Android Cognito With SAML (O365)

落花浮王杯 提交于 2020-01-24 09:06:32

问题


I'm trying to integrate SAML with Amazon Cognito through an android application. I followed a series of YouTube videos by 101apps.co.za where I was successfully able to authenticate a manually created user on the Cognito console itself through both the hosted UI using the link format they provide in their documentation and through my simple android app.

In my scenario, I'm supposed to authenticate users using Office 365 email id's and passwords since this is a corporate environment. I did follow an article which I managed to successfully log in using Office 365. Link - AWS Cognito With Federation To Office 365 I was able to sign in easily using the generated UI by Cognito. Refer below image

The only problem is that I cannot get this to work on my Android application. Below is the error I get.

Login failed User does not exist. (Service: AmazonCognitoIdentityProvider; Status Code: 400; Error Code: UserNotFoundException; Request ID: 3cd1e93e-d118-11e8-af77-098f4bda99f1)

Below is code from my simple Android App that has 2 textboxes for username, password and a button to log in. This was implemented following the tutorial series on YouTube I mentioned earlier.

package com.midassafety.chulankumara.googleauthentication;

import android.support.v7.app.AppCompatActivity;
import android.os.Bundle;
import android.util.Log;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import android.widget.TextView;

import com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoDevice;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUserSession;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.AuthenticationContinuation;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.AuthenticationDetails;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.ChallengeContinuation;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.MultiFactorAuthenticationContinuation;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.handlers.AuthenticationHandler;

import org.w3c.dom.Text;

public class LoginActivity extends AppCompatActivity {

    private static final String TAG = "Cognito";

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_login);

        final EditText editTextUsername = findViewById(R.id.username);
        final EditText editTextPassword = findViewById(R.id.password);

        final AuthenticationHandler authenticationHandler = new AuthenticationHandler() {
            @Override
            public void onSuccess(CognitoUserSession cognitoUserSession, CognitoDevice cognitoDevice) {
                Log.i(TAG, "Login successfull, can get tokens here");
                cognitoUserSession.getIdToken();
            }

            @Override
            public void getAuthenticationDetails(AuthenticationContinuation authenticationContinuation, String userId) {
                Log.i(TAG, "Login getAuthenticationDetails()...");

                /*need to get the userId & password to continue*/
                AuthenticationDetails authenticationDetails = new AuthenticationDetails(userId, String.valueOf(editTextPassword.getText()), null);

                // Pass the user sign-in credentials to the continuation
                authenticationContinuation.setAuthenticationDetails(authenticationDetails);

                // Allow this sign-in to continue
                authenticationContinuation.continueTask();
            }

            @Override
            public void getMFACode(MultiFactorAuthenticationContinuation multiFactorAuthenticationContinuation) {
                Log.i(TAG, "Login getMFACode()...");
            }

            @Override
            public void authenticationChallenge(ChallengeContinuation challengeContinuation) {
                Log.i(TAG, "Login authenticationChallenge()...");
            }

            @Override
            public void onFailure(Exception e) {
                Log.i(TAG,"Login failed " + e.getLocalizedMessage());
            }
        };

        Button buttonLogin = findViewById(R.id.login);
        buttonLogin.setOnClickListener(new View.OnClickListener() {
            @Override
            public void onClick(View v) {
                CognitoSettings cognitoSettings = new CognitoSettings(LoginActivity.this);

                CognitoUser thisUser = cognitoSettings.getUserPool().getUser(String.valueOf(editTextUsername.getText()));

                Log.i(TAG,"Login button clicked....");

                thisUser.getSessionInBackground(authenticationHandler);
            }
        });
    }
}

This is the CognitoSettings.java class to handle the basic settings

package com.midassafety.chulankumara.googleauthentication;

import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.os.Bundle;
import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import android.support.v7.app.AppCompatActivity;
import android.util.Log;
import android.view.Gravity;
import android.view.View;
import android.widget.Button;
import android.widget.TextView;
import android.widget.Toast;

import com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUserPool;
import com.amazonaws.regions.Regions;

public class CognitoSettings  {
    private String userPoolId = "ap-southeast-1_######";
    private String clientId = "#############";
    private String clientSecret = "************************redacted********************";
    private Regions cognitoRegion = Regions.AP_SOUTHEAST_1;

    private Context context;

    public CognitoSettings(Context context){
        this.context = context;
    }

    public String getUserPoolId(){
        return userPoolId;
    }

    public String getClientId(){
        return clientId;
    }

    public String getClientSecret() {
        return clientSecret;
    }

    public Regions getCognitoRegion() {
        return cognitoRegion;
    }

    public CognitoUserPool getUserPool(){
        return new CognitoUserPool(context, userPoolId, clientId, clientSecret, cognitoRegion);
    }
}

I check the UserPool and see the AutoGenerated group for the SAML Identity Provider I created.

I've been sweeping the internet for an entire day but no luck.

What am I doing wrong or what should I do more to authenticate users using SAML with O365?

Please help!...

来源:https://stackoverflow.com/questions/52834593/android-cognito-with-saml-o365

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!