As traduções são geradas por tradução automática. Em caso de conflito entre o conteúdo da tradução e da versão original em inglês, a versão em inglês prevalecerá.
# Use `InitiateAuth` com um AWS SDK ou CLI
Os exemplos de código a seguir mostram como usar o `InitiateAuth`.
Exemplos de ações são trechos de código de programas maiores e devem ser executados em contexto. É possível ver essa ação em contexto nos seguintes exemplos de código:
+ [Confirme automaticamente usuários conhecidos com uma função do Lambda](cognito-identity-provider_example_cross_CognitoAutoConfirmUser_section.md)
+ [Migre automaticamente usuários conhecidos com uma função do Lambda](cognito-identity-provider_example_cross_CognitoAutoMigrateUser_section.md)
+ [Introdução aos grupos de usuários do Amazon Cognito](cognito-identity-provider_example_cognito_identity_provider_GettingStarted_066_section.md)
+ [Inscrever um usuário em um grupo de usuários que exija MFA](cognito-identity-provider_example_cognito-identity-provider_Scenario_SignUpUserWithMfa_section.md)
+ [Grave dados de atividades personalizados com uma função do Lambda após a autenticação do usuário do Amazon Cognito](cognito-identity-provider_example_cross_CognitoCustomActivityLog_section.md)
------
#### [ .NET ]
**SDK para .NET**
Tem mais sobre GitHub. Encontre o exemplo completo e saiba como configurar e executar no [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/Cognito#code-examples).
```
///
/// Initiate authorization.
///
/// The client Id of the application.
/// The name of the user who is authenticating.
/// The password for the user who is authenticating.
/// The response from the initiate auth request.
public async Task InitiateAuthAsync(string clientId, string userName, string password)
{
var authParameters = new Dictionary();
authParameters.Add("USERNAME", userName);
authParameters.Add("PASSWORD", password);
var authRequest = new InitiateAuthRequest
{
ClientId = clientId,
AuthParameters = authParameters,
AuthFlow = AuthFlowType.USER_PASSWORD_AUTH,
};
var response = await _cognitoService.InitiateAuthAsync(authRequest);
Console.WriteLine($"Result Challenge is : {response.ChallengeName}");
return response;
}
```
+ Para obter detalhes da API, consulte [InitiateAuth](https://docs.aws.amazon.com/goto/DotNetSDKV3/cognito-idp-2016-04-18/InitiateAuth)a *Referência AWS SDK para .NET da API*.
------
#### [ CLI ]
**AWS CLI**
**Como conectar um usuário**
O exemplo de `initiate-auth` a seguir conecta um usuário com o fluxo básico de nome de usuário e senha e sem desafios adicionais.
```
aws cognito-idp initiate-auth \
--auth-flow {{USER_PASSWORD_AUTH}} \
--client-id {{1example23456789}} \
--analytics-metadata {{AnalyticsEndpointId=d70b2ba36a8c4dc5a04a0451aEXAMPLE}} \
--auth-parameters {{USERNAME=testuser,PASSWORD=[Password]}} --user-context-data {{EncodedData=mycontextdata}} --client-metadata {{MyTestKey=MyTestValue}}
```
Saída:
```
{
"AuthenticationResult": {
"AccessToken": "eyJra456defEXAMPLE",
"ExpiresIn": 3600,
"TokenType": "Bearer",
"RefreshToken": "eyJra123abcEXAMPLE",
"IdToken": "eyJra789ghiEXAMPLE",
"NewDeviceMetadata": {
"DeviceKey": "us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
"DeviceGroupKey": "-v7w9UcY6"
}
}
}
```
Consulte mais informações em [Authentication](https://docs.aws.amazon.com/cognito/latest/developerguide/authentication.html) no *Guia do desenvolvedor do Amazon Cognito*.
+ Para obter detalhes da API, consulte [InitiateAuth](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/cognito-idp/initiate-auth.html)em *Referência de AWS CLI Comandos*.
------
#### [ Go ]
**SDK para Go V2**
Tem mais sobre GitHub. Encontre o exemplo completo e saiba como configurar e executar no [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/gov2/cognito#code-examples).
```
import (
"context"
"errors"
"log"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider"
"github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider/types"
)
type CognitoActions struct {
CognitoClient *cognitoidentityprovider.Client
}
// SignIn signs in a user to Amazon Cognito using a username and password authentication flow.
func (actor CognitoActions) SignIn(ctx context.Context, clientId string, userName string, password string) (*types.AuthenticationResultType, error) {
var authResult *types.AuthenticationResultType
output, err := actor.CognitoClient.InitiateAuth(ctx, &cognitoidentityprovider.InitiateAuthInput{
AuthFlow: "USER_PASSWORD_AUTH",
ClientId: aws.String(clientId),
AuthParameters: map[string]string{"USERNAME": userName, "PASSWORD": password},
})
if err != nil {
var resetRequired *types.PasswordResetRequiredException
if errors.As(err, &resetRequired) {
log.Println(*resetRequired.Message)
} else {
log.Printf("Couldn't sign in user %v. Here's why: %v\n", userName, err)
}
} else {
authResult = output.AuthenticationResult
}
return authResult, err
}
```
+ Para obter detalhes da API, consulte [InitiateAuth](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider#Client.InitiateAuth)a *Referência AWS SDK para Go da API*.
------
#### [ JavaScript ]
**SDK para JavaScript (v3)**
Tem mais sobre GitHub. Encontre o exemplo completo e saiba como configurar e executar no [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/cognito-identity-provider#code-examples).
```
const initiateAuth = ({ username, password, clientId }) => {
const client = new CognitoIdentityProviderClient({});
const command = new InitiateAuthCommand({
AuthFlow: AuthFlowType.USER_PASSWORD_AUTH,
AuthParameters: {
USERNAME: username,
PASSWORD: password,
},
ClientId: clientId,
});
return client.send(command);
};
```
+ Para obter detalhes da API, consulte [InitiateAuth](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/cognito-identity-provider/command/InitiateAuthCommand)a *Referência AWS SDK para JavaScript da API*.
------
#### [ Python ]
**SDK para Python (Boto3)**
Tem mais sobre GitHub. Encontre o exemplo completo e saiba como configurar e executar no [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/cognito#code-examples).
Este exemplo mostra como iniciar a autenticação com um dispositivo rastreado. Para concluir o login, o cliente deve responder corretamente aos desafios de Secure Remote Password (SRP).
```
class CognitoIdentityProviderWrapper:
"""Encapsulates Amazon Cognito actions"""
def __init__(self, cognito_idp_client, user_pool_id, client_id, client_secret=None):
"""
:param cognito_idp_client: A Boto3 Amazon Cognito Identity Provider client.
:param user_pool_id: The ID of an existing Amazon Cognito user pool.
:param client_id: The ID of a client application registered with the user pool.
:param client_secret: The client secret, if the client has a secret.
"""
self.cognito_idp_client = cognito_idp_client
self.user_pool_id = user_pool_id
self.client_id = client_id
self.client_secret = client_secret
def sign_in_with_tracked_device(
self,
user_name,
password,
device_key,
device_group_key,
device_password,
aws_srp,
):
"""
Signs in to Amazon Cognito as a user who has a tracked device. Signing in
with a tracked device lets a user sign in without entering a new MFA code.
Signing in with a tracked device requires that the client respond to the SRP
protocol. The scenario associated with this example uses the warrant package
to help with SRP calculations.
For more information on SRP, see https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol.
:param user_name: The user that is associated with the device.
:param password: The user's password.
:param device_key: The key of a tracked device.
:param device_group_key: The group key of a tracked device.
:param device_password: The password that is associated with the device.
:param aws_srp: A class that helps with SRP calculations. The scenario
associated with this example uses the warrant package.
:return: The result of the authentication. When successful, this contains an
access token for the user.
"""
try:
srp_helper = aws_srp.AWSSRP(
username=user_name,
password=device_password,
pool_id="_",
client_id=self.client_id,
client_secret=None,
client=self.cognito_idp_client,
)
response_init = self.cognito_idp_client.initiate_auth(
ClientId=self.client_id,
AuthFlow="USER_PASSWORD_AUTH",
AuthParameters={
"USERNAME": user_name,
"PASSWORD": password,
"DEVICE_KEY": device_key,
},
)
if response_init["ChallengeName"] != "DEVICE_SRP_AUTH":
raise RuntimeError(
f"Expected DEVICE_SRP_AUTH challenge but got {response_init['ChallengeName']}."
)
auth_params = srp_helper.get_auth_params()
auth_params["DEVICE_KEY"] = device_key
response_auth = self.cognito_idp_client.respond_to_auth_challenge(
ClientId=self.client_id,
ChallengeName="DEVICE_SRP_AUTH",
ChallengeResponses=auth_params,
)
if response_auth["ChallengeName"] != "DEVICE_PASSWORD_VERIFIER":
raise RuntimeError(
f"Expected DEVICE_PASSWORD_VERIFIER challenge but got "
f"{response_init['ChallengeName']}."
)
challenge_params = response_auth["ChallengeParameters"]
challenge_params["USER_ID_FOR_SRP"] = device_group_key + device_key
cr = srp_helper.process_challenge(challenge_params, {"USERNAME": user_name})
cr["USERNAME"] = user_name
cr["DEVICE_KEY"] = device_key
response_verifier = self.cognito_idp_client.respond_to_auth_challenge(
ClientId=self.client_id,
ChallengeName="DEVICE_PASSWORD_VERIFIER",
ChallengeResponses=cr,
)
auth_tokens = response_verifier["AuthenticationResult"]
except ClientError as err:
logger.error(
"Couldn't start client sign in for %s. Here's why: %s: %s",
user_name,
err.response["Error"]["Code"],
err.response["Error"]["Message"],
)
raise
else:
return auth_tokens
```
+ Para obter detalhes da API, consulte a [InitiateAuth](https://docs.aws.amazon.com/goto/boto3/cognito-idp-2016-04-18/InitiateAuth)Referência da API *AWS SDK for Python (Boto3*).
------
Para obter uma lista completa dos guias do desenvolvedor do AWS SDK e exemplos de código, consulte[Usando esse serviço com um AWS SDK](sdk-general-information-section.md). Este tópico também inclui informações sobre como começar e detalhes sobre versões anteriores do SDK.