This is almost a direct port of capless/warrant
All crypto functions are tested against equivalent values produced by warrant
The version of this package in the master branch makes the assumption that it will be used directly with aws-sdk-go-v2. Because of this it intentionally leaks types from the aws package as part of its public API. This has the advantage of reducing code (slightly), but carries the larger disadvantages of complicating dependencies.
It is recommended you use version 2 of this package located in the v2 branch, though for now both versions will be maintained.
Import v2 of this package with go get github.com/alexrudd/cognito-srp/v2and update your imports and code accordingly.
package main
import (
"fmt"
"time"
"github.com/alexrudd/cognito-srp"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/aws/endpoints"
"github.com/aws/aws-sdk-go-v2/aws/external"
cip "github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider"
)
func main() {
// configure cognito srp
csrp, _ := cognitosrp.NewCognitoSRP("user", "pa55w0rd", "eu-west-1_myPoolId", "client", nil)
// configure cognito identity provider
cfg, _ := external.LoadDefaultAWSConfig()
cfg.Region = endpoints.EuWest1RegionID
cfg.Credentials = aws.AnonymousCredentials
svc := cip.New(cfg)
// initiate auth
req := svc.InitiateAuthRequest(&cip.InitiateAuthInput{
AuthFlow: cip.AuthFlowTypeUserSrpAuth,
ClientId: aws.String(csrp.GetClientId()),
AuthParameters: csrp.GetAuthParams(),
})
resp, _ := req.Send()
// respond to password verifier challenge
if resp.ChallengeName == cip.ChallengeNameTypePasswordVerifier {
challengeInput, _ := csrp.PasswordVerifierChallenge(resp.ChallengeParameters, time.Now())
chal := svc.RespondToAuthChallengeRequest(challengeInput)
resp, _ := chal.Send()
// print the tokens
fmt.Println(resp.AuthenticationResult)
} else {
// other challenges await...
}
}
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent