我正在尝试执行以下操作:
AWSUtil.generateSecretHash('test@test.com', ClientId).then(SECRET_HASH => {
return AWSUtil.Cognito.adminInitiateAuth({
AuthFlow: 'USER_PASSWORD_AUTH',
ClientId,
UserPoolId: process.env.COGNITO_USER_POOL_ID,
AuthParameters: {
USERNAME: 'test@test.com',
PASSWORD: 'lamepassword123',
SECRET_HASH
}
}).promise();
})
.then(resp => {
console.log(resp)
});
除了"Initiate Auth method not supported."
根据docs,这应该有效。是什么给了什么?
答案 0 :(得分:3)
在“应用程序客户端”部分下,您是否启用了显示"启用基于应用程序的身份验证的用户名密码(非SRP)流的框(USER_PASSWORD_AUTH)"为您的用户池?
答案 1 :(得分:2)
我遇到了同样的问题-根据此处的示例,使用AuthFlow'ADMIN_NO_SRP_AUTH'而不是'USER_PASSWORD_AUTH'解决了该问题:
答案 2 :(得分:1)
在使用无服务器框架的情况下,需要将ALLOW_USER_PASSWORD_AUTH添加到ExplicitAuthFlows节点。
Resources:
CognitoUserPool:
Type: AWS::Cognito::UserPool
Properties:
# Generate a name based on the stage
UserPoolName: ${self:provider.stage}-user-pool
# Set email as an alias
UsernameAttributes:
- email
AutoVerifiedAttributes:
- email
CognitoUserPoolClient:
Type: AWS::Cognito::UserPoolClient
Properties:
# Generate an app client name based on the stage
ClientName: ${self:provider.stage}-user-pool-client
UserPoolId:
Ref: CognitoUserPool
ExplicitAuthFlows:
- ALLOW_ADMIN_USER_PASSWORD_AUTH # See also: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html
- ALLOW_USER_PASSWORD_AUTH
- ALLOW_REFRESH_TOKEN_AUTH
- ALLOW_USER_SRP_AUTH
GenerateSecret: false
# Print out the Id of the User Pool that is created
Outputs:
UserPoolId:
Value:
Ref: CognitoUserPool
UserPoolClientId:
Value:
Ref: CognitoUserPoolClient