init commit

Author: max-pv

.gitignore

@@ -0,0 +1,12 @@
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+
+# Test binary, build with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out

LICENSE.txt

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2019 Max
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,24 @@
+# Golang AWS Cognito Register, Verify phone number, Login and Get User example
+
+This example code demonstrates how to use AWS Cognito with AWS Go SDK in a form of simple web pages where you can:
+
+1. Check if username is taken
+2. Register
+3. Verify user's phone
+4. Login with username or refresh token
+
+In order this solution to work, you need to have AWS credentials configured (file `.aws/configuration` exists) and User Pool created in AWS Console. You have to disable "Remember device" and enable "Sms second-factor" on authentication tab.
+
+You will also need to create App Client in User Pool without "Generate Secret Key" checkbox. When the app client is created, in it's settings select "Enable username-password (non-SRP) flow for app-based authentication (USER_PASSWORD_AUTH)".
+
+## Build
+
+Go to `/src` folder and run:
+
+```go
+go build -o ./build/cognito
+
+AWS_PROFILE=XXX COGNITO_APP_CLIENT_ID=XXX COGNITO_USER_POOL_ID=XXX ./build/cognito
+```
+
+Visit http://localhost:8080/register to see the registration page.

public/login.html

@@ -0,0 +1,112 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta http-equiv="X-UA-Compatible" content="ie=edge" />
+    <link
+      rel="stylesheet"
+      href="https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css"
+    />
+    <title>Login</title>
+    <style>
+      .holder {
+        display: flex;
+        align-items: center;
+        justify-content: center;
+      }
+      code {
+        font-size: 9px !important;
+        overflow-x: scroll;
+      }
+    </style>
+  </head>
+  <body class="holder">
+    <div class="ui raised text container">
+      <div class="column">
+        <h1 class="ui header">Login</h1>
+        <div class="ui compact message hidden" id="message">
+          <p>
+            Message goes here...
+          </p>
+        </div>
+
+        <div class="ui styled fluid accordion">
+          <div class="active title">
+            <i class="dropdown icon"></i>
+            Username / Password
+          </div>
+          <div class="active content">
+            <form class="ui form padded" method="post" action="/login">
+              <div class="field">
+                <label>Username</label>
+                <input
+                  type="text"
+                  name="username"
+                  required
+                  placeholder="Please enter your username or refresh token"
+                />
+              </div>
+              <div class="field">
+                <label>Password</label>
+                <input
+                  type="password"
+                  name="password"
+                  required
+                  placeholder="Wh4t_i5_your_p@ssw0rd?"
+                />
+              </div>
+              <button class="ui button" type="submit">Submit</button>
+            </form>
+          </div>
+          <div class="title">
+            <i class="dropdown icon"></i>
+            Refresh token
+          </div>
+          <div class="content">
+            <form class="ui form padded" method="post" action="/login">
+              <div class="field">
+                <input type="hidden" name="refresh" value="1" />
+
+                <label>Refresh token</label>
+                <input
+                  type="text"
+                  name="refresh_token"
+                  required
+                  placeholder="Please enter the refresh token"
+                />
+              </div>
+              <button class="ui button" type="submit">Submit</button>
+            </form>
+          </div>
+        </div>
+
+        <code class="ui compact message hidden" id="authres">
+          Message goes here...
+        </code>
+      </div>
+    </div>
+  </body>
+  <script
+    src="https://code.jquery.com/jquery-3.1.1.min.js"
+    integrity="sha256-hVVnYaiADRTO2PzUGmuLJr8BLUSjGIZsDYGmIJLv2b8="
+    crossorigin="anonymous"
+  ></script>
+  <script src="https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.js"></script>
+  <script>
+    $(".ui.accordion").accordion();
+
+    if (document.location.search.includes("error")) {
+      const m = document.getElementById("message");
+      m.style.display = "block";
+      const err = document.location.search.replace("?error=", "");
+      m.textContent = decodeURI(err);
+    }
+    if (document.location.search.includes("authres")) {
+      const m = document.getElementById("authres");
+      m.style.display = "block";
+      const err = document.location.search.replace("?authres=", "");
+      m.textContent = decodeURI(err);
+    }
+  </script>
+</html>

public/otp.html

@@ -0,0 +1,47 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta http-equiv="X-UA-Compatible" content="ie=edge" />
+    <link
+      rel="stylesheet"
+      href="https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css"
+    />
+    <title>OTP</title>
+    <style>
+      .holder {
+        display: flex;
+        align-items: center;
+        justify-content: center;
+      }
+    </style>
+  </head>
+  <body class="holder">
+    <div class="ui raised text container">
+      <div class="column">
+        <h1 class="ui header">Verify phone number</h1>
+        <div class="ui compact message hidden" id="message">
+          <p>
+            Message goes here...
+          </p>
+        </div>
+        <form class="ui form padded segment" method="post" action="/otp">
+          <div class="field">
+            <label>One time code</label>
+            <input type="text" name="otp" required placeholder="XXXXXX" />
+          </div>
+          <button class="ui button" type="submit">Submit</button>
+        </form>
+      </div>
+    </div>
+  </body>
+  <script>
+    if (document.location.search.includes("error")) {
+      const m = document.getElementById("message");
+      m.style.display = "block";
+      const err = document.location.search.replace("?error=", "");
+      m.textContent = decodeURI(err);
+    }
+  </script>
+</html>

public/register.html

@@ -0,0 +1,73 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta http-equiv="X-UA-Compatible" content="ie=edge" />
+    <link
+      rel="stylesheet"
+      href="https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css"
+    />
+    <title>Register</title>
+    <style>
+      .holder {
+        display: flex;
+        align-items: center;
+        justify-content: center;
+      }
+      #message {
+          display: none
+      }
+    </style>
+  </head>
+  <body class="holder">
+    <div class="ui raised text container">
+      <div class="column">
+        <h1 class="ui header">Register</h1>
+        <div class="ui compact message" id="message">
+          <p>
+            An error ocurred during your request.
+          </p>
+        </div>
+        <form class="ui form padded segment" method="post" action="/register">
+          <div class="field">
+            <label>Username</label>
+            <input
+              type="text"
+              name="username"
+              required
+              placeholder="User name"
+            />
+          </div>
+          <div class="field">
+            <label>Password</label>
+            <input
+              type="password"
+              name="password"
+              required
+              placeholder="Password"
+            />
+          </div>
+          <div class="field">
+            <label>Phone number</label>
+            <input
+              type="text"
+              name="phone_number"
+              required
+              placeholder="+XXXXXXXXXXX"
+            />
+          </div>
+          <button class="ui button" type="submit">Submit</button>
+        </form>
+      </div>
+    </div>
+  </body>
+  <script>
+    if (document.location.search.includes("error")) {
+        const m = document.getElementById("message")
+        m.style.display = "block"
+        const err = document.location.search.replace("?error=", "")
+        m.textContent = decodeURI(err);
+    }
+    </script>
+</html>

public/username.html

@@ -0,0 +1,47 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta http-equiv="X-UA-Compatible" content="ie=edge" />
+    <link
+      rel="stylesheet"
+      href="https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css"
+    />
+    <title>Check username</title>
+    <style>
+      .holder {
+        display: flex;
+        align-items: center;
+        justify-content: center;
+      }
+    </style>
+  </head>
+  <body class="holder">
+    <div class="ui raised text container">
+      <div class="column">
+        <h1 class="ui header">Check username</h1>
+        <div class="ui compact message hidden" id="message">
+          <p>
+            Message goes here...
+          </p>
+        </div>
+        <form class="ui form padded segment" method="post" action="/username">
+          <div class="field">
+            <label>Check if username is taken</label>
+            <input type="text" name="username" required placeholder="Please enter the username" />
+          </div>
+          <button class="ui button" type="submit">Submit</button>
+        </form>
+      </div>
+    </div>
+  </body>
+  <script>
+    if (document.location.search.includes("error")) {
+      const m = document.getElementById("message");
+      m.style.display = "block";
+      const err = document.location.search.replace("?error=", "");
+      m.textContent = decodeURI(err);
+    }
+  </script>
+</html>

src/login.go

@@ -0,0 +1,51 @@
+package main
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/aws/aws-sdk-go/aws"
+
+	cognito "github.com/aws/aws-sdk-go/service/cognitoidentityprovider"
+)
+
+const flowUsernamePassword = "USER_PASSWORD_AUTH"
+const flowRefreshToken = "REFRESH_TOKEN_AUTH"
+
+// Login handles login scenario.
+func (c *CognitoExample) Login(w http.ResponseWriter, r *http.Request) {
+	r.ParseForm()
+
+	username := r.Form.Get("username")
+	password := r.Form.Get("password")
+	refresh := r.Form.Get("refresh")
+	refreshToken := r.Form.Get("refresh_token")
+
+	flow := aws.String(flowUsernamePassword)
+	params := map[string]*string{
+		"USERNAME": aws.String(username),
+		"PASSWORD": aws.String(password),
+	}
+
+	if refresh != "" {
+		flow = aws.String(flowRefreshToken)
+		params = map[string]*string{
+			"REFRESH_TOKEN": aws.String(refreshToken),
+		}
+	}
+
+	authTry := &cognito.InitiateAuthInput{
+		AuthFlow:       flow,
+		AuthParameters: params,
+		ClientId:       aws.String(c.AppClientID),
+	}
+
+	res, err := c.CognitoClient.InitiateAuth(authTry)
+	if err != nil {
+		fmt.Println(err)
+		http.Redirect(w, r, fmt.Sprintf("/login?error=%s", err.Error()), http.StatusSeeOther)
+		return
+	}
+
+	http.Redirect(w, r, fmt.Sprintf("/login?authres=%s", res.AuthenticationResult), http.StatusFound)
+}