我无法在Android应用中正确使用用户池与API网关的集成。 (根据此文档http://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html)
配置了我的用户池的授权程序以及配置为使用授权程序的方法。身体映射模板:
#set($inputRoot = $input.path('$'))
{
"userid" : "$context.authorizer.claims.sub"
}
以下只是复制和粘贴代码段的集合,因为它分散在应用中的不同位置。
// init
credentialsProvider = new CognitoCachingCredentialsProvider(
context,
IDENTITY_POOL_ID,
IDENTITY_POOL_REGION);
userPool = new CognitoUserPool(
context,
USER_POOL_ID,
CLIENT_ID,
CLIENT_SECRET,
new ClientConfiguration(),
USER_POOL_REGION);
// login
user = aws.userPool.getUser(username);
user.getSessionInBackground(authHandler);
String token = session.getIdToken().getJWTToken();
Map<String, String> logins = new HashMap<>();
logins.put(USER_POOL_ARN, token);
aws.credentialsProvider.setLogins(logins);
aws.credentialsProvider.refresh();
// using the api
ApiClientFactory factory = new ApiClientFactory().credentialsProvider(
aws.credentialsProvider);
apiClient = factory.build(MyAPIClient.class);
apiClient.mainGet()
com.amazonaws.mobileconnectors.apigateway.ApiClientException: {"message":"Unauthorized"}
(Service: MyAPIClient; Status Code: 401; Error Code: null; Request ID: cefd713c-1234-1234-1234-b9e32fbdedb0)
at com.amazonaws.mobileconnectors.apigateway.ApiClientHandler.handleResponse(ApiClientHandler.java:294)
at com.amazonaws.mobileconnectors.apigateway.ApiClientHandler.invoke(ApiClientHandler.java:111)
at java.lang.reflect.Proxy.invoke(Proxy.java:397)
at $Proxy2.mainGet(Unknown Source)
at com.my.mainGet(my.java:206)
所以我可以想象,使用标识池初始化凭据提供程序将导致身份令牌,但我确实需要来自用户池的令牌。然而,这让我想到如何正确设置我的ApiClient以使用用户池令牌?