The highest tagged major version is v4.

cognitosrp

package module

v2.0.1 Latest Latest Go to latest Published: Nov 29, 2020 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/alexrudd/cognito-srp

Links

Open Source Insights

README ¶

cognito-srp

This is almost a direct port of capless/warrant

All crypto functions are tested against equivalent values produced by warrant

v2

The version of this package in the master branch makes the assumption that it will be used directly with aws-sdk-go-v2. Because of this it intentionally leaks types from the aws package as part of its public API. This has the advantage of reducing code (slightly), but carries the larger disadvantages of complicating dependencies.

It is recommended you use version 2 of this package located in the v2 branch, though for now both versions will be maintained.

Import v2 of this package with go get github.com/alexrudd/cognito-srp/v2and update your imports and code accordingly.

Usage

package main

import (
    "fmt"
    "time"

    "github.com/alexrudd/cognito-srp/v2"
    "github.com/aws/aws-sdk-go-v2/aws"
    "github.com/aws/aws-sdk-go-v2/aws/endpoints"
    "github.com/aws/aws-sdk-go-v2/aws/external"
    cip "github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider"
)

func main() {
    // configure cognito srp
    csrp, _ := cognitosrp.NewCognitoSRP("user", "pa55w0rd", "eu-west-1_myPoolId", "client", nil)

    // configure cognito identity provider
    cfg, _ := external.LoadDefaultAWSConfig()
    cfg.Region = endpoints.EuWest1RegionID
    cfg.Credentials = aws.AnonymousCredentials
    svc := cip.New(cfg)

    // initiate auth
    req := svc.InitiateAuthRequest(&cip.InitiateAuthInput{
        AuthFlow:       cip.AuthFlowTypeUserSrpAuth,
        ClientId:       aws.String(csrp.GetClientId()),
        AuthParameters: csrp.GetAuthParams(),
    })
    resp, _ := req.Send()

    // respond to password verifier challenge
    if resp.ChallengeName == cip.ChallengeNameTypePasswordVerifier {
        challengeResponses, _ := csrp.PasswordVerifierChallenge(resp.ChallengeParameters, time.Now())
        chal := svc.RespondToAuthChallengeRequest(&cip.RespondToAuthChallengeInput{
            ChallengeName:      cip.ChallengeNameTypePasswordVerifier,
            ChallengeResponses: challengeResponses,
            ClientId:           aws.String(csrp.GetClientId()),
        })
        resp, _ := chal.Send()

        // print the tokens
        fmt.Println(resp.AuthenticationResult)
    } else {
        // other challenges await...
    }
}

Documentation ¶

Index ¶

type CognitoSRP
- func NewCognitoSRP(username, password, poolId, clientId string, clientSecret *string) (*CognitoSRP, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CognitoSRP ¶

type CognitoSRP struct {
	// contains filtered or unexported fields
}

CognitoSRP handles SRP authentication with AWS Cognito

func NewCognitoSRP ¶

func NewCognitoSRP(username, password, poolId, clientId string, clientSecret *string) (*CognitoSRP, error)

NewCognitoSRP creates a CognitoSRP object

func (*CognitoSRP) GetAuthParams ¶

func (csrp *CognitoSRP) GetAuthParams() map[string]string

GetAuthParams returns the AuthParms map of values required for make InitiateAuth requests

func (*CognitoSRP) GetClientId ¶

func (csrp *CognitoSRP) GetClientId() string

GetClientId returns the configured Cognito Cient ID

func (*CognitoSRP) GetSecretHash ¶

func (csrp *CognitoSRP) GetSecretHash(username string) (string, error)

GetSecretHash returns the secret hash string required to make certain Cognito Identity Provider API calls (if client is configured with a secret)

func (*CognitoSRP) GetUserPoolId ¶

func (csrp *CognitoSRP) GetUserPoolId() string

GetUserPoolId returns the configured Cognito User Pool ID

func (*CognitoSRP) GetUserPoolName ¶

func (csrp *CognitoSRP) GetUserPoolName() string

GetUserPoolName returns the configured Cognito User Pool Name

func (*CognitoSRP) GetUsername ¶

func (csrp *CognitoSRP) GetUsername() string

GetUsername returns the configured Cognito user username

func (*CognitoSRP) PasswordVerifierChallenge ¶

func (csrp *CognitoSRP) PasswordVerifierChallenge(challengeParms map[string]string, ts time.Time) (map[string]string, error)

PasswordVerifierChallenge returns the ChallengeResponses map to be used inside the cognitoidentityprovider.RespondToAuthChallengeInput object which fulfils the PASSWORD_VERIFIER Cognito challenge

Source Files ¶

View all Source files

cognitosrp.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL