The highest tagged major version is v4.

cognitosrp

package module

v3.0.0 Latest Latest Go to latest Published: Nov 29, 2020 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/alexrudd/cognito-srp

Links

Open Source Insights

README ¶

cognito-srp

This is almost a direct port of capless/warrant

All crypto functions are tested against equivalent values produced by warrant

v2 - Removed dependency on aws-sdk-go-v2
v3 - Package and usage have been updated to improve compatibility with latest aws-sdk-go-v2 API

Usage

package main

import (
	"context"
	"fmt"
	"time"

	cognitosrp "github.com/alexrudd/cognito-srp/v3"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/config"
	cip "github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider"
	"github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider/types"
)

func main() {
	// configure cognito srp
	csrp, _ := cognitosrp.NewCognitoSRP("user", "pa55w0rd", "eu-west-1_myPoolId", "client", nil)

	// configure cognito identity provider
	cfg, _ := config.LoadDefaultConfig(
		config.WithRegion("eu-west-1"),
		config.WithCredentialsProvider(aws.AnonymousCredentials{}),
	)
	svc := cip.NewFromConfig(cfg)

	// initiate auth
	resp, err := svc.InitiateAuth(context.Background(), &cip.InitiateAuthInput{
		AuthFlow:       types.AuthFlowTypeUserSrpAuth,
		ClientId:       aws.String(csrp.GetClientId()),
		AuthParameters: csrp.GetAuthParams(),
	})
	if err != nil {
		panic(err)
	}

	// respond to password verifier challenge
	if resp.ChallengeName == types.ChallengeNameTypePasswordVerifier {
		challengeResponses, _ := csrp.PasswordVerifierChallenge(resp.ChallengeParameters, time.Now())

		resp, err := svc.RespondToAuthChallenge(context.Background(), &cip.RespondToAuthChallengeInput{
			ChallengeName:      types.ChallengeNameTypePasswordVerifier,
			ChallengeResponses: challengeResponses,
			ClientId:           aws.String(csrp.GetClientId()),
		})
		if err != nil {
			panic(err)
		}

		// print the tokens
		fmt.Printf("Access Token: %s\n", *resp.AuthenticationResult.AccessToken)
		fmt.Printf("ID Token: %s\n", *resp.AuthenticationResult.IdToken)
		fmt.Printf("Refresh Token: %s\n", *resp.AuthenticationResult.RefreshToken)
	} else {
		// other challenges await...
	}
}

Documentation ¶

Index ¶

type CognitoSRP
- func NewCognitoSRP(username, password, poolId, clientId string, clientSecret *string) (*CognitoSRP, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CognitoSRP ¶

type CognitoSRP struct {
	// contains filtered or unexported fields
}

CognitoSRP handles SRP authentication with AWS Cognito

func NewCognitoSRP ¶

func NewCognitoSRP(username, password, poolId, clientId string, clientSecret *string) (*CognitoSRP, error)

NewCognitoSRP creates a CognitoSRP object

func (*CognitoSRP) GetAuthParams ¶

func (csrp *CognitoSRP) GetAuthParams() map[string]*string

GetAuthParams returns the AuthParms map of values required for make InitiateAuth requests

func (*CognitoSRP) GetClientId ¶

func (csrp *CognitoSRP) GetClientId() string

GetClientId returns the configured Cognito Cient ID

func (*CognitoSRP) GetSecretHash ¶

func (csrp *CognitoSRP) GetSecretHash(username string) (string, error)

GetSecretHash returns the secret hash string required to make certain Cognito Identity Provider API calls (if client is configured with a secret)

func (*CognitoSRP) GetUserPoolId ¶

func (csrp *CognitoSRP) GetUserPoolId() string

GetUserPoolId returns the configured Cognito User Pool ID

func (*CognitoSRP) GetUserPoolName ¶

func (csrp *CognitoSRP) GetUserPoolName() string

GetUserPoolName returns the configured Cognito User Pool Name

func (*CognitoSRP) GetUsername ¶

func (csrp *CognitoSRP) GetUsername() string

GetUsername returns the configured Cognito user username

func (*CognitoSRP) PasswordVerifierChallenge ¶

func (csrp *CognitoSRP) PasswordVerifierChallenge(challengeParms map[string]*string, ts time.Time) (map[string]*string, error)

PasswordVerifierChallenge returns the ChallengeResponses map to be used inside the cognitoidentityprovider.RespondToAuthChallengeInput object which fulfils the PASSWORD_VERIFIER Cognito challenge

Source Files ¶

View all Source files

cognitosrp.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL