使用JavaScript SDK的AWS Cognito开发者身份验证身份

Question

使用JavaScript SDK的AWS Cognito开发者身份验证身份

javascriptamazon-web-servicesamazon-cognito

5

我需要使用JavaScript SDK来实现开发者身份验证，但是遇到了一些问题。我已经配置了一个具有自定义认证提供程序的身份池

在服务器上：

AWS.config = new AWS.Config({
    region: 'ap-northeast-2',   
    credentials: new AWS.Credentials('XXXXXS7FJBAOO5IXXXXX', 'XXXXXYBo4jmfsu7K0qJSFvu3nlVvYOcVz4GXXXXX')
});

var params = {
    IdentityPoolId: 'ap-northeast-2:a383cb2e-e302-4ff6-8d8f-70e3185XXXXX',
    Logins: {
        'com.abc.xyz': '9876543210' // different value for each user
    }
};

var cognitoidentity = new AWS.CognitoIdentity();
cognitoidentity.getOpenIdTokenForDeveloperIdentity(params, function(err, data) {
    if (err) {
        console.log(err, err.stack); // an error occurred
    }
    else {
        console.log(data);           // successful response
    }
});

服务器结果：

IdentityId: "ap-northeast-2:5cf7f3cd-b370-416b-bed8-f7f8c7aXXXXX"
Token: "eyJra.....sL8bg"

浏览器上:

AWS.config = new AWS.Config({
    region: 'ap-northeast-2'
});

var params = {
    IdentityId: 'ap-northeast-2:5cf7f3cd-b370-416b-bed8-f7f8c7aXXXXX',      //Received from server
    CustomRoleArn: 'arn:aws:iam::356127965XXX:role/XXXXX_Customer',
    Logins: {
        'com.abc.xyz': '9876543210'
    }
};

var cognitoidentity = new AWS.CognitoIdentity();
cognitoidentity.getCredentialsForIdentity(params, function(err, data) {
    if (err) {
        console.log(err, err.stack); // an error occurred
    }
    else {
        console.log(data);           // successful response
    }
});

浏览器结果：

Please provide a valid public provider

身份池配置

- Sahil Khanna

2个回答

1

我知道这是一个旧帖子，但是如果有人看到它，我相信你的第一种方法会起作用，只要你改变：

Logins: {
    'com.abc.xyz': '9876543210'
}

到

Logins: {
    'cognito-identity.amazonaws.com': "eyJra.....sL8bg"
}

我认为如果不使用您在步骤1中生成的令牌，任何解决方案都是不完整的。

- piisexactly3

网页内容由stack overflow 提供, 点击上面的

可以查看英文原文，
原文链接

- Sahil Khanna · Accepted Answer

根据这篇文章，我对浏览器部分进行了以下更改。

AWS.config.credentials = new AWS.CognitoIdentityCredentials({
    IdentityId: 'ap-northeast-2:5cf7f3cd-b370-416b-bed8-f7f8c7aXXXXX',      //Received from server
IdentityPoolId: 'ap-northeast-2:a383cb2e-e302-4ff6-8d8f-70e3185XXXXX',
    Logins: {
        'cognito-identity.amazonaws.com': '9876543210'
    }
});

AWS.config.credentials.get(function(err, data) {
    if (err) {
        console.log(err); // an error occurred
    }
    else {
        console.log(data);           // successful response
    }
});

AWS.config.credentials

现在我能够接收到包含accessKeyId、expireTime、secretAccessKey和sessionToken的响应。