AWS cognito documentation change
Summary
Added Swift SDK code example for AdminInitiateAuth API showing authentication flow implementation
Security assessment
While authentication is security-related, this change documents standard authentication implementation rather than addressing vulnerabilities. It demonstrates password-based auth flow handling but doesn't introduce new security features.
Diff
diff --git a/cognito/latest/developerguide/cognito-identity-provider_example_cognito-identity-provider_AdminInitiateAuth_section.md b/cognito/latest/developerguide/cognito-identity-provider_example_cognito-identity-provider_AdminInitiateAuth_section.md index bfae47b16..cc88e46ec 100644 --- a//cognito/latest/developerguide/cognito-identity-provider_example_cognito-identity-provider_AdminInitiateAuth_section.md +++ b//cognito/latest/developerguide/cognito-identity-provider_example_cognito-identity-provider_AdminInitiateAuth_section.md @@ -348,0 +349,69 @@ There's more on GitHub. Find the complete example and learn how to set up and ru +Swift + + +**SDK for Swift** + + +###### Note + +There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/swift/example_code/cognito-identity-provider#code-examples). + + + import AWSCognitoIdentityProvider + + /// Begin an authentication session. + /// + /// - Parameters: + /// - cipClient: The `CongitoIdentityProviderClient` to use. + /// - clientId: The app client ID to use. + /// - userName: The username to check. + /// - password: The user's password. + /// - userPoolId: The user pool to use. + /// + /// - Returns: The session token associated with this authentication + /// session. + func initiateAuth(cipClient: CognitoIdentityProviderClient, clientId: String, + userName: String, password: String, + userPoolId: String) async -> String? { + var authParams: [String: String] = [:] + + authParams["USERNAME"] = userName + authParams["PASSWORD"] = password + + do { + let output = try await cipClient.adminInitiateAuth( + input: AdminInitiateAuthInput( + authFlow: CognitoIdentityProviderClientTypes.AuthFlowType.adminUserPasswordAuth, + authParameters: authParams, + clientId: clientId, + userPoolId: userPoolId + ) + ) + + guard let challengeName = output.challengeName else { + print("*** Invalid response from the auth service.") + return nil + } + + print("=====> Response challenge is \(challengeName)") + + return output.session + } catch _ as UserNotFoundException { + print("*** The specified username, \(userName), doesn't exist.") + return nil + } catch _ as UserNotConfirmedException { + print("*** The user \(userName) has not been confirmed.") + return nil + } catch { + print("*** An unexpected error occurred.") + return nil + } + } + + + + * For API details, see [AdminInitiateAuth](https://sdk.amazonaws.com/swift/api/awscognitoidentityprovider/latest/documentation/awscognitoidentityprovider/cognitoidentityproviderclient/admininitiateauth\(input:\)) in _AWS SDK for Swift API reference_. + + + +