OiO.lk Community platform!

Oio.lk is an excellent forum for developers, providing a wide range of resources, discussions, and support for those in the developer community. Join oio.lk today to connect with like-minded professionals, share insights, and stay updated on the latest trends and technologies in the development field.
  You need to log in or register to access the solved answers to this problem.
  • You have reached the maximum number of guest views allowed
  • Please register below to remove this limitation

How to authenticate an ASP .NET website with AWS Cognito

  • Thread starter Thread starter Primico
  • Start date Start date
P

Primico

Guest
A few years ago I used the following code to authenticate an ASP .NET website using AWS Cognito, but it probably wasn't the best solution putting the keys in the compiled code. I'm curious what is the recommended way to do this? Should Identity Center be used instead? Or should I use a credential file? And how would I handle putting the credentials on a production server?

Code:
string accessKey = "xxxxxxxxxx";
string secretKey = "xxxxxxxxxxx";
string poolId = Environment.GetEnvironmentVariable("cognito_pool_id");
string clientId = Environment.GetEnvironmentVariable("app_client_id");
string clientSecret = Environment.GetEnvironmentVariable("app_client_secret");

var awsCredentials = new BasicAWSCredentials(accessKey, secretKey);
var cognitoClient = new AmazonCognitoIdentityProviderClient(awsCredentials, RegionEndpoint.USEast1);
var userPool = new CognitoUserPool(poolId, clientId, cognitoClient, clientSecret);

builder.Services.AddCognitoIdentity();
builder.Services.AddSingleton<IAmazonCognitoIdentityProvider>(cognitoClient);
builder.Services.AddSingleton<CognitoUserPool>(userPool);

builder.Services
    .AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
    .AddCookie();

builder.Services
    .ConfigureApplicationCookie(o =>
    {
        o.Cookie.HttpOnly = true;
        o.ExpireTimeSpan = TimeSpan.FromHours(1);
        o.SlidingExpiration = true;
        o.LoginPath = "/Identity/Account/Login";
        o.LogoutPath = "/Identity/Account/Logout";
    });
<p>A few years ago I used the following code to authenticate an ASP .NET website using AWS Cognito, but it probably wasn't the best solution putting the keys in the compiled code. I'm curious what is the recommended way to do this? Should Identity Center be used instead? Or should I use a credential file? And how would I handle putting the credentials on a production server?</p>
<pre><code>string accessKey = "xxxxxxxxxx";
string secretKey = "xxxxxxxxxxx";
string poolId = Environment.GetEnvironmentVariable("cognito_pool_id");
string clientId = Environment.GetEnvironmentVariable("app_client_id");
string clientSecret = Environment.GetEnvironmentVariable("app_client_secret");

var awsCredentials = new BasicAWSCredentials(accessKey, secretKey);
var cognitoClient = new AmazonCognitoIdentityProviderClient(awsCredentials, RegionEndpoint.USEast1);
var userPool = new CognitoUserPool(poolId, clientId, cognitoClient, clientSecret);

builder.Services.AddCognitoIdentity();
builder.Services.AddSingleton<IAmazonCognitoIdentityProvider>(cognitoClient);
builder.Services.AddSingleton<CognitoUserPool>(userPool);

builder.Services
.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie();

builder.Services
.ConfigureApplicationCookie(o =>
{
o.Cookie.HttpOnly = true;
o.ExpireTimeSpan = TimeSpan.FromHours(1);
o.SlidingExpiration = true;
o.LoginPath = "/Identity/Account/Login";
o.LogoutPath = "/Identity/Account/Logout";
});
</code></pre>
Continue reading...
 

Latest posts

A
Replies
0
Views
1
Aarif Hussain A Nassar
A
F
Replies
0
Views
1
Fahmi Nur Fachrurozi
F
Top