/example-cognito-java

Example of using AWS Cognito from a Java web-app

Primary LanguageJavaApache License 2.0Apache-2.0

A Java Web-app Using AWS Cognito

This is the example code for a blog post. Please read that post before downloading and building this project, as it explains a lot of the decisions that I made. Some of those decisions I would make again, some I wouldn't.

Cognito is marketed as a client-side technology. It also happens to be by far the worst-documented Amazon service that I've ever used. However, its feature set is compelling: you can manage users, provide validation of both email and mobile phone, and support multi-factor authentication. But, as I said, it's the worst-documented Amazon service that I've ever used.

Based on the documentation, reading the Android source code, and a bunch of experimentation, I've worked out how to use it from the server side. I've wrapped the basic operations in Java servlets, with some simple front-end pages to invoke them. Currently it supports the following features:

  • Users identified via email address.
  • Signup uses a temporary password, generated by Cognito.
  • Authentication using Cognito-generated tokens (with caching so we don't hit a call limit).

If you believe that I'm using Cognito incorrectly, feel free to open an issue. However, please do not use issues to ask debugging questions; Stack Overflow is a much better resource.

Building and Running

Start by creating the user pool. You can do this manually, or by running the provided script:

> src/scripts/cognito-create-userpool.sh Example Example
User Pool ID:  us-east-1_rCQ6gAd1Q
Client ID:     5co5s8e43krcdps2lrp4fo301i

Update src/main/webapp/WEB-INF/web.xml, setting the initialization parameters cognito_pool_id and cognito_client_id to the values output in the previous step.

You can build with Maven and deploy to your favorite app-server, import into your favorite IDE, or run with the Jetty plugin:

mvn jetty:run