Amazon Cognito provides authentication, authorization, and user management for your web and mobile apps. Your users can sign in directly with a username and password, or through a third party such as Facebook, Amazon, Google, or Apple.
We can configure Amazon Cognito in such a way that users can sign in with their email, phone, or user name. If you enable sign-in with a user name, you can set a "preferred user name" attribute (preferred_username) which will work as an alternate value for the username attribute (username).
We have users registered in Amazon Cognito, whose password is missing or forgotten, Then we need to reset the password.
If a user wants to change the password for security purposes then we have ChangePasswordRequest and adminResetUserPasswordRequest API from aws-java-sdk-cognitoidp jar.
Table of Content :
- Introduction
- What is Amazon Cognito?
- Change Cognito User password using ChangePasswordRequest
- Maven dependencies
- Create AWSCognitoIdentityProvider Object
- AdminResetUserPassword
- Articles/Questions related to AWS Cognito Change User password
- Summary
Change Cognito User password using ChangePasswordRequest
This Changes the password for a specified user in a user pool.
ChangePasswordResult changePassword(ChangePasswordRequest changePasswordRequest)
changePasswordRequest - Represents the request to change a user password.
Request Syntax
{
"AccessToken": "string",
"PreviousPassword": "string",
"ProposedPassword": "string"
}
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
Maven dependencies
Here is the required maven dependency, we need to add this in the pom.xml file
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-core</artifactId>
<version>1.11.764</version>
</dependency>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-cognitoidp</artifactId>
<version>1.11.764</version>
</dependency>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk</artifactId>
<version>1.11.360</version>
</dependency>
Create AWSCognitoIdentityProvider Object
We have an AWSCognitoIdentityProvider instance
public static AWSCognitoIdentityProvider getAWSCognitoIdentityClient() {
System.setProperty("aws.accessKeyId", "-- your accessKey Id--");
System.setProperty("aws.secretKey", "-- your secret Key--");
AWSCognitoIdentityProvider cognitoClient = AWSCognitoIdentityProviderClientBuilder.standard().withRegion(Regions.AP_SOUTH_1).withCredentials(new SystemPropertiesCredentialsProvider()).build();
return client;
}
Now we have code for that
public void changePassword(final String acessToken, final String oldPassword,final String newPassword ) {
final AWSCognitoIdentityProvider client = getAWSCognitoIdentityClient();
try {
final ChangePasswordRequest changePasswordRequest = new ChangePasswordRequest().withAccessToken(acessToken)
.withPreviousPassword(oldPassword).withProposedPassword(newPassword);
client.changePassword(changePasswordRequest);
} catch (final Exception e) {
log.error("Exception Occured during changing the password");
} finally {
client.shutdown();
}
}
AdminResetUserPassword
Resets the specified user's password in a user pool as an administrator. Works on any user.
When this API is called, the current password is invalidated, so it must be changed.
If a user tries to sign in after the API is called, the app will get a PasswordResetRequiredException exception back and should direct the user down the flow to reset the password, which is the same as the forgot password flow.
In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user with the code to change their password.
public User changeUserPasswordByAdmin(final String username, final String username,String newPassword) {
final AWSCognitoIdentityProvider client = getAWSCognitoIdentityClient();
try {
final AdminSetUserPasswordRequest adminResetUserPasswordRequest = new AdminSetUserPasswordRequest()
.withUserPoolId(userpoolId).withUsername(username).withPassword(newPassword)
.withPermanent(true);
client.adminSetUserPassword(adminResetUserPasswordRequest);
} catch (final Exception e) {
log.error("Exception Occured during changing the user password");
} finally {
cognitoClient.shutdown();
}
return user;
}
Articles/Questions related to AWS Cognito Change User password
using Java
Create a Cognito user pool in AWS Console | Set up an Amazon Cognito user pool AWS Cognito Confirming User Accounts using Java
AWS Cognito SignUp and SignIn Example Using Java
AWS Cognito TOTP Software Token MFA Using Java
AWS Cognito Change User Email for Phone using Java
AWS Cognito Reset User MFA Using Java
AWS Cognito Enable SMS MFA Using Java
AWS Cognito Change User Email for Phone using Java
How to list all Amazon Cognito Users using Java
AWSCognitoIdentityProvider Method Example for Cognito User Pools API
In this article, we have seen AWS Cognito Change User password using Java. All source code in the article can be found in the GitHub repository.
0 Comments
Post a Comment