这是我的情况:
我创建了My User Pool和My Identity Pool,然后彼此链接了like this
之后,我遵循了本教程(https://docs.aws.amazon.com/cognito/latest/developerguide/tutorial-integrating-user-pools-javascript.html)
var poolData = {
UserPoolId : 'us-east-2_{my_user_pool_id}',
ClientId : '{user_pool_client_id}'
};
var userPool = new AmazonCognitoIdentity.CognitoUserPool(poolData);
var userData = {
Username : 'user_name',
Pool : userPool
};
var authenticationData = {
Username : 'user_name', // your username here
Password : 'password', // your password here
};
var authenticationDetails = new AmazonCognitoIdentity.AuthenticationDetails(authenticationData);
var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);
cognitoUser.authenticateUser(authenticationDetails, {
onSuccess: function (result) {
var accessToken = result.getIdToken().getJwtToken();
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId: 'us-east-2:{my_identity_pool_id}',
Logins: {
'cognito-idp.us-east-2.amazonaws.com/us-east-2_{my_user_pool_id}': accessToken
}
});
AWS.config.credentials.get(function(err){
if (err) {
alert(err);
}
window.mqttClient.updateWebSocketCredentials(AWS.config.credentials.AccessKeyId,
AWS.config.credentials.SecretKey,
AWS.config.credentials.SessionToken);
});
},
onFailure: function(err) {
alert(err);
},
mfaRequired: function(codeDeliveryDetails) {
var verificationCode = prompt('Please input verification code' ,'');
cognitoUser.sendMFACode(verificationCode, this);
}
});
const mqttClient = AWSIoTData.device({
region: AWS.config.region,
host: AWSConfiguration.host,
clientId: clientId,
protocol: 'wss',
maximumReconnectTimeMs: 8000,
debug: true,
accessKeyId: '',
secretKey: '',
sessionToken: ''
});
我启用了CloudWatch日志并获得了此日志:
2018-10-13 21:55:09.890 TRACEID:xxxx-xxx-xxxx-xxxx-xxxxxxxxx PRINCIPALID:XXXXXXXXXXX:CognitoIdentityCredentials [ERROR] EVENT:MQTT Client Connect MESSAGE:Connect Status: AUTHORIZATION_ERROR Failure reason:AUTHORIZATION_FAILURE
为什么在认知模式AWS.config.credentials.get中捕获到凭据后无法使用mqtt访问AWS资源?