Le traduzioni sono generate tramite traduzione automatica. In caso di conflitto tra il contenuto di una traduzione e la versione originale in Inglese, quest'ultima prevarrà. # Esempi per il gestore dell’identità per Amazon Cognito con SDK per C\$1\$1 I seguenti esempi di codice mostrano come eseguire azioni e implementare scenari comuni utilizzando Amazon Cognito Identity Provider. AWS SDK per C\$1\$1 Le *azioni* sono estratti di codice da programmi più grandi e devono essere eseguite nel contesto. Sebbene le azioni mostrino come richiamare le singole funzioni del servizio, è possibile visualizzarle contestualizzate negli scenari correlati. *Scenari*: esempi di codice che mostrano come eseguire un’attività specifica chiamando più funzioni all’interno dello stesso servizio o combinate con altri Servizi AWS. Ogni esempio include un link al codice sorgente completo, in cui vengono fornite le istruzioni su come configurare ed eseguire il codice nel contesto. **Topics** + [Nozioni di base](#get_started) + [Azioni](#actions) + [Scenari](#scenarios) ## Nozioni di base ### Ciao Amazon Cognito L'esempio di codice seguente mostra come iniziare a utilizzare Amazon Cognito. **SDK per C\$1\$1** C'è di più su. GitHub Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel [Repository di esempi di codice AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito/hello_cognito#code-examples). Codice per il CMake file CMake Lists.txt. ``` # Set the minimum required version of CMake for this project. cmake_minimum_required(VERSION 3.13) # Set the AWS service components used by this project. set(SERVICE_COMPONENTS cognito-idp) # Set this project's name. project("hello_cognito") # Set the C++ standard to use to build this target. # At least C++ 11 is required for the AWS SDK for C++. set(CMAKE_CXX_STANDARD 11) # Use the MSVC variable to determine if this is a Windows build. set(WINDOWS_BUILD ${MSVC}) if (WINDOWS_BUILD) # Set the location where CMake can find the installed libraries for the AWS SDK. string(REPLACE ";" "/aws-cpp-sdk-all;" SYSTEM_MODULE_PATH "${CMAKE_SYSTEM_PREFIX_PATH}/aws-cpp-sdk-all") list(APPEND CMAKE_PREFIX_PATH ${SYSTEM_MODULE_PATH}) endif () # Find the AWS SDK for C++ package. find_package(AWSSDK REQUIRED COMPONENTS ${SERVICE_COMPONENTS}) if (WINDOWS_BUILD AND AWSSDK_INSTALL_AS_SHARED_LIBS) # Copy relevant AWS SDK for C++ libraries into the current binary directory for running and debugging. # set(BIN_SUB_DIR "/Debug") # If you are building from the command line, you may need to uncomment this # and set the proper subdirectory to the executables' location. AWSSDK_CPY_DYN_LIBS(SERVICE_COMPONENTS "" ${CMAKE_CURRENT_BINARY_DIR}${BIN_SUB_DIR}) endif () add_executable(${PROJECT_NAME} hello_cognito.cpp) target_link_libraries(${PROJECT_NAME} ${AWSSDK_LINK_LIBRARIES}) ``` Codice per il file origine hello\$1cognito.cpp. ``` #include #include #include #include /* * A "Hello Cognito" starter application which initializes an Amazon Cognito client and lists the Amazon Cognito * user pools. * * main function * * Usage: 'hello_cognito' * */ int main(int argc, char **argv) { Aws::SDKOptions options; // Optionally change the log level for debugging. // options.loggingOptions.logLevel = Utils::Logging::LogLevel::Debug; Aws::InitAPI(options); // Should only be called once. int result = 0; { Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient cognitoClient(clientConfig); Aws::String nextToken; // Used for pagination. std::vector userPools; do { Aws::CognitoIdentityProvider::Model::ListUserPoolsRequest listUserPoolsRequest; if (!nextToken.empty()) { listUserPoolsRequest.SetNextToken(nextToken); } Aws::CognitoIdentityProvider::Model::ListUserPoolsOutcome listUserPoolsOutcome = cognitoClient.ListUserPools(listUserPoolsRequest); if (listUserPoolsOutcome.IsSuccess()) { for (auto &userPool: listUserPoolsOutcome.GetResult().GetUserPools()) { userPools.push_back(userPool.GetName()); } nextToken = listUserPoolsOutcome.GetResult().GetNextToken(); } else { std::cerr << "ListUserPools error: " << listUserPoolsOutcome.GetError().GetMessage() << std::endl; result = 1; break; } } while (!nextToken.empty()); std::cout << userPools.size() << " user pools found." << std::endl; for (auto &userPool: userPools) { std::cout << " user pool: " << userPool << std::endl; } } Aws::ShutdownAPI(options); // Should only be called once. return result; } ``` + Per i dettagli sull'API, consulta la [ListUserPools](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/ListUserPools)sezione *AWS SDK per C\$1\$1 API Reference*. ## Azioni ### `AdminGetUser` Il seguente esempio di codice mostra come utilizzare`AdminGetUser`. **SDK per C\$1\$1** C'è altro da fare GitHub. Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel [Repository di esempi di codice AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::AdminGetUserRequest request; request.SetUsername(userName); request.SetUserPoolId(userPoolID); Aws::CognitoIdentityProvider::Model::AdminGetUserOutcome outcome = client.AdminGetUser(request); if (outcome.IsSuccess()) { std::cout << "The status for " << userName << " is " << Aws::CognitoIdentityProvider::Model::UserStatusTypeMapper::GetNameForUserStatusType( outcome.GetResult().GetUserStatus()) << std::endl; std::cout << "Enabled is " << outcome.GetResult().GetEnabled() << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::AdminGetUser. " << outcome.GetError().GetMessage() << std::endl; } ``` + Per i dettagli sull'API, [AdminGetUser](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AdminGetUser)consulta *AWS SDK per C\$1\$1 API Reference*. ### `AdminInitiateAuth` Il seguente esempio di codice mostra come utilizzare`AdminInitiateAuth`. **SDK per C\$1\$1** C'è altro da fare GitHub. Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel [Repository di esempi di codice AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::AdminInitiateAuthRequest request; request.SetClientId(clientID); request.SetUserPoolId(userPoolID); request.AddAuthParameters("USERNAME", userName); request.AddAuthParameters("PASSWORD", password); request.SetAuthFlow( Aws::CognitoIdentityProvider::Model::AuthFlowType::ADMIN_USER_PASSWORD_AUTH); Aws::CognitoIdentityProvider::Model::AdminInitiateAuthOutcome outcome = client.AdminInitiateAuth(request); if (outcome.IsSuccess()) { std::cout << "Call to AdminInitiateAuth was successful." << std::endl; sessionResult = outcome.GetResult().GetSession(); } else { std::cerr << "Error with CognitoIdentityProvider::AdminInitiateAuth. " << outcome.GetError().GetMessage() << std::endl; } ``` + Per i dettagli sull'API, [AdminInitiateAuth](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AdminInitiateAuth)consulta *AWS SDK per C\$1\$1 API Reference*. ### `AdminRespondToAuthChallenge` Il seguente esempio di codice mostra come utilizzare`AdminRespondToAuthChallenge`. **SDK per C\$1\$1** C'è altro da fare GitHub. Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel [Repository di esempi di codice AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::AdminRespondToAuthChallengeRequest request; request.AddChallengeResponses("USERNAME", userName); request.AddChallengeResponses("SOFTWARE_TOKEN_MFA_CODE", mfaCode); request.SetChallengeName( Aws::CognitoIdentityProvider::Model::ChallengeNameType::SOFTWARE_TOKEN_MFA); request.SetClientId(clientID); request.SetUserPoolId(userPoolID); request.SetSession(session); Aws::CognitoIdentityProvider::Model::AdminRespondToAuthChallengeOutcome outcome = client.AdminRespondToAuthChallenge(request); if (outcome.IsSuccess()) { std::cout << "Here is the response to the challenge.\n" << outcome.GetResult().GetAuthenticationResult().Jsonize().View().WriteReadable() << std::endl; accessToken = outcome.GetResult().GetAuthenticationResult().GetAccessToken(); } else { std::cerr << "Error with CognitoIdentityProvider::AdminRespondToAuthChallenge. " << outcome.GetError().GetMessage() << std::endl; return false; } ``` + Per i dettagli sull'API, [AdminRespondToAuthChallenge](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AdminRespondToAuthChallenge)consulta *AWS SDK per C\$1\$1 API Reference*. ### `AssociateSoftwareToken` Il seguente esempio di codice mostra come utilizzare`AssociateSoftwareToken`. **SDK per C\$1\$1** C'è altro da fare GitHub. Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel [Repository di esempi di codice AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::AssociateSoftwareTokenRequest request; request.SetSession(session); Aws::CognitoIdentityProvider::Model::AssociateSoftwareTokenOutcome outcome = client.AssociateSoftwareToken(request); if (outcome.IsSuccess()) { std::cout << "Enter this setup key into an authenticator app, for example Google Authenticator." << std::endl; std::cout << "Setup key: " << outcome.GetResult().GetSecretCode() << std::endl; #ifdef USING_QR printAsterisksLine(); std::cout << "\nOr scan the QR code in the file '" << QR_CODE_PATH << "." << std::endl; saveQRCode(std::string("otpauth://totp/") + userName + "?secret=" + outcome.GetResult().GetSecretCode()); #endif // USING_QR session = outcome.GetResult().GetSession(); } else { std::cerr << "Error with CognitoIdentityProvider::AssociateSoftwareToken. " << outcome.GetError().GetMessage() << std::endl; return false; } ``` + Per i dettagli sull'API, [AssociateSoftwareToken](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AssociateSoftwareToken)consulta *AWS SDK per C\$1\$1 API Reference*. ### `ConfirmSignUp` Il seguente esempio di codice mostra come utilizzare`ConfirmSignUp`. **SDK per C\$1\$1** C'è altro da fare GitHub. Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel [Repository di esempi di codice AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::ConfirmSignUpRequest request; request.SetClientId(clientID); request.SetConfirmationCode(confirmationCode); request.SetUsername(userName); Aws::CognitoIdentityProvider::Model::ConfirmSignUpOutcome outcome = client.ConfirmSignUp(request); if (outcome.IsSuccess()) { std::cout << "ConfirmSignup was Successful." << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::ConfirmSignUp. " << outcome.GetError().GetMessage() << std::endl; return false; } ``` + Per i dettagli sull'API, [ConfirmSignUp](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/ConfirmSignUp)consulta *AWS SDK per C\$1\$1 API Reference*. ### `DeleteUser` Il seguente esempio di codice mostra come utilizzare`DeleteUser`. **SDK per C\$1\$1** C'è altro da fare GitHub. Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel [Repository di esempi di codice AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::DeleteUserRequest request; request.SetAccessToken(accessToken); Aws::CognitoIdentityProvider::Model::DeleteUserOutcome outcome = client.DeleteUser(request); if (outcome.IsSuccess()) { std::cout << "The user " << userName << " was deleted." << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::DeleteUser. " << outcome.GetError().GetMessage() << std::endl; } ``` + Per i dettagli sull'API, [DeleteUser](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/DeleteUser)consulta *AWS SDK per C\$1\$1 API Reference*. ### `ResendConfirmationCode` Il seguente esempio di codice mostra come utilizzare`ResendConfirmationCode`. **SDK per C\$1\$1** C'è altro da fare GitHub. Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel [Repository di esempi di codice AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::ResendConfirmationCodeRequest request; request.SetUsername(userName); request.SetClientId(clientID); Aws::CognitoIdentityProvider::Model::ResendConfirmationCodeOutcome outcome = client.ResendConfirmationCode(request); if (outcome.IsSuccess()) { std::cout << "CognitoIdentityProvider::ResendConfirmationCode was successful." << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::ResendConfirmationCode. " << outcome.GetError().GetMessage() << std::endl; return false; } ``` + Per i dettagli sull'API, [ResendConfirmationCode](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/ResendConfirmationCode)consulta *AWS SDK per C\$1\$1 API Reference*. ### `SignUp` Il seguente esempio di codice mostra come utilizzare`SignUp`. **SDK per C\$1\$1** C'è altro da fare GitHub. Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel [Repository di esempi di codice AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::SignUpRequest request; request.AddUserAttributes( Aws::CognitoIdentityProvider::Model::AttributeType().WithName( "email").WithValue(email)); request.SetUsername(userName); request.SetPassword(password); request.SetClientId(clientID); Aws::CognitoIdentityProvider::Model::SignUpOutcome outcome = client.SignUp(request); if (outcome.IsSuccess()) { std::cout << "The signup request for " << userName << " was successful." << std::endl; } else if (outcome.GetError().GetErrorType() == Aws::CognitoIdentityProvider::CognitoIdentityProviderErrors::USERNAME_EXISTS) { std::cout << "The username already exists. Please enter a different username." << std::endl; userExists = true; } else { std::cerr << "Error with CognitoIdentityProvider::SignUpRequest. " << outcome.GetError().GetMessage() << std::endl; return false; } ``` + Per i dettagli sull'API, [SignUp](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/SignUp)consulta *AWS SDK per C\$1\$1 API Reference*. ### `VerifySoftwareToken` Il seguente esempio di codice mostra come utilizzare`VerifySoftwareToken`. **SDK per C\$1\$1** C'è altro da fare GitHub. Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel [Repository di esempi di codice AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); Aws::CognitoIdentityProvider::Model::VerifySoftwareTokenRequest request; request.SetUserCode(userCode); request.SetSession(session); Aws::CognitoIdentityProvider::Model::VerifySoftwareTokenOutcome outcome = client.VerifySoftwareToken(request); if (outcome.IsSuccess()) { std::cout << "Verification of the code was successful." << std::endl; session = outcome.GetResult().GetSession(); } else { std::cerr << "Error with CognitoIdentityProvider::VerifySoftwareToken. " << outcome.GetError().GetMessage() << std::endl; return false; } ``` + Per i dettagli sull'API, [VerifySoftwareToken](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/VerifySoftwareToken)consulta *AWS SDK per C\$1\$1 API Reference*. ## Scenari ### Registrazione di un utente a un pool di utenti che richiede l’autenticazione MFA L’esempio di codice seguente mostra come: + Registra e conferma un utente con nome utente, password e indirizzo e-mail. + Configura l’autenticazione a più fattori associando un’applicazione MFA all’utente. + Accedi utilizzando una password e un codice MFA. **SDK per C\$1\$1** C'è altro su GitHub. Trova l'esempio completo e scopri di più sulla configurazione e l'esecuzione nel [Repository di esempi di codice AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/cognito#code-examples). ``` Aws::Client::ClientConfiguration clientConfig; // Optional: Set to the AWS Region (overrides config file). // clientConfig.region = "us-east-1"; //! Scenario that adds a user to an Amazon Cognito user pool. /*! \sa gettingStartedWithUserPools() \param clientID: Client ID associated with an Amazon Cognito user pool. \param userPoolID: An Amazon Cognito user pool ID. \param clientConfig: Aws client configuration. \return bool: Successful completion. */ bool AwsDoc::Cognito::gettingStartedWithUserPools(const Aws::String &clientID, const Aws::String &userPoolID, const Aws::Client::ClientConfiguration &clientConfig) { printAsterisksLine(); std::cout << "Welcome to the Amazon Cognito example scenario." << std::endl; printAsterisksLine(); std::cout << "This scenario will add a user to an Amazon Cognito user pool." << std::endl; const Aws::String userName = askQuestion("Enter a new username: "); const Aws::String password = askQuestion("Enter a new password: "); const Aws::String email = askQuestion("Enter a valid email for the user: "); std::cout << "Signing up " << userName << std::endl; Aws::CognitoIdentityProvider::CognitoIdentityProviderClient client(clientConfig); bool userExists = false; do { // 1. Add a user with a username, password, and email address. Aws::CognitoIdentityProvider::Model::SignUpRequest request; request.AddUserAttributes( Aws::CognitoIdentityProvider::Model::AttributeType().WithName( "email").WithValue(email)); request.SetUsername(userName); request.SetPassword(password); request.SetClientId(clientID); Aws::CognitoIdentityProvider::Model::SignUpOutcome outcome = client.SignUp(request); if (outcome.IsSuccess()) { std::cout << "The signup request for " << userName << " was successful." << std::endl; } else if (outcome.GetError().GetErrorType() == Aws::CognitoIdentityProvider::CognitoIdentityProviderErrors::USERNAME_EXISTS) { std::cout << "The username already exists. Please enter a different username." << std::endl; userExists = true; } else { std::cerr << "Error with CognitoIdentityProvider::SignUpRequest. " << outcome.GetError().GetMessage() << std::endl; return false; } } while (userExists); printAsterisksLine(); std::cout << "Retrieving status of " << userName << " in the user pool." << std::endl; // 2. Confirm that the user was added to the user pool. if (!checkAdminUserStatus(userName, userPoolID, client)) { return false; } std::cout << "A confirmation code was sent to " << email << "." << std::endl; bool resend = askYesNoQuestion("Would you like to send a new code? (y/n) "); if (resend) { // Request a resend of the confirmation code to the email address. (ResendConfirmationCode) Aws::CognitoIdentityProvider::Model::ResendConfirmationCodeRequest request; request.SetUsername(userName); request.SetClientId(clientID); Aws::CognitoIdentityProvider::Model::ResendConfirmationCodeOutcome outcome = client.ResendConfirmationCode(request); if (outcome.IsSuccess()) { std::cout << "CognitoIdentityProvider::ResendConfirmationCode was successful." << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::ResendConfirmationCode. " << outcome.GetError().GetMessage() << std::endl; return false; } } printAsterisksLine(); { // 4. Send the confirmation code that's received in the email. (ConfirmSignUp) const Aws::String confirmationCode = askQuestion( "Enter the confirmation code that was emailed: "); Aws::CognitoIdentityProvider::Model::ConfirmSignUpRequest request; request.SetClientId(clientID); request.SetConfirmationCode(confirmationCode); request.SetUsername(userName); Aws::CognitoIdentityProvider::Model::ConfirmSignUpOutcome outcome = client.ConfirmSignUp(request); if (outcome.IsSuccess()) { std::cout << "ConfirmSignup was Successful." << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::ConfirmSignUp. " << outcome.GetError().GetMessage() << std::endl; return false; } } std::cout << "Rechecking the status of " << userName << " in the user pool." << std::endl; if (!checkAdminUserStatus(userName, userPoolID, client)) { return false; } printAsterisksLine(); std::cout << "Initiating authorization using the username and password." << std::endl; Aws::String session; // 5. Initiate authorization with username and password. (AdminInitiateAuth) if (!adminInitiateAuthorization(clientID, userPoolID, userName, password, session, client)) { return false; } printAsterisksLine(); std::cout << "Starting setup of time-based one-time password (TOTP) multi-factor authentication (MFA)." << std::endl; { // 6. Request a setup key for one-time password (TOTP) // multi-factor authentication (MFA). (AssociateSoftwareToken) Aws::CognitoIdentityProvider::Model::AssociateSoftwareTokenRequest request; request.SetSession(session); Aws::CognitoIdentityProvider::Model::AssociateSoftwareTokenOutcome outcome = client.AssociateSoftwareToken(request); if (outcome.IsSuccess()) { std::cout << "Enter this setup key into an authenticator app, for example Google Authenticator." << std::endl; std::cout << "Setup key: " << outcome.GetResult().GetSecretCode() << std::endl; #ifdef USING_QR printAsterisksLine(); std::cout << "\nOr scan the QR code in the file '" << QR_CODE_PATH << "." << std::endl; saveQRCode(std::string("otpauth://totp/") + userName + "?secret=" + outcome.GetResult().GetSecretCode()); #endif // USING_QR session = outcome.GetResult().GetSession(); } else { std::cerr << "Error with CognitoIdentityProvider::AssociateSoftwareToken. " << outcome.GetError().GetMessage() << std::endl; return false; } } askQuestion("Type enter to continue...", alwaysTrueTest); printAsterisksLine(); { Aws::String userCode = askQuestion( "Enter the 6 digit code displayed in the authenticator app: "); // 7. Send the MFA code copied from an authenticator app. (VerifySoftwareToken) Aws::CognitoIdentityProvider::Model::VerifySoftwareTokenRequest request; request.SetUserCode(userCode); request.SetSession(session); Aws::CognitoIdentityProvider::Model::VerifySoftwareTokenOutcome outcome = client.VerifySoftwareToken(request); if (outcome.IsSuccess()) { std::cout << "Verification of the code was successful." << std::endl; session = outcome.GetResult().GetSession(); } else { std::cerr << "Error with CognitoIdentityProvider::VerifySoftwareToken. " << outcome.GetError().GetMessage() << std::endl; return false; } } printAsterisksLine(); std::cout << "You have completed the MFA authentication setup." << std::endl; std::cout << "Now, sign in." << std::endl; // 8. Initiate authorization again with username and password. (AdminInitiateAuth) if (!adminInitiateAuthorization(clientID, userPoolID, userName, password, session, client)) { return false; } Aws::String accessToken; { Aws::String mfaCode = askQuestion( "Re-enter the 6 digit code displayed in the authenticator app: "); // 9. Send a new MFA code copied from an authenticator app. (AdminRespondToAuthChallenge) Aws::CognitoIdentityProvider::Model::AdminRespondToAuthChallengeRequest request; request.AddChallengeResponses("USERNAME", userName); request.AddChallengeResponses("SOFTWARE_TOKEN_MFA_CODE", mfaCode); request.SetChallengeName( Aws::CognitoIdentityProvider::Model::ChallengeNameType::SOFTWARE_TOKEN_MFA); request.SetClientId(clientID); request.SetUserPoolId(userPoolID); request.SetSession(session); Aws::CognitoIdentityProvider::Model::AdminRespondToAuthChallengeOutcome outcome = client.AdminRespondToAuthChallenge(request); if (outcome.IsSuccess()) { std::cout << "Here is the response to the challenge.\n" << outcome.GetResult().GetAuthenticationResult().Jsonize().View().WriteReadable() << std::endl; accessToken = outcome.GetResult().GetAuthenticationResult().GetAccessToken(); } else { std::cerr << "Error with CognitoIdentityProvider::AdminRespondToAuthChallenge. " << outcome.GetError().GetMessage() << std::endl; return false; } std::cout << "You have successfully added a user to Amazon Cognito." << std::endl; } if (askYesNoQuestion("Would you like to delete the user that you just added? (y/n) ")) { // 10. Delete the user that you just added. (DeleteUser) Aws::CognitoIdentityProvider::Model::DeleteUserRequest request; request.SetAccessToken(accessToken); Aws::CognitoIdentityProvider::Model::DeleteUserOutcome outcome = client.DeleteUser(request); if (outcome.IsSuccess()) { std::cout << "The user " << userName << " was deleted." << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::DeleteUser. " << outcome.GetError().GetMessage() << std::endl; } } return true; } //! Routine which checks the user status in an Amazon Cognito user pool. /*! \sa checkAdminUserStatus() \param userName: A username. \param userPoolID: An Amazon Cognito user pool ID. \return bool: Successful completion. */ bool AwsDoc::Cognito::checkAdminUserStatus(const Aws::String &userName, const Aws::String &userPoolID, const Aws::CognitoIdentityProvider::CognitoIdentityProviderClient &client) { Aws::CognitoIdentityProvider::Model::AdminGetUserRequest request; request.SetUsername(userName); request.SetUserPoolId(userPoolID); Aws::CognitoIdentityProvider::Model::AdminGetUserOutcome outcome = client.AdminGetUser(request); if (outcome.IsSuccess()) { std::cout << "The status for " << userName << " is " << Aws::CognitoIdentityProvider::Model::UserStatusTypeMapper::GetNameForUserStatusType( outcome.GetResult().GetUserStatus()) << std::endl; std::cout << "Enabled is " << outcome.GetResult().GetEnabled() << std::endl; } else { std::cerr << "Error with CognitoIdentityProvider::AdminGetUser. " << outcome.GetError().GetMessage() << std::endl; } return outcome.IsSuccess(); } //! Routine which starts authorization of an Amazon Cognito user. //! This routine requires administrator credentials. /*! \sa adminInitiateAuthorization() \param clientID: Client ID of tracked device. \param userPoolID: An Amazon Cognito user pool ID. \param userName: A username. \param password: A password. \param sessionResult: String to receive a session token. \return bool: Successful completion. */ bool AwsDoc::Cognito::adminInitiateAuthorization(const Aws::String &clientID, const Aws::String &userPoolID, const Aws::String &userName, const Aws::String &password, Aws::String &sessionResult, const Aws::CognitoIdentityProvider::CognitoIdentityProviderClient &client) { Aws::CognitoIdentityProvider::Model::AdminInitiateAuthRequest request; request.SetClientId(clientID); request.SetUserPoolId(userPoolID); request.AddAuthParameters("USERNAME", userName); request.AddAuthParameters("PASSWORD", password); request.SetAuthFlow( Aws::CognitoIdentityProvider::Model::AuthFlowType::ADMIN_USER_PASSWORD_AUTH); Aws::CognitoIdentityProvider::Model::AdminInitiateAuthOutcome outcome = client.AdminInitiateAuth(request); if (outcome.IsSuccess()) { std::cout << "Call to AdminInitiateAuth was successful." << std::endl; sessionResult = outcome.GetResult().GetSession(); } else { std::cerr << "Error with CognitoIdentityProvider::AdminInitiateAuth. " << outcome.GetError().GetMessage() << std::endl; } return outcome.IsSuccess(); } ``` + Per informazioni dettagliate sull'API, consulta i seguenti argomenti nella *documentazione di riferimento dell’API AWS SDK per C\$1\$1 *. + [AdminGetUser](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AdminGetUser) + [AdminInitiateAuth](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AdminInitiateAuth) + [AdminRespondToAuthChallenge](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AdminRespondToAuthChallenge) + [AssociateSoftwareToken](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/AssociateSoftwareToken) + [ConfirmDevice](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/ConfirmDevice) + [ConfirmSignUp](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/ConfirmSignUp) + [InitiateAuth](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/InitiateAuth) + [ListUsers](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/ListUsers) + [ResendConfirmationCode](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/ResendConfirmationCode) + [RespondToAuthChallenge](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/RespondToAuthChallenge) + [SignUp](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/SignUp) + [VerifySoftwareToken](https://docs.aws.amazon.com/goto/SdkForCpp/cognito-idp-2016-04-18/VerifySoftwareToken)