如何使用Cognito for Android刷新访问令牌?文档建议如下(https://docs.aws.amazon.com/cognito/latest/developerguide/using-amazon-cognito-user-identity-pools-android-sdk.html):
// Implement authentication handler
AuthenticationHandler handler = new AuthenticationHandler {
@Override
public void onSuccess(CognitoUserSession userSession) {
// Authentication was successful, the "userSession" will have the current valid tokens
// Time to do awesome stuff
}
@Override
public void getAuthenticationDetails(final AuthenticationContinuation continuation, final String userID) {
// User authentication details, userId and password are required to continue.
// Use the "continuation" object to pass the user authentication details
// After the user authentication details are available, wrap them in an AuthenticationDetails class
// Along with userId and password, parameters for user pools for Lambda can be passed here
// The validation parameters "validationParameters" are passed in as a Map<String, String>
AuthenticationDetails authDetails = new AuthenticationDetails(userId, password, validationParameters);
// Now allow the authentication to continue
continuation.setAuthenticationDetails(authDetails);
continuation.continueTask();
}
@Override
public void getMFACode(final MultiFactorAuthenticationContinuation continuation) {
// Multi-factor authentication is required to authenticate
// A code was sent to the user, use the code to continue with the authentication
// Find where the code was sent to
String codeSentHere = continuation.getParameter()[0];
// When the verification code is available, continue to authenticate
continuation.setMfaCode(code);
continuation.continueTask();
}
@Override
public void authenticationChallenge(final ChallengeContinuation continuation) {
// A custom challenge has to be solved to authenticate
// Set the challenge responses
// Call continueTask() method to respond to the challenge and continue with authentication.
}
@Override
public void onFailure(final Exception exception) {
// Authentication failed, probe exception for the cause
}
};
user.getSession(handler);
这就是为什么这不起作用的原因。当令牌过期时,我获取Session的用户对象不再被认证。因此,通过下面的方法检索缓存的用户将返回null
CognitoUser user = userPool.getCurrentUser();
因为上面的返回null,我尝试通过id
获取用户对象CognitoUser user = userPool.getUser(userId);
除非用户未经过身份验证,否则会在以下回调阶段失败,因为userID为null
@Override
public void getAuthenticationDetails(final AuthenticationContinuation continuation, final String userID)
只有当我在令牌过期之前尝试此调用时,这才有效,并且我可以收到新的访问令牌。但是在令牌过期后如何做到这一点?任何有关这方面的帮助将不胜感激。提前致谢
答案 0 :(得分:8)
当您调用getSession(...) - 获取令牌时 - 如果缓存的令牌已过期,SDK将自动刷新令牌(只要刷新令牌未过期)。如果刷新令牌也已过期,则调用getAuthenticationDetails(...),因为现在需要用户凭据(用户名,密码等)来获取新的令牌集。无论你如何获得用户对象,即通过getCurrentUser()或getUser(...)方法,只要有有效的缓存标记或者如果可以刷新令牌,你将获得带有getSession的有效令牌(。 ..)。
使用最新的SDK(版本2.3.1)重试。