes") == 0) {
println("*** Sending a new confirmation code")
resendConfirmationCode(clientId, userName)
}
println("*** Enter the confirmation code that was emailed")
val code = inOb.nextLine()
confirmSignUp(clientId, code, userName)
println("*** Rechecking the status of $userName in the user pool")
getAdminUser(userName, poolId)
val authResponse = checkAuthMethod(clientId, userName, password, poolId)
val mySession = authResponse.session
val newSession = getSecretForAppMFA(mySession)
println("*** Enter the 6-digit code displayed in Google Authenticator")
val myCode = inOb.nextLine()
// Verify the TOTP and register for MFA.
verifyTOTP(newSession, myCode)
println("*** Re-enter a 6-digit code displayed in Google Authenticator")
val mfaCode: String = inOb.nextLine()
val authResponse1 = checkAuthMethod(clientId, userName, password, poolId)
val session2 = authResponse1.session
adminRespondToAuthChallenge(userName, clientId, mfaCode, session2)
}
suspend fun checkAuthMethod(
clientIdVal: String,
userNameVal: String,
passwordVal: String,
userPoolIdVal: String,
): AdminInitiateAuthResponse {
val authParas = mutableMapOf()
authParas["USERNAME"] = userNameVal
authParas["PASSWORD"] = passwordVal
val authRequest =
AdminInitiateAuthRequest {
clientId = clientIdVal
userPoolId = userPoolIdVal
authParameters = authParas
authFlow = AuthFlowType.AdminUserPasswordAuth
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
val response = identityProviderClient.adminInitiateAuth(authRequest)
println("Result Challenge is ${response.challengeName}")
return response
}
}
suspend fun resendConfirmationCode(
clientIdVal: String?,
userNameVal: String?,
) {
val codeRequest =
ResendConfirmationCodeRequest {
clientId = clientIdVal
username = userNameVal
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
val response = identityProviderClient.resendConfirmationCode(codeRequest)
println("Method of delivery is " + (response.codeDeliveryDetails?.deliveryMedium))
}
}
// Respond to an authentication challenge.
suspend fun adminRespondToAuthChallenge(
userName: String,
clientIdVal: String?,
mfaCode: String,
sessionVal: String?,
) {
println("SOFTWARE_TOKEN_MFA challenge is generated")
val challengeResponsesOb = mutableMapOf()
challengeResponsesOb["USERNAME"] = userName
challengeResponsesOb["SOFTWARE_TOKEN_MFA_CODE"] = mfaCode
val adminRespondToAuthChallengeRequest =
AdminRespondToAuthChallengeRequest {
challengeName = ChallengeNameType.SoftwareTokenMfa
clientId = clientIdVal
challengeResponses = challengeResponsesOb
session = sessionVal
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
val respondToAuthChallengeResult = identityProviderClient.adminRespondToAuthChallenge(adminRespondToAuthChallengeRequest)
println("respondToAuthChallengeResult.getAuthenticationResult() ${respondToAuthChallengeResult.authenticationResult}")
}
}
// Verify the TOTP and register for MFA.
suspend fun verifyTOTP(
sessionVal: String?,
codeVal: String?,
) {
val tokenRequest =
VerifySoftwareTokenRequest {
userCode = codeVal
session = sessionVal
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
val verifyResponse = identityProviderClient.verifySoftwareToken(tokenRequest)
println("The status of the token is ${verifyResponse.status}")
}
}
suspend fun getSecretForAppMFA(sessionVal: String?): String? {
val softwareTokenRequest =
AssociateSoftwareTokenRequest {
session = sessionVal
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
val tokenResponse = identityProviderClient.associateSoftwareToken(softwareTokenRequest)
val secretCode = tokenResponse.secretCode
println("Enter this token into Google Authenticator")
println(secretCode)
return tokenResponse.session
}
}
suspend fun confirmSignUp(
clientIdVal: String?,
codeVal: String?,
userNameVal: String?,
) {
val signUpRequest =
ConfirmSignUpRequest {
clientId = clientIdVal
confirmationCode = codeVal
username = userNameVal
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
identityProviderClient.confirmSignUp(signUpRequest)
println("$userNameVal was confirmed")
}
}
suspend fun getAdminUser(
userNameVal: String?,
poolIdVal: String?,
) {
val userRequest =
AdminGetUserRequest {
username = userNameVal
userPoolId = poolIdVal
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
val response = identityProviderClient.adminGetUser(userRequest)
println("User status ${response.userStatus}")
}
}
suspend fun signUp(
clientIdVal: String?,
userNameVal: String?,
passwordVal: String?,
emailVal: String?,
) {
val userAttrs =
AttributeType {
name = "email"
value = emailVal
}
val userAttrsList = mutableListOf()
userAttrsList.add(userAttrs)
val signUpRequest =
SignUpRequest {
userAttributes = userAttrsList
username = userNameVal
clientId = clientIdVal
password = passwordVal
}
CognitoIdentityProviderClient.fromEnvironment { region = "us-east-1" }.use { identityProviderClient ->
identityProviderClient.signUp(signUpRequest)
println("User has been signed up")
}
}
```
+ Consulte detalhes da API nos tópicos a seguir na *Referência de API do AWS SDK para Kotlin*.
+ [AdminGetUser](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [AdminInitiateAuth](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [AdminRespondToAuthChallenge](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [AssociateSoftwareToken](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [ConfirmDevice](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [ConfirmSignUp](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [InitiateAuth](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [ListUsers](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [ResendConfirmationCode](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [RespondToAuthChallenge](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [SignUp](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [VerifySoftwareToken](https://sdk.amazonaws.com/kotlin/api/latest/index.html)