我正在使用AWS sdk进行javascript,我正在尝试使用新的Cognito用户池服务。我从基础http请求中收到错误,访问Cognito API函数 AWSCognitoIdentityService.GetId :
POST / HTTP/1.1
Host: cognito-identity.us-east-1.amazonaws.com
Connection: keep-alive
Content-Length: 985
Cache-Control: max-age=0
Origin: http://localhost:3000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 9fba852db0a50678957c5be2a317ebce5edbb4580ad7cb1d7b524e2ff5bf95f7
X-Amz-Target: AWSCognitoIdentityService.GetId
X-Amz-User-Agent: aws-sdk-js/2.3.17
Accept: */*
Referer: http://localhost:3000/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.8
请求有效负载:
{"IdentityPoolId":"us-east-1:f9a5b209-8ed6-405d-987c-eb2954d30d1c","Logins":{"cognito-idp.us-east-1.amazonaws.com/us-east-1_9ymEVPkkL":"eyJraWQiOiJQUFhBemRsVDg1K29kNzNvTFU4cnFzVUZORVJvVkh2aVJERGV4bzdISmJzPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI0OTNlYjk5MS1iMTgyLTQxYzAtYmZhNC00N2M5YzViMzM1OTMiLCJhdWQiOiI3N3U3MnRidjN2M2M2MG1pZXFlNGhhbW8yOSIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJ0b2tlbl91c2UiOiJpZCIsImF1dGhfdGltZSI6MTQ2ODk4OTY4MywiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tXC91cy1lYXN0LTFfOXltRVZQa2tMIiwibmFtZSI6Ik5uZW5uYSBVZGVnYnVuYW0iLCJleHAiOjE0Njg5OTMyODMsImlhdCI6MTQ2ODk4OTY4MywiZW1haWwiOiJubmVubmFAZGFzaHBlZWsuY29tIn0.gItOyeKF3pu24aWtaUwPMQtcOAJu9TWqmYeT3N74zijI9QgfxL93fagZvVgsQj-rqtRSddVV05ZHJBXXZiUZdb3PnUDp48R_1Kiv1RhIvMqOO43RNyS9B7G4uD0cdM8S7OCaoJMXbDPwVH5jy_j9_anm7HgbRGi3JYLS10bIvvuqznxp75V6bxsTGhVGT8EHTui-l0yqLhLbPDM05JV0sOXANFS-BO4sYjgJ-VU8GrP6D49wbses524bMIDAIRN78me5WAFC6OzOqZQ9e_JNVbgs8pHaaDqpqTZq6RUGGUS0QykhDPoJImbS_tt5rGNrVFrDpKXcwJAD1hI5x6lrNA"}}
响应:
HTTP/1.1 400 Bad Request
x-amzn-RequestId: 8e6f7124-4e35-11e6-a6a6-d56ee4384e6b
Access-Control-Allow-Origin: *
x-amzn-ErrorType: NotAuthorizedException:
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
**x-amzn-ErrorMessage: Token is not from a supported provider of this identity pool.**
Content-Type: application/x-amz-json-1.1
Content-Length: 109
Date: Wed, 20 Jul 2016 04:51:01 GMT
Connection: close
此" 令牌不是来自此标识池的受支持提供商"没有意义。此令牌来自在身份验证期间缓存的用户会话。并且提供的loginID基于Cognito用户池的格式。
以下是一些示例javascript代码:
this.loginId = 'cognito-idp.' + this.region + '.amazonaws.com/' + this.userPoolId;
this.poolData = {
UserPoolId : this.userPoolId,
ClientId : this.clientId
};
this.userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(this.poolData);
cognitoUser.getSession(function(err, session) {
if (err) {
console.log(err);
console.log("user session expired. needs to log in");
this.navigateToLogin();
return;
}
var token = session.getIdToken().getJwtToken();
AWS.config.credentials.params.Logins[this.loginId] = token;
AWS.config.credentials.refresh(function(err){
if (err) {
alert(err);
}else{
onLoggedIn();
}
});
console.log('session validity: ' + session.isValid());
}.bind(this));
令我感到困惑的是它以前的工作!有时候,在登录和退出多天后,我能够再次使用它。但是现在它们一起停止了工作。我想知道这是否是一个错误,因为这项服务仍处于测试阶段,或者我有什么问题。
答案 0 :(得分:1)
从Cognito联合身份而非用户池抛出该异常,因此不会因为服务不稳定而引发异常。这意味着您提供的登录密钥与链接到池的内容不匹配,并且是从控制台配置的。
我会仔细检查您是否在控制台correctly上配置了它,如果是这样,请添加一些日志记录,以查看当它不起作用时登录时作为密钥发送的内容与确实