问题
I'm trying to integrate SAML with Amazon Cognito through an android application. I followed a series of YouTube videos by 101apps.co.za where I was successfully able to authenticate a manually created user on the Cognito console itself through both the hosted UI using the link format they provide in their documentation and through my simple android app.
In my scenario, I'm supposed to authenticate users using Office 365 email id's and passwords since this is a corporate environment. I did follow an article which I managed to successfully log in using Office 365. Link - AWS Cognito With Federation To Office 365 I was able to sign in easily using the generated UI by Cognito. Refer below image
The only problem is that I cannot get this to work on my Android application. Below is the error I get.
Login failed User does not exist. (Service: AmazonCognitoIdentityProvider; Status Code: 400; Error Code: UserNotFoundException; Request ID: 3cd1e93e-d118-11e8-af77-098f4bda99f1)
Below is code from my simple Android App that has 2 textboxes for username, password and a button to log in. This was implemented following the tutorial series on YouTube I mentioned earlier.
package com.midassafety.chulankumara.googleauthentication;
import android.support.v7.app.AppCompatActivity;
import android.os.Bundle;
import android.util.Log;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import android.widget.TextView;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoDevice;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUserSession;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.AuthenticationContinuation;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.AuthenticationDetails;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.ChallengeContinuation;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.MultiFactorAuthenticationContinuation;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.handlers.AuthenticationHandler;
import org.w3c.dom.Text;
public class LoginActivity extends AppCompatActivity {
private static final String TAG = "Cognito";
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_login);
final EditText editTextUsername = findViewById(R.id.username);
final EditText editTextPassword = findViewById(R.id.password);
final AuthenticationHandler authenticationHandler = new AuthenticationHandler() {
@Override
public void onSuccess(CognitoUserSession cognitoUserSession, CognitoDevice cognitoDevice) {
Log.i(TAG, "Login successfull, can get tokens here");
cognitoUserSession.getIdToken();
}
@Override
public void getAuthenticationDetails(AuthenticationContinuation authenticationContinuation, String userId) {
Log.i(TAG, "Login getAuthenticationDetails()...");
/*need to get the userId & password to continue*/
AuthenticationDetails authenticationDetails = new AuthenticationDetails(userId, String.valueOf(editTextPassword.getText()), null);
// Pass the user sign-in credentials to the continuation
authenticationContinuation.setAuthenticationDetails(authenticationDetails);
// Allow this sign-in to continue
authenticationContinuation.continueTask();
}
@Override
public void getMFACode(MultiFactorAuthenticationContinuation multiFactorAuthenticationContinuation) {
Log.i(TAG, "Login getMFACode()...");
}
@Override
public void authenticationChallenge(ChallengeContinuation challengeContinuation) {
Log.i(TAG, "Login authenticationChallenge()...");
}
@Override
public void onFailure(Exception e) {
Log.i(TAG,"Login failed " + e.getLocalizedMessage());
}
};
Button buttonLogin = findViewById(R.id.login);
buttonLogin.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
CognitoSettings cognitoSettings = new CognitoSettings(LoginActivity.this);
CognitoUser thisUser = cognitoSettings.getUserPool().getUser(String.valueOf(editTextUsername.getText()));
Log.i(TAG,"Login button clicked....");
thisUser.getSessionInBackground(authenticationHandler);
}
});
}
}
This is the CognitoSettings.java class to handle the basic settings
package com.midassafety.chulankumara.googleauthentication;
import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.os.Bundle;
import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import android.support.v7.app.AppCompatActivity;
import android.util.Log;
import android.view.Gravity;
import android.view.View;
import android.widget.Button;
import android.widget.TextView;
import android.widget.Toast;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUserPool;
import com.amazonaws.regions.Regions;
public class CognitoSettings {
private String userPoolId = "ap-southeast-1_######";
private String clientId = "#############";
private String clientSecret = "************************redacted********************";
private Regions cognitoRegion = Regions.AP_SOUTHEAST_1;
private Context context;
public CognitoSettings(Context context){
this.context = context;
}
public String getUserPoolId(){
return userPoolId;
}
public String getClientId(){
return clientId;
}
public String getClientSecret() {
return clientSecret;
}
public Regions getCognitoRegion() {
return cognitoRegion;
}
public CognitoUserPool getUserPool(){
return new CognitoUserPool(context, userPoolId, clientId, clientSecret, cognitoRegion);
}
}
I check the UserPool and see the AutoGenerated group for the SAML Identity Provider I created.
I've been sweeping the internet for an entire day but no luck.
What am I doing wrong or what should I do more to authenticate users using SAML with O365?
Please help!...
来源:https://stackoverflow.com/questions/52834593/android-cognito-with-saml-o365