如何使用AWS Cognito Ruby SDK注册新用户? [英] How to register a new user using AWS Cognito Ruby SDK?
问题描述
我想知道如何使用AWS Cognito Ruby SDK注册新用户.
I would like to know how to register a new user using AWS Cognito Ruby SDK.
到目前为止,我已经尝试过:
So far I tried:
输入
AWS_KEY = "MY_AWS_KEY"
AWS_SECRET = "MY_AWS_SECRET"
client = Aws::CognitoIdentityProvider::Client.new(
access_key_id: AWS_KEY,
secret_access_key: AWS_SECRET,
region: 'us-east-1',
)
resp = client.sign_up({
client_id: "4d2c7274mc1bk4e9fr******", # required
username: "test@test.com", # required
password: "Password23sing", # required
user_attributes: [
{
name: "app", # required
value: "my app name",
},
],
validation_data: [
{
name: "username", # required
value: "true",
},
]
})
输出
Aws::CognitoIdentityProvider::Errors::NotAuthorizedException (Unable to verify secret hash for client 4d2c7274mc1bk4e9fr*****)
参考
预先感谢
推荐答案
如果您的应用程序客户端配置了客户端密码,则大多数客户端请求都要求您在请求的选项参数中包含秘密哈希".认知文档这样描述了秘密哈希:
If your app client is configured with a client secret, most of the client requests require you to include a 'secret hash' in the options parameters of the request. The Cognito docs describe the secret hash thusly:
SecretHash值是Base 64编码的键哈希消息使用用户的密钥计算出的验证码(HMAC)池中的客户端和用户名以及消息中的客户端ID.以下伪代码显示了如何计算此值.
The SecretHash value is a Base 64-encoded keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message. The following pseudocode shows how this value is calculated.
Base64(HMAC_SHA256(客户端密钥",用户名" +客户端ID"))
Base64 ( HMAC_SHA256 ( "Client Secret Key", "Username" + "Client Id" ) )
文档还通过一组示例Java明确表明,您应该自己滚动.经过一些试验,我可以使用以下命令成功完成 sign_up
调用(我的测试池已设置为需要电子邮件和名称属性):
The docs also make it clear via a glob of sample Java that you are expected to roll your own. After a bit of experimenting I was able to successfully complete a sign_up
call with the following (my test pool was set up to require email and name attributes):
def secret_hash(client_secret, username, client_id)
Base64.strict_encode64(OpenSSL::HMAC.digest('sha256', CLIENT_SECRET, username + CLIENT_ID))
end
client = Aws::CognitoIdentityProvider::Client.new(
access_key_id: AWS_KEY,
secret_access_key: AWS_SECRET,
region: REGION)
username = 'bob.scum@example.com'
resp = client.sign_up({
client_id: CLIENT_ID,
username: username,
password: 'Password23sing!',
secret_hash: secret_hash(CLIENT_SECRET, username, CLIENT_ID),
user_attributes: [{ name: 'email', value: username },
{ name: 'name', value: 'Bob' }],
validation_data: [{ name: 'username', value: 'true' },
{ name: 'email', value: 'true' }]
})
CLIENT_SECRET
是应用客户端密码,可以在常规设置>下找到.应用客户端.
CLIENT_SECRET
is the app client secret that can be found under General Settings > App Clients.
结果:
#<struct Aws::CognitoIdentityProvider::Types::SignUpResponse
user_confirmed=false,
code_delivery_details=nil,
user_sub="c87c2ac8-1480-4d15-a28d-6998d9260e73">
这篇关于如何使用AWS Cognito Ruby SDK注册新用户?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!