1. 技术文章
  2. AWS Cognito OAuth: Login request failure

AWS Cognito OAuth: Login request failure

安稳与你 提交于 2020-06-01 06:00:18

问题


I want to skip AWS Cognito's Hosted UI for login/authorization. However, when I try to consume the login end point to fetch authorization-code, I'm slapped with MethodNotAllowed response. As per AWS documentation, the login end-point accepts "Get" requests only. Based on my research on this topic, I figured it was possible to use "Post" method with login credentials for the login end point (Thanks to AWS documentation).

Can someone help please me figure out the issue?

AWS Pool Settings: AWS Pool Settings

C# Code: I'm using RestSharp as the HTTP client.

        private static void CognitoOAuthSignIn(string username, string password)
        {
            var CLIENT_ID = "<client_id>";
            var RESPONSE_TYPE = "code";
            var REDIRECT_URI = "https://www.google.com";
            var SCOPE = "openid";
            var AUTH_DOMAIN = "https://<domain_name>.auth.us-east-1.amazoncognito.com";
            var USERNAME = username;
            var PASSWORD = password;

            RestClient client = null;

            // 1. Get XSRF Code
            var csrfRequestUrl = $"{AUTH_DOMAIN}/oauth2/authorize?response_type={RESPONSE_TYPE}&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}";
            var csrfRequest = new RestRequest(Method.GET);
            client = new RestClient(csrfRequestUrl);
            client.CookieContainer = new CookieContainer();
            IRestResponse csrfResp = client.Execute(csrfRequest);
            var cookie = client.CookieContainer.GetCookieHeader(new Uri(AUTH_DOMAIN));
            var code = cookie.Split(';')[0].Substring(11);

            // 2. Make login request
            var loginRequestUrl = $"{AUTH_DOMAIN}/login?client_id={CLIENT_ID}&response_type={RESPONSE_TYPE}&scope={SCOPE}&redirect_uri={REDIRECT_URI}";
            client = new RestClient(loginRequestUrl);
            client.DefaultParameters[0].Value = "*/*"; // Setting "Accept" header
            client.AddDefaultHeader("Content-Type", "application/x-www-form-urlencoded");
            client.AddDefaultHeader("Accept-Encoding", "gzip,deflate");
            client.AddDefaultHeader("Accept-Language", "en-US");
            client.AddDefaultHeader("Cache-Control", "no-cache");
            client.AddDefaultHeader("Cookie", $"csrf-state=; csrf-state-legacy=; XSRF-TOKEN={code}");

            var authCodeRequest = new RestRequest(Method.POST);
            authCodeRequest.AddParameter("_csrf", code, ParameterType.GetOrPost);
            authCodeRequest.AddParameter("username", USERNAME, ParameterType.GetOrPost);
            authCodeRequest.AddParameter("password", PASSWORD, ParameterType.GetOrPost);
            authCodeRequest.RequestFormat = DataFormat.None;
            IRestResponse authCodeResp = client.Execute(authCodeRequest);
            Console.WriteLine(authCodeResp.StatusCode); //returns MethodNotAllowed
        }

来源:https://stackoverflow.com/questions/61823265/aws-cognito-oauth-login-request-failure

标签
c#
amazon-web-services
oauth-2.0
amazon-cognito
restsharp
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!