我正在尝试使用Facebook凭据登录AWS。我在Amazon Cognito上使用Facebook作为我的社交身份提供者设置了联邦身份,但由于某种原因它不进行身份验证。亚马逊上的文档不是最新的,所以我不知道该怎么做。
以下是ios应用程序的一些快速代码:
let token = FBSDKAccessToken.currentAccessToken().tokenString
let provider = MyProvider(tokens: [AWSIdentityProviderFacebook: token])
let credentialsProvider = AWSCognitoCredentialsProvider(regionType: region, identityPoolId: poolId, identityProviderManager: provider)
let configuration = AWSServiceConfiguration(region: region, credentialsProvider:credentialsProvider)
AWSServiceManager.defaultServiceManager().defaultServiceConfiguration = configuration
let id = credentialsProvider.getIdentityId()
这是MyProvider类:
import Foundation
import AWSCognitoIdentityProvider
class MyProvider:NSObject, AWSIdentityProviderManager{
var tokens : [NSString : NSString]?
init(tokens: [NSString : NSString])
{
self.tokens = tokens
}
@objc func logins() -> AWSTask {
return AWSTask(result: tokens)
}
}
我可以从Facebook获取令牌并登录但是当我将此令牌传递给Cognito时,我收到类似“NotAuthorizedException”的错误“令牌不是来自此身份池的受支持提供者。”传递给AWSCognitoCredentialsProvider的池ID和区域与Amazon Cognito上的池ID和区域匹配,我在MyProvider中定义的方法被调用。如果有人让它工作,请分享你所做的工作。我将不胜感激任何建议和帮助!
答案 0 :(得分:1)
我正在尝试进行facebook身份验证和Cognito登录。我做了几乎和你一样的代码。下面是我的代码。
@IBAction func SigninWithFaceBook(_ sender: Any) {
let loginManager: FBSDKLoginManager = FBSDKLoginManager()
loginManager.logIn(withReadPermissions: ["public_profile", "email", "user_birthday", "user_gender"], from: self) { (result, error) in
if error != nil {
print("error")
} else if (result?.isCancelled)! {
print("Cancelled")
} else {
let loginResult: FBSDKLoginManagerLoginResult = result!
if loginResult.grantedPermissions != nil {
if loginResult.grantedPermissions.contains("email") {
if FBSDKAccessToken.current() != nil {
let tokenString = FBSDKAccessToken.current().tokenString
print("FBSDKAccessToken.current() \(FBSDKAccessToken.current()) string \(String(describing: tokenString)) )")
FBSDKGraphRequest(graphPath: "me", parameters: ["fields": "id, name, email, gender, birthday "]).start(completionHandler: { (connection, result, error) -> Void in
if error == nil {
let json = result as! [String : Any]
print("FBSDKGraphRequest \(json)")
let email = json["email"] as! String
let id = json["id"] as! String
let name = json["name"] as! String
let gender = json["gender"] as! String
let birthdate = json["birthday"] as! String
print("facebook login suceseeded email \(email)) id \(id) id \(name) gender \(gender) birthData \(birthdate) ")
//// Sync Cognito UserPool for facebook login //////////////////
let customcedentialProvider = CustomIdentityProvider(tokens: ["graph.facebook.com" : tokenString!])
let credentialsProvider = AWSCognitoCredentialsProvider(regionType: CognitoIdentityUserPoolRegion,
identityPoolId: CognitoFederatedIdentityUserPoolID,
unauthRoleArn: CognitoFedratedIAMRoleUnauthARN,
authRoleArn: CognitoFedratedIAMRoleAuthARN,
identityProviderManager: customcedentialProvider)
let configuration = AWSServiceConfiguration(region:CognitoIdentityUserPoolRegion, credentialsProvider:credentialsProvider)
AWSServiceManager.default().defaultServiceConfiguration = configuration
credentialsProvider.getIdentityId()
print("credentialsProvider.getIdentityId() \(credentialsProvider.getIdentityId())")
self.navigationController?.popToRootViewController(animated: true)
self.dismiss(animated: true, completion: nil)
print("didCompleteFBLogin ~~~~~ No Error ----- and dismiss")
}else{
print("FBSDKGraphRequest error")
}
})
} else {
print("Token is nil")
}
loginManager.logOut()
} else {
print("It can not get user email from this Facebook user")
}
} else {
print("Permission is not granted")
}
}
}
}
我不确定Cognito logoin是否有效。 打印我们的“credentialsProvider.getIdentityId()”已完成如下,但在Cognito用户的Cognito联合身份池中没有为FederatedAppAuthRole注册用户池。
credentialsProvider.getIdentityId()AWSTask:0x1c5e78d00;完成=是;取消=否;故障=否;结果= ap-northeast-1:2fd1e4aa-97f4-XXXX-XXXX-XXXXXXXXXXXX
请告诉我你的建议。
答案 1 :(得分:0)
登录地图中的密钥应为 graph.facebook.com 。尝试使用AWSCognitoLoginProviderKey.Facebook.rawValue
代替AWSIdentityProviderFacebook
答案 2 :(得分:0)
以某种方式解决了我的问题。我做的只是删除了我的身份池和Facebook应用程序,并创建了新的。现在工作正常。