Las traducciones son generadas a través de traducción automática. En caso de conflicto entre la traducción y la version original de inglés, prevalecerá la version en inglés. # Ejemplos de proveedor de identidad de Amazon Cognito usando SDK para C\$1\$1 Los siguientes ejemplos de código muestran cómo realizar acciones e implementar situaciones comunes mediante el AWS SDK para C\$1\$1 uso de Amazon Cognito Identity Provider. Las *acciones* son extractos de código de programas más grandes y deben ejecutarse en contexto. Mientras las acciones muestran cómo llamar a las distintas funciones de servicio, es posible ver las acciones en contexto en los escenarios relacionados. Los *escenarios* son ejemplos de código que muestran cómo llevar a cabo una tarea específica a través de llamadas a varias funciones dentro del servicio o combinado con otros Servicios de AWS. En cada ejemplo se incluye un enlace al código de origen completo, con instrucciones de configuración y ejecución del código en el contexto. **Topics** + [Introducción](#get_started) + [Acciones](#actions) + [Escenarios](#scenarios) ## Introducción ### Introducción a Amazon Cognito En el siguiente ejemplo de código se muestra cómo empezar a utilizar Amazon Cognito. **SDK para C\$1\$1** Hay más información al respecto. GitHub Busque el ejemplo completo y aprenda a configurar y ejecutar en el [Repositorio de ejemplos de código de AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito/hello_cognito#code-examples). Código para el CMake archivo CMake Lists.txt. ``` # Set the minimum required version of CMake for this project. cmake_minimum_required(VERSION 3.13) # Set the AWS service components used by this project. set(SERVICE_COMPONENTS cognito-idp) # Set this project's name. project("hello_cognito") # Set the C++ standard to use to build this target. # At least C++ 11 is required for the AWS SDK for C++. set(CMAKE_CXX_STANDARD 11) # Use the MSVC variable to determine if this is a Windows build. set(WINDOWS_BUILD ${MSVC}) if (WINDOWS_BUILD) # Set the location where CMake can find the installed libraries for the AWS SDK. string(REPLACE ";" "/aws-cpp-sdk-all;" SYSTEM_MODULE_PATH "${CMAKE_SYSTEM_PREFIX_PATH}/aws-cpp-sdk-all") list(APPEND CMAKE_PREFIX_PATH ${SYSTEM_MODULE_PATH}) endif () # Find the AWS SDK for C++ package. find_package(AWSSDK REQUIRED COMPONENTS ${SERVICE_COMPONENTS}) if (WINDOWS_BUILD AND AWSSDK_INSTALL_AS_SHARED_LIBS) # Copy relevant AWS SDK for C++ libraries into the current binary directory for running and debugging. # set(BIN_SUB_DIR "/Debug") # If you are building from the command line, you may need to uncomment this # and set the proper subdirectory to the executables' location. AWSSDK_CPY_DYN_LIBS(SERVICE_COMPONENTS "" ${CMAKE_CURRENT_BINARY_DIR}${BIN_SUB_DIR}) endif () add_executable(${PROJECT_NAME} hello_cognito.cpp) target_link_libraries(${PROJECT_NAME} ${AWSSDK_LINK_LIBRARIES}) ``` Código del archivo de origen hello\$1cognito.cpp. ``` #include #include #include #include /* * A "Hello Cognito" starter application which initializes an Amazon Cognito client and lists the Amazon Cognito * user pools. * * main function * * Usage: 'hello_cognito' * */ int main(int argc, char **argv) { Aws::SDKOptions options; // Optionally change the log level for debugging. // options.loggingOptions.logLevel = Utils::Logging::LogLevel::Debug; Aws::InitAPI(options); // Should only be called once. int result = 0; { Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient cognitoClient(clientConfig); Aws::String nextToken; // Used for pagination. std::vector userPools; do { Aws::CognitoIdentityProvider::Model::ListUserPoolsRequest listUserPoolsRequest; if (!nextToken.empty()) { listUserPoolsRequest.SetNextToken(nextToken); } Aws::CognitoIdentityProvider::Model::ListUserPoolsOutcome listUserPoolsOutcome = cognitoClient.ListUserPools(listUserPoolsRequest); if (listUserPoolsOutcome.IsSuccess()) { for (auto &userPool: listUserPoolsOutcome.GetResult().GetUserPools()) { userPools.push_back(userPool.GetName()); } nextToken = listUserPoolsOutcome.GetResult().GetNextToken(); } else { std::cerr << "ListUserPools error: " << listUserPoolsOutcome.GetError().GetMessage() << std::endl; result = 1; break; } } while (!nextToken.empty()); std::cout << userPools.size() << " user pools found." << std::endl; for (auto &userPool: userPools) { std::cout << " user pool: " << userPool << std::endl; } } Aws::ShutdownAPI(options); // Should only be called once. return result; } ``` + Para obtener más información sobre la API, consulte [ListUserPools](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/ListUserPools)la *Referencia AWS SDK para C\$1\$1 de la API*. ## Acciones ### `AdminGetUser` En el siguiente ejemplo de código, se muestra cómo utilizar `AdminGetUser`. **SDK para C\$1\$1** Hay más información al respecto GitHub. Busque el ejemplo completo y aprenda a configurar y ejecutar en el [Repositorio de ejemplos de código de AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::AdminGetUserRequest request; request.SetUsername(userName); request.SetUserPoolId(userPoolID); Aws::CognitoIdentityProvider::Model::AdminGetUserOutcome outcome = client.AdminGetUser(request); if (outcome.IsSuccess()) { std::cout << "The status for " << userName << " is " << Aws::CognitoIdentityProvider::Model::UserStatusTypeMapper::GetNameForUserStatusType( outcome.GetResult().GetUserStatus()) << std::endl; std::cout << "Enabled is " << outcome.GetResult().GetEnabled() << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::AdminGetUser. " << outcome.GetError().GetMessage() << std::endl; } ``` + Para obtener más información sobre la API, consulta [AdminGetUser](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AdminGetUser)la *Referencia AWS SDK para C\$1\$1 de la API*. ### `AdminInitiateAuth` En el siguiente ejemplo de código, se muestra cómo utilizar `AdminInitiateAuth`. **SDK para C\$1\$1** Hay más información al respecto GitHub. Busque el ejemplo completo y aprenda a configurar y ejecutar en el [Repositorio de ejemplos de código de AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::AdminInitiateAuthRequest request; request.SetClientId(clientID); request.SetUserPoolId(userPoolID); request.AddAuthParameters("USERNAME", userName); request.AddAuthParameters("PASSWORD", password); request.SetAuthFlow( Aws::CognitoIdentityProvider::Model::AuthFlowType::ADMIN_USER_PASSWORD_AUTH); Aws::CognitoIdentityProvider::Model::AdminInitiateAuthOutcome outcome = client.AdminInitiateAuth(request); if (outcome.IsSuccess()) { std::cout << "Call to AdminInitiateAuth was successful." << std::endl; sessionResult = outcome.GetResult().GetSession(); } else { std::cerr << "Error with CognitoIdentityProvider::AdminInitiateAuth. " << outcome.GetError().GetMessage() << std::endl; } ``` + Para obtener más información sobre la API, consulta [AdminInitiateAuth](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AdminInitiateAuth)la *Referencia AWS SDK para C\$1\$1 de la API*. ### `AdminRespondToAuthChallenge` En el siguiente ejemplo de código, se muestra cómo utilizar `AdminRespondToAuthChallenge`. **SDK para C\$1\$1** Hay más información al respecto GitHub. Busque el ejemplo completo y aprenda a configurar y ejecutar en el [Repositorio de ejemplos de código de AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::AdminRespondToAuthChallengeRequest request; request.AddChallengeResponses("USERNAME", userName); request.AddChallengeResponses("SOFTWARE_TOKEN_MFA_CODE", mfaCode); request.SetChallengeName( Aws::CognitoIdentityProvider::Model::ChallengeNameType::SOFTWARE_TOKEN_MFA); request.SetClientId(clientID); request.SetUserPoolId(userPoolID); request.SetSession(session); Aws::CognitoIdentityProvider::Model::AdminRespondToAuthChallengeOutcome outcome = client.AdminRespondToAuthChallenge(request); if (outcome.IsSuccess()) { std::cout << "Here is the response to the challenge.\n" << outcome.GetResult().GetAuthenticationResult().Jsonize().View().WriteReadable() << std::endl; accessToken = outcome.GetResult().GetAuthenticationResult().GetAccessToken(); } else { std::cerr << "Error with CognitoIdentityProvider::AdminRespondToAuthChallenge. " << outcome.GetError().GetMessage() << std::endl; return false; } ``` + Para obtener más información sobre la API, consulta [AdminRespondToAuthChallenge](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AdminRespondToAuthChallenge)la *Referencia AWS SDK para C\$1\$1 de la API*. ### `AssociateSoftwareToken` En el siguiente ejemplo de código, se muestra cómo utilizar `AssociateSoftwareToken`. **SDK para C\$1\$1** Hay más información al respecto GitHub. Busque el ejemplo completo y aprenda a configurar y ejecutar en el [Repositorio de ejemplos de código de AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::AssociateSoftwareTokenRequest request; request.SetSession(session); Aws::CognitoIdentityProvider::Model::AssociateSoftwareTokenOutcome outcome = client.AssociateSoftwareToken(request); if (outcome.IsSuccess()) { std::cout << "Enter this setup key into an authenticator app, for example Google Authenticator." << std::endl; std::cout << "Setup key: " << outcome.GetResult().GetSecretCode() << std::endl; #ifdef USING_QR printAsterisksLine(); std::cout << "\nOr scan the QR code in the file '" << QR_CODE_PATH << "." << std::endl; saveQRCode(std::string("otpauth://totp/") + userName + "?secret=" + outcome.GetResult().GetSecretCode()); #endif // USING_QR session = outcome.GetResult().GetSession(); } else { std::cerr << "Error with CognitoIdentityProvider::AssociateSoftwareToken. " << outcome.GetError().GetMessage() << std::endl; return false; } ``` + Para obtener más información sobre la API, consulta [AssociateSoftwareToken](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AssociateSoftwareToken)la *Referencia AWS SDK para C\$1\$1 de la API*. ### `ConfirmSignUp` En el siguiente ejemplo de código, se muestra cómo utilizar `ConfirmSignUp`. **SDK para C\$1\$1** Hay más información al respecto GitHub. Busque el ejemplo completo y aprenda a configurar y ejecutar en el [Repositorio de ejemplos de código de AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::ConfirmSignUpRequest request; request.SetClientId(clientID); request.SetConfirmationCode(confirmationCode); request.SetUsername(userName); Aws::CognitoIdentityProvider::Model::ConfirmSignUpOutcome outcome = client.ConfirmSignUp(request); if (outcome.IsSuccess()) { std::cout << "ConfirmSignup was Successful." << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::ConfirmSignUp. " << outcome.GetError().GetMessage() << std::endl; return false; } ``` + Para obtener más información sobre la API, consulta [ConfirmSignUp](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/ConfirmSignUp)la *Referencia AWS SDK para C\$1\$1 de la API*. ### `DeleteUser` En el siguiente ejemplo de código, se muestra cómo utilizar `DeleteUser`. **SDK para C\$1\$1** Hay más información al respecto GitHub. Busque el ejemplo completo y aprenda a configurar y ejecutar en el [Repositorio de ejemplos de código de AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::DeleteUserRequest request; request.SetAccessToken(accessToken); Aws::CognitoIdentityProvider::Model::DeleteUserOutcome outcome = client.DeleteUser(request); if (outcome.IsSuccess()) { std::cout << "The user " << userName << " was deleted." << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::DeleteUser. " << outcome.GetError().GetMessage() << std::endl; } ``` + Para obtener más información sobre la API, consulta [DeleteUser](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/DeleteUser)la *Referencia AWS SDK para C\$1\$1 de la API*. ### `ResendConfirmationCode` En el siguiente ejemplo de código, se muestra cómo utilizar `ResendConfirmationCode`. **SDK para C\$1\$1** Hay más información al respecto GitHub. Busque el ejemplo completo y aprenda a configurar y ejecutar en el [Repositorio de ejemplos de código de AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::ResendConfirmationCodeRequest request; request.SetUsername(userName); request.SetClientId(clientID); Aws::CognitoIdentityProvider::Model::ResendConfirmationCodeOutcome outcome = client.ResendConfirmationCode(request); if (outcome.IsSuccess()) { std::cout << "CognitoIdentityProvider::ResendConfirmationCode was successful." << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::ResendConfirmationCode. " << outcome.GetError().GetMessage() << std::endl; return false; } ``` + Para obtener más información sobre la API, consulta [ResendConfirmationCode](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/ResendConfirmationCode)la *Referencia AWS SDK para C\$1\$1 de la API*. ### `SignUp` En el siguiente ejemplo de código, se muestra cómo utilizar `SignUp`. **SDK para C\$1\$1** Hay más información al respecto GitHub. Busque el ejemplo completo y aprenda a configurar y ejecutar en el [Repositorio de ejemplos de código de AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::SignUpRequest request; request.AddUserAttributes( Aws::CognitoIdentityProvider::Model::AttributeType().WithName( "email").WithValue(email)); request.SetUsername(userName); request.SetPassword(password); request.SetClientId(clientID); Aws::CognitoIdentityProvider::Model::SignUpOutcome outcome = client.SignUp(request); if (outcome.IsSuccess()) { std::cout << "The signup request for " << userName << " was successful." << std::endl; } else if (outcome.GetError().GetErrorType() == Aws::CognitoIdentityProvider::CognitoIdentityProviderErrors::USERNAME_EXISTS) { std::cout << "The username already exists. Please enter a different username." << std::endl; userExists = true; } else { std::cerr << "Error with CognitoIdentityProvider::SignUpRequest. " << outcome.GetError().GetMessage() << std::endl; return false; } ``` + Para obtener más información sobre la API, consulta [SignUp](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/SignUp)la *Referencia AWS SDK para C\$1\$1 de la API*. ### `VerifySoftwareToken` En el siguiente ejemplo de código, se muestra cómo utilizar `VerifySoftwareToken`. **SDK para C\$1\$1** Hay más información al respecto GitHub. Busque el ejemplo completo y aprenda a configurar y ejecutar en el [Repositorio de ejemplos de código de AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::VerifySoftwareTokenRequest request; request.SetUserCode(userCode); request.SetSession(session); Aws::CognitoIdentityProvider::Model::VerifySoftwareTokenOutcome outcome = client.VerifySoftwareToken(request); if (outcome.IsSuccess()) { std::cout << "Verification of the code was successful." << std::endl; session = outcome.GetResult().GetSession(); } else { std::cerr << "Error with CognitoIdentityProvider::VerifySoftwareToken. " << outcome.GetError().GetMessage() << std::endl; return false; } ``` + Para obtener más información sobre la API, consulta [VerifySoftwareToken](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/VerifySoftwareToken)la *Referencia AWS SDK para C\$1\$1 de la API*. ## Escenarios ### Registro de un usuario en un grupo de usuarios que requiera MFA En el siguiente ejemplo de código, se muestra cómo: + Registre y confirme a un usuario con un nombre de usuario, una contraseña y una dirección de correo electrónico. + Configure la autenticación multifactor asociando una aplicación MFA al usuario. + Inicie sesión con una contraseña y un código MFA. **SDK para C\$1\$1** Hay más información al respecto GitHub. Busque el ejemplo completo y aprenda a configurar y ejecutar en el [Repositorio de ejemplos de código de AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; //! Scenario that adds a user to an Amazon Cognito user pool. /*! \sa gettingStartedWithUserPools() \param clientID: Client ID associated with an Amazon Cognito user pool. \param userPoolID: An Amazon Cognito user pool ID. \param clientConfig: Aws client configuration. \return bool: Successful completion. */ bool AwsDoc::Cognito::gettingStartedWithUserPools(const Aws::String &clientID, const Aws::String &userPoolID, const Aws::Client::ClientConfiguration &clientConfig) { printAsterisksLine(); std::cout << "Welcome to the Amazon Cognito example scenario." << std::endl; printAsterisksLine(); std::cout << "This scenario will add a user to an Amazon Cognito user pool." << std::endl; const Aws::String userName = askQuestion("Enter a new username: "); const Aws::String password = askQuestion("Enter a new password: "); const Aws::String email = askQuestion("Enter a valid email for the user: "); std::cout << "Signing up " << userName << std::endl; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); bool userExists = false; do { // 1. Add a user with a username, password, and email address. Aws::CognitoIdentityProvider::Model::SignUpRequest request; request.AddUserAttributes( Aws::CognitoIdentityProvider::Model::AttributeType().WithName( "email").WithValue(email)); request.SetUsername(userName); request.SetPassword(password); request.SetClientId(clientID); Aws::CognitoIdentityProvider::Model::SignUpOutcome outcome = client.SignUp(request); if (outcome.IsSuccess()) { std::cout << "The signup request for " << userName << " was successful." << std::endl; } else if (outcome.GetError().GetErrorType() == Aws::CognitoIdentityProvider::CognitoIdentityProviderErrors::USERNAME_EXISTS) { std::cout << "The username already exists. Please enter a different username." << std::endl; userExists = true; } else { std::cerr << "Error with CognitoIdentityProvider::SignUpRequest. " << outcome.GetError().GetMessage() << std::endl; return false; } } while (userExists); printAsterisksLine(); std::cout << "Retrieving status of " << userName << " in the user pool." << std::endl; // 2. Confirm that the user was added to the user pool. if (!checkAdminUserStatus(userName, userPoolID, client)) { return false; } std::cout << "A confirmation code was sent to " << email << "." << std::endl; bool resend = askYesNoQuestion("Would you like to send a new code? (y/n) "); if (resend) { // Request a resend of the confirmation code to the email address. (ResendConfirmationCode) Aws::CognitoIdentityProvider::Model::ResendConfirmationCodeRequest request; request.SetUsername(userName); request.SetClientId(clientID); Aws::CognitoIdentityProvider::Model::ResendConfirmationCodeOutcome outcome = client.ResendConfirmationCode(request); if (outcome.IsSuccess()) { std::cout << "CognitoIdentityProvider::ResendConfirmationCode was successful." << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::ResendConfirmationCode. " << outcome.GetError().GetMessage() << std::endl; return false; } } printAsterisksLine(); { // 4. Send the confirmation code that's received in the email. (ConfirmSignUp) const Aws::String confirmationCode = askQuestion( "Enter the confirmation code that was emailed: "); Aws::CognitoIdentityProvider::Model::ConfirmSignUpRequest request; request.SetClientId(clientID); request.SetConfirmationCode(confirmationCode); request.SetUsername(userName); Aws::CognitoIdentityProvider::Model::ConfirmSignUpOutcome outcome = client.ConfirmSignUp(request); if (outcome.IsSuccess()) { std::cout << "ConfirmSignup was Successful." << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::ConfirmSignUp. " << outcome.GetError().GetMessage() << std::endl; return false; } } std::cout << "Rechecking the status of " << userName << " in the user pool." << std::endl; if (!checkAdminUserStatus(userName, userPoolID, client)) { return false; } printAsterisksLine(); std::cout << "Initiating authorization using the username and password." << std::endl; Aws::String session; // 5. Initiate authorization with username and password. (AdminInitiateAuth) if (!adminInitiateAuthorization(clientID, userPoolID, userName, password, session, client)) { return false; } printAsterisksLine(); std::cout << "Starting setup of time-based one-time password (TOTP) multi-factor authentication (MFA)." << std::endl; { // 6. Request a setup key for one-time password (TOTP) // multi-factor authentication (MFA). (AssociateSoftwareToken) Aws::CognitoIdentityProvider::Model::AssociateSoftwareTokenRequest request; request.SetSession(session); Aws::CognitoIdentityProvider::Model::AssociateSoftwareTokenOutcome outcome = client.AssociateSoftwareToken(request); if (outcome.IsSuccess()) { std::cout << "Enter this setup key into an authenticator app, for example Google Authenticator." << std::endl; std::cout << "Setup key: " << outcome.GetResult().GetSecretCode() << std::endl; #ifdef USING_QR printAsterisksLine(); std::cout << "\nOr scan the QR code in the file '" << QR_CODE_PATH << "." << std::endl; saveQRCode(std::string("otpauth://totp/") + userName + "?secret=" + outcome.GetResult().GetSecretCode()); #endif // USING_QR session = outcome.GetResult().GetSession(); } else { std::cerr << "Error with CognitoIdentityProvider::AssociateSoftwareToken. " << outcome.GetError().GetMessage() << std::endl; return false; } } askQuestion("Type enter to continue...", alwaysTrueTest); printAsterisksLine(); { Aws::String userCode = askQuestion( "Enter the 6 digit code displayed in the authenticator app: "); // 7. Send the MFA code copied from an authenticator app. (VerifySoftwareToken) Aws::CognitoIdentityProvider::Model::VerifySoftwareTokenRequest request; request.SetUserCode(userCode); request.SetSession(session); Aws::CognitoIdentityProvider::Model::VerifySoftwareTokenOutcome outcome = client.VerifySoftwareToken(request); if (outcome.IsSuccess()) { std::cout << "Verification of the code was successful." << std::endl; session = outcome.GetResult().GetSession(); } else { std::cerr << "Error with CognitoIdentityProvider::VerifySoftwareToken. " << outcome.GetError().GetMessage() << std::endl; return false; } } printAsterisksLine(); std::cout << "You have completed the MFA authentication setup." << std::endl; std::cout << "Now, sign in." << std::endl; // 8. Initiate authorization again with username and password. (AdminInitiateAuth) if (!adminInitiateAuthorization(clientID, userPoolID, userName, password, session, client)) { return false; } Aws::String accessToken; { Aws::String mfaCode = askQuestion( "Re-enter the 6 digit code displayed in the authenticator app: "); // 9. Send a new MFA code copied from an authenticator app. (AdminRespondToAuthChallenge) Aws::CognitoIdentityProvider::Model::AdminRespondToAuthChallengeRequest request; request.AddChallengeResponses("USERNAME", userName); request.AddChallengeResponses("SOFTWARE_TOKEN_MFA_CODE", mfaCode); request.SetChallengeName( Aws::CognitoIdentityProvider::Model::ChallengeNameType::SOFTWARE_TOKEN_MFA); request.SetClientId(clientID); request.SetUserPoolId(userPoolID); request.SetSession(session); Aws::CognitoIdentityProvider::Model::AdminRespondToAuthChallengeOutcome outcome = client.AdminRespondToAuthChallenge(request); if (outcome.IsSuccess()) { std::cout << "Here is the response to the challenge.\n" << outcome.GetResult().GetAuthenticationResult().Jsonize().View().WriteReadable() << std::endl; accessToken = outcome.GetResult().GetAuthenticationResult().GetAccessToken(); } else { std::cerr << "Error with CognitoIdentityProvider::AdminRespondToAuthChallenge. " << outcome.GetError().GetMessage() << std::endl; return false; } std::cout << "You have successfully added a user to Amazon Cognito." << std::endl; } if (askYesNoQuestion("Would you like to delete the user that you just added? (y/n) ")) { // 10. Delete the user that you just added. (DeleteUser) Aws::CognitoIdentityProvider::Model::DeleteUserRequest request; request.SetAccessToken(accessToken); Aws::CognitoIdentityProvider::Model::DeleteUserOutcome outcome = client.DeleteUser(request); if (outcome.IsSuccess()) { std::cout << "The user " << userName << " was deleted." << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::DeleteUser. " << outcome.GetError().GetMessage() << std::endl; } } return true; } //! Routine which checks the user status in an Amazon Cognito user pool. /*! \sa checkAdminUserStatus() \param userName: A username. \param userPoolID: An Amazon Cognito user pool ID. \return bool: Successful completion. */ bool AwsDoc::Cognito::checkAdminUserStatus(const Aws::String &userName, const Aws::String &userPoolID, const Aws::CognitoIdentityProvider::CognitoIdentityProviderClient &client) { Aws::CognitoIdentityProvider::Model::AdminGetUserRequest request; request.SetUsername(userName); request.SetUserPoolId(userPoolID); Aws::CognitoIdentityProvider::Model::AdminGetUserOutcome outcome = client.AdminGetUser(request); if (outcome.IsSuccess()) { std::cout << "The status for " << userName << " is " << Aws::CognitoIdentityProvider::Model::UserStatusTypeMapper::GetNameForUserStatusType( outcome.GetResult().GetUserStatus()) << std::endl; std::cout << "Enabled is " << outcome.GetResult().GetEnabled() << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::AdminGetUser. " << outcome.GetError().GetMessage() << std::endl; } return outcome.IsSuccess(); } //! Routine which starts authorization of an Amazon Cognito user. //! This routine requires administrator credentials. /*! \sa adminInitiateAuthorization() \param clientID: Client ID of tracked device. \param userPoolID: An Amazon Cognito user pool ID. \param userName: A username. \param password: A password. \param sessionResult: String to receive a session token. \return bool: Successful completion. */ bool AwsDoc::Cognito::adminInitiateAuthorization(const Aws::String &clientID, const Aws::String &userPoolID, const Aws::String &userName, const Aws::String &password, Aws::String &sessionResult, const Aws::CognitoIdentityProvider::CognitoIdentityProviderClient &client) { Aws::CognitoIdentityProvider::Model::AdminInitiateAuthRequest request; request.SetClientId(clientID); request.SetUserPoolId(userPoolID); request.AddAuthParameters("USERNAME", userName); request.AddAuthParameters("PASSWORD", password); request.SetAuthFlow( Aws::CognitoIdentityProvider::Model::AuthFlowType::ADMIN_USER_PASSWORD_AUTH); Aws::CognitoIdentityProvider::Model::AdminInitiateAuthOutcome outcome = client.AdminInitiateAuth(request); if (outcome.IsSuccess()) { std::cout << "Call to AdminInitiateAuth was successful." << std::endl; sessionResult = outcome.GetResult().GetSession(); } else { std::cerr << "Error with CognitoIdentityProvider::AdminInitiateAuth. " << outcome.GetError().GetMessage() << std::endl; } return outcome.IsSuccess(); } ``` + Para obtener detalles sobre la API, consulte los siguientes temas en la *Referencia de la API de AWS SDK para C\$1\$1 *. + [AdminGetUser](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AdminGetUser) + [AdminInitiateAuth](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AdminInitiateAuth) + [AdminRespondToAuthChallenge](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AdminRespondToAuthChallenge) + [AssociateSoftwareToken](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AssociateSoftwareToken) + [ConfirmDevice](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/ConfirmDevice) + [ConfirmSignUp](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/ConfirmSignUp) + [InitiateAuth](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/InitiateAuth) + [ListUsers](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/ListUsers) + [ResendConfirmationCode](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/ResendConfirmationCode) + [RespondToAuthChallenge](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/RespondToAuthChallenge) + [SignUp](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/SignUp) + [VerifySoftwareToken](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/VerifySoftwareToken)