问题
I want to look up a user in my Cognito user pool by their sub, which as far as I can tell, is just their UUID. I would like to do this in Java within a Lambda function but cannot find how to do this in AWS's documenation. Any thoughts?
回答1:
As of today this is not possible with Cognito User Pools.
Users can only be looked up using their username or aliases. ListUsers API also allows users to be searched by providing search filters on some standard attributes but sub is not one of them.
回答2:
Now it works. http://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListUsers.html
"sub" in list of supported attributes. Example for JavaScript:
var cog = new AWS.CognitoIdentityServiceProvider();
var filter = "sub = \"" + userSub + "\"";
var req = {
"Filter": filter,
"UserPoolId": "your pool id" // looks like us-east-9_KDFn1cvys
};
cog.listUsers(req, function(err, data) {
if (err) {
console.log(err);
}
else {
if (data.Users.length === 1){ //as far as we search by sub, should be only one user.
var user = data.Users[0];
var attributes = data.Users[0].Attributes;
} else {
console.log("Something wrong.");
}
}
});
回答3:
// class var
protected final AWSCognitoIdentityProviderClient identityUserPoolProviderClient;
// initialize the Cognito Provider client. This is used to talk to the user pool
identityUserPoolProviderClient = new AWSCognitoIdentityProviderClient(new BasicAWSCredentials(AWS_ACCESS_KEY, AWS_SECRET_KEY));
identityUserPoolProviderClient.setRegion(RegionUtils.getRegion(USER_POOL_REGION));
// ...some init code omitted
// build the request
AdminGetUserRequest idRequest = new AdminGetUserRequest();
idRequest.withUserPoolId(USER_POOL_ID);
idRequest.withUsername(username);
// call cognito for the result
AdminGetUserResult result = identityUserPoolProviderClient.adminGetUser(idRequest);
// loop through results
List<UserType> userTypeList = result.getUsers();
// loop through them
for (UserType userType : userTypeList) {
List<AttributeType> attributeList = userType.getAttributes();
for (AttributeType attribute : attributeList) {
String attName = attribute.getName();
String attValue = attribute.getValue();
System.out.println(attName + ": " + attValue);
}
}
回答4:
Old question, but you the username parameter is overloaded in Cognito's adminGetUser method. It is, unfortunately, not documented: adminGetUser SDK
Here's a snippet:
const params = {
UserPoolId: 'someUserPoolId'
Username: 'random-string-sub-uuid',
};
CognitoService.adminGetUser(params,(err, data) => {
console.log(data);
})
Returns:
{ Username: 'random-string-sub-uuid',
UserAttributes:
[ { Name: 'sub', Value: 'random-string-sub-uuid' },
{ Name: 'custom:attributeName', Value: 'someValue' },
{ Name: 'email_verified', Value: 'false' },
{ Name: 'name', Value: 'nameValue' },
{ Name: 'email', Value: 'user@stackoverflow.com' } ],
UserCreateDate: 2018-10-12T14:04:04.357Z,
UserLastModifiedDate: 2018-10-12T14:05:03.843Z,
Enabled: true,
UserStatus: 'CONFIRMED' }
来源:https://stackoverflow.com/questions/43488445/how-do-i-look-up-a-cognito-user-by-their-sub-uuid