我正在开发一个应用程序,允许用户使用他们的Google帐户登录,然后使用该登录信息获取Cognito联合身份。
我无法获得使用Cognito进行身份验证所需的正确令牌。我一直收到错误 Runnable runnable = new Runnable() {
@Override
public void run() {
CognitoSyncClientManager.init(getActivity().getApplicationContext());
String token = null;
try {
token = GoogleAuthUtil.getToken(getActivity().getApplicationContext(), signInAccount.getAccount(), "oauth2:openid");
}catch (Exception e){
Log.d("login exception", e.toString());
}
Map<String, String> logins = new HashMap<String, String>();
logins.put("accounts.google.com", token);
CognitoSyncClientManager.addLogins("accounts.google.com", token);
Log.d("login", "Created User token " + token);
Log.d("login", "Cached UserID: "+CognitoSyncClientManager.credentialsProvider.getCachedIdentityId());
Log.d("login", "UserID: " + CognitoSyncClientManager.credentialsProvider.getIdentityId());
Toast.makeText(getActivity().getApplicationContext(), "Created user: "+CognitoSyncClientManager.credentialsProvider.getCachedIdentityId(), Toast.LENGTH_LONG);
}
};
Thread t = new Thread(runnable);
t.start();
这是我的代码:
{{1}}&#13;
答案 0 :(得分:3)
GoogleAuthUtil的getToken似乎返回了一个访问令牌。
https://developers.google.com/android/reference/com/google/android/gms/auth/GoogleAuthUtil.html#getToken(android.content.Context,android.accounts.Account,java.lang.String,android.os.Bundle)
您需要将Google的OpenId Connect Id令牌传递给Cognito,而不是访问令牌。
https://developers.google.com/identity/sign-in/android/backend-auth
答案 1 :(得分:0)
基于Javascript passport-google-auth模块,它返回access_token,refresh_token和params。
获取cognito_identity您需要使用从Google收到的params.id_token
passport.use(new GoogleStrategy(googleDeveloperDetails, getUserDetails));
app.get("/auth/google", passport.authenticate("google", { scope: ['email'] }));
var authGoogle = passport.authenticate("google", {
failureRedirect: "/auth/google"
});
app.get("auth/google/callback", authGoogle, controller.successRedirect);
getUserDetails = function(accessToken, refreshToken, params, profile, done) {
if(profile.provider == "google") {
profile.token = params.id_token // params.id_token to be used to get cognito credentials
} else {
profile.token = accessToken;
}
done(null, profile);
}
googleDeveloperDetails = {
clientID: "google cleint ID",
clientSecret: "google client secret",
callbackURL: "https://localhost:3000/auth/google/callback",
profileFields: ["emails", "profile"]
}