我想知道如何使用AWS Cognito Ruby SDK注册新用户。
到目前为止,我已经尝试过:
输入
AWS_KEY = "MY_AWS_KEY"
AWS_SECRET = "MY_AWS_SECRET"
client = Aws::CognitoIdentityProvider::Client.new(
access_key_id: AWS_KEY,
secret_access_key: AWS_SECRET,
region: 'us-east-1',
)
resp = client.sign_up({
client_id: "4d2c7274mc1bk4e9fr******", # required
username: "test@test.com", # required
password: "Password23sing", # required
user_attributes: [
{
name: "app", # required
value: "my app name",
},
],
validation_data: [
{
name: "username", # required
value: "true",
},
]
})
输出
Aws::CognitoIdentityProvider::Errors::NotAuthorizedException (Unable to verify secret hash for client 4d2c7274mc1bk4e9fr*****)
参考
https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/CognitoIdentityProvider/Client.html#sign_up-实例方法
如果您的应用程序客户端配置了客户端机密,则大多数客户端请求都要求您在请求的选项参数中包含"机密哈希"。Cognito文档如此描述秘密散列:
SecretHash值是Base64编码的密钥散列消息使用用户的密钥计算的验证码池客户端和用户名加上消息中的客户端ID。以下伪代码显示了如何计算此值。
Base64(HMAC_SHA256("客户端密钥"、"用户名"+"客户端Id"((
文档还通过一组示例Java清楚地表明,您应该推出自己的Java。经过一点实验,我成功地完成了以下sign_up调用(我的测试池设置为需要电子邮件和名称属性(:
def secret_hash(client_secret, username, client_id)
Base64.strict_encode64(OpenSSL::HMAC.digest('sha256', CLIENT_SECRET, username + CLIENT_ID))
end
client = Aws::CognitoIdentityProvider::Client.new(
access_key_id: AWS_KEY,
secret_access_key: AWS_SECRET,
region: REGION)
username = 'bob.scum@example.com'
resp = client.sign_up({
client_id: CLIENT_ID,
username: username,
password: 'Password23sing!',
secret_hash: secret_hash(CLIENT_SECRET, username, CLIENT_ID),
user_attributes: [{ name: 'email', value: username },
{ name: 'name', value: 'Bob' }],
validation_data: [{ name: 'username', value: 'true' },
{ name: 'email', value: 'true' }]
})
CLIENT_SECRET是可以在常规设置>下找到的应用程序客户端机密;应用程序客户端。
结果:
#<struct Aws::CognitoIdentityProvider::Types::SignUpResponse
user_confirmed=false,
code_delivery_details=nil,
user_sub="c87c2ac8-1480-4d15-a28d-6998d9260e73">