Abstract
JavaでAWS Cognitoをローカルエミュレータ(cognito-local)上で使ってみました。
1. Introduction
1.1. Preparation
-
Launch cognito-local (AWS Cognito Mock)
docker-compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
services:
cognito-local:
image: jagregory/cognito-local:latest
ports:
- "9229:9229"
volumes:
- ./.cognito:/app/.cognito
environment:
- COGNITO_LOCAL_DEVMODE=1
command: ["yarn", "start"]
# オプション: 設定用のinit用コンテナ
cognito-init:
image: amazon/aws-cli:latest
depends_on:
cognito-local:
condition: service_started
environment:
- AWS_ACCESS_KEY_ID=local
- AWS_SECRET_ACCESS_KEY=local
- AWS_DEFAULT_REGION=us-east-1
volumes:
- ./localstack/init/init-cognito.sh:/init-cognito.sh
command: ["sh", "/init-cognito.sh"]
profiles:
- init
|
init-cognito.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
#!/bin/bash
# Cognito-localが起動するまで待機
sleep 10
# エンドポイントの設定
export AWS_ENDPOINT_URL=http://localhost:9229
# ユーザープールの作成
USER_POOL_ID=$(aws cognito-idp create-user-pool \
--pool-name "test-pool" \
--policies "PasswordPolicy={MinimumLength=8,RequireUppercase=false,RequireLowercase=false,RequireNumbers=false,RequireSymbols=false}" \
--query 'UserPool.Id' \
--output text)
echo "Created User Pool: $USER_POOL_ID"
# ユーザープールクライアントの作成
CLIENT_ID=$(aws cognito-idp create-user-pool-client \
--user-pool-id "$USER_POOL_ID" \
--client-name "test-client" \
--generate-secret \
--query 'UserPoolClient.ClientId' \
--output text)
echo "Created User Pool Client: $CLIENT_ID"
# テストユーザーの作成
aws cognito-idp admin-create-user \
--user-pool-id $USER_POOL_ID \
--username "testuser@example.com" \
--temporary-password "TempPass123!" \
--message-action "SUPPRESS"
echo "Created test user: testuser@example.com"
# 設定情報を出力
echo "=== Cognito Local Configuration ==="
echo "User Pool ID: $USER_POOL_ID"
echo "Client ID: $CLIENT_ID"
echo "Endpoint: http://localhost:9229"
echo "Test User: testuser@example.com / TempPass123!"
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
# 検証時
## Dockerコンテナ起動
$ colima start
## cognito-local起動
$ docker compose up -d
# 検証終了時
## cognito-local停止
$ docker compose down
## Dockerコンテナ停止
$ colima stop
|
2. Java Source Code
CognitoUserController.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
package com.example.cognito_sample.controller;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.client.builder.AwsClientBuilder;
import com.amazonaws.services.cognitoidp.AWSCognitoIdentityProvider;
import com.amazonaws.services.cognitoidp.AWSCognitoIdentityProviderClientBuilder;
import com.amazonaws.services.cognitoidp.model.*;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RestController;
import java.util.stream.Collectors;
/**
* Controller for interacting with AWS Cognito User Pools.
*
* This controller provides endpoints for checking the health of the service,
* debugging connection to Cognito, and listing users in a user pool.
* It uses a locally running Cognito endpoint for development/testing purposes.
*/
@RestController
public class CognitoUserController {
private final AWSCognitoIdentityProvider cognitoClient;
@Value("${aws.cognito.endpoint:http://localhost:9229}")
private String cognitoEndpoint;
@Value("${aws.cognito.region:us-east-1}")
private String region;
@Value("${aws.cognito.userPoolId}")
private String userPoolId;
@Value("${aws.cognito.clientId}")
private String clientId;
/**
* Constructs a CognitoUserController with endpoint and region configurations.
*
* @param endpoint The endpoint URL of the local Cognito service.
* @param region The AWS region (e.g., "us-east-1").
* @param userPoolId The Cognito User Pool ID to be used.
* @param clientId The Cognito App Client ID.
*/
public CognitoUserController(
@Value("${aws.cognito.endpoint:http://localhost:9229}") String endpoint,
@Value("${aws.cognito.region:us-east-1}") String region,
@Value("${aws.cognito.userPoolId}") String userPoolId,
@Value("${aws.cognito.clientId}") String clientId) {
this.userPoolId = userPoolId;
this.clientId = clientId;
this.cognitoClient = AWSCognitoIdentityProviderClientBuilder.standard()
.withCredentials(new AWSStaticCredentialsProvider(
new BasicAWSCredentials("local", "local")
))
.withEndpointConfiguration(new AwsClientBuilder.EndpointConfiguration(endpoint, region))
.build();
}
/**
* Health check endpoint.
*
* @return A simple status message including the configured Cognito endpoint.
*/
@GetMapping("/health")
public String health() {
return "Service is running. Cognito endpoint: " + cognitoEndpoint;
}
/**
* Debug endpoint to test if the Cognito connection is working.
*
* @return A success message if the connection is established; otherwise, the error message.
*/
@GetMapping("/debug/cognito")
public String debugCognito() {
try {
// Test connectivity by listing user pools (limit 1)
cognitoClient.listUserPools(new ListUserPoolsRequest().withMaxResults(1));
return "Cognito connection OK";
} catch (Exception e) {
return "Cognito connection failed: " + e.getMessage();
}
}
/**
* Debug endpoint to list all users in the configured Cognito user pool.
*
* @return A comma-separated list of usernames, or an error message if listing fails.
*/
@GetMapping("/debug/users")
public String listUsers() {
try {
ListUsersRequest request = new ListUsersRequest()
.withUserPoolId(this.userPoolId);
ListUsersResult result = cognitoClient.listUsers(request);
return result.getUsers().stream()
.map(user -> "Username: " + user.getUsername())
.collect(Collectors.joining(", "));
} catch (Exception e) {
return "Error listing users: " + e.getMessage();
}
}
}
|
3. Execution Result
1
2
3
4
5
6
|
❯ curl http://localhost:8080/health
Service is running. Cognito endpoint: http://localhost:9229%
❯ curl http://localhost:8080/debug/cognito
Cognito connection OK%
❯ curl http://localhost:8080/debug/users
Username: e08a1de2-b91f-4c58-a250-904c3ed0fe65%
|
4. Reference