我已将lambda函数添加到我的AWS用户池Define Auth Challenge
当我的iOS应用尝试在用户中签名时,会调用Define Auth Challenge lambda。但event.request.session参数是一个空列表[]。
有only one example(它是JavaScript lambda的一部分的屏幕截图),但是需要定义session。
我需要在iOS应用中定义什么才能正确填充session?
event = {
u'userName': u'SET',
u'userPoolId': u'SET',
u'callerContext': {
u'awsSdkVersion': u'aws-sdk-ios-2.6.10',
u'clientId': u'SET'
},
u'region': u'SET',
u'request': {
u'session': [],
u'userAttributes': {
u'email_verified': u'true',
u'email': u'SET',
u'sub': u'SET',
u'cognito:user_status': u'CONFIRMED',
u'cognito:email_alias': u'SET'
}
},
u'triggerSource': u'DefineAuthChallenge_Authentication',
u'version': u'1',
u'response': {
u'issueTokens': None,
u'failAuthentication': None,
u'challengeName': None
}
}
答案 0 :(得分:0)
session中的event.request未由客户设置。
对于Define Auth Challenge Lambda函数的第一次调用,session是一个空列表。后续调用将填充session
使用Python,单步自定义流Define Auth Challenge可采用以下形式:
def handler(event, context):
step = len(event['request']['session'])
if step == 0:
event['response']['challengeName'] = 'CUSTOM_CHALLENGE'
event['response']['issueTokens'] = False
event['response']['failAuthentication'] = False
elif step == 1 and event['request']['session'][0]['challengeName'] == 'CUSTOM_CHALLENGE':
event['response']['issueTokens'] = event['request']['session'][0]['challengeResult']
event['response']['failAuthentication'] = False
else:
event['response']['issueTokens'] = False
event['response']['failAuthentication'] = True
return event