AWS Cognito 用户身份验证缺少必需的参数 SRP_A [英] AWS Cognito user authentication Missing required parameter SRP_A

问题描述

我正在尝试使用 AWS Cognito 服务通过 ruby SDK 进行用户身份验证.

I am trying to use AWS Cognito services for user authentication through ruby SDK.

我可以注册，使用方法确认注册过程

I could able to sign_up, confirm sign_up process using the methods

  resp = client.sign_up({ client_id: "ClientIdType",
                          secret_hash: "SecretHashType",
                          username: "UsernameType",
                          password: "PasswordType",
                          user_attributes: [{ name:"AttributeNameType", 
                                    value: "AttributeValueType",
                                     }],
                          validation_data: [{
                          name: "AttributeNameType",
                          value: "AttributeValueType",
                                  }]
                          })

和confirm_sign_up 使用

and confirm_sign_up using

  resp = client.confirm_sign_up({client_id: "ClientIdType",
                                 secret_hash: "SecretHashType",
                                 username: "UsernameType",
                                 confirmation_code: "ConfirmationCodeType"
                                })

但是在尝试通过initiate_auth登录用户时出现错误缺少必需的参数SRP_A

But while trying to sign in the user through initiate_auth I am getting an error Missing required parameter SRP_A

cog_provider.initiate_auth({client_id: "xxxxxxxxx", auth_parameters: { username: "xxx", password: "xxx"}, auth_flow: "USER_SRP_AUTH"})

SRP_A 表示在哪里可以找到它.

What does SRP_A indicate where to find it.

我已经搜索过这个问题，建议使用 admin_initiate_auth 方法登录我认为不是最佳实践的用户.

I have searched for this problem and It is suggested to use the admin_initiate_auth method for signing in a user which I don't believe a best practice.

推荐答案

是的，SRP_A 是安全远程密码协议定义的大整数.您是尝试进行 SRP 还是仅使用用户名和密码进行身份验证.对于用户名/密码身份验证，您应该使用 AdminInitiateAuth 操作.

Yes, SRP_A is a large integer as defined by the Secure Remote Password Protocol. Are you trying to do SRP or just authenticate with username and password. For username/password authentication you should use the AdminInitiateAuth operation.

在我们的 SDK 中，您可以看到需要计算和传递的参数.以 Javascript SDK 为例:

In our SDKs, you can see the parameters that need to be computed and passed. Take for example the Javascript SDK:

https://github.com/aws/amazon-cognito-identity-js/blob/master/src/CognitoUser.js#L152

或者在 Android SDK 中:

Or in the Android SDK:

https://github.com/aws/aws-sdk-android/blob/master/aws-android-sdk-cognitoidentityprovider/src/main/java/com/amazonaws/mobileconnectors/cognitoidentityprovider/CognitoUser.java#L2123

这篇关于AWS Cognito 用户身份验证缺少必需的参数 SRP_A的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！