Question

在经过the guide here之后的Google身份验证之后，我得到了以下密码：

 email          // 'eddyverbruggen@gmail.com'
 userId         // user id
 displayName    // 'Eddy Verbruggen'
 familyName     // 'Verbruggen'
 givenName      // 'Eddy'
 imageUrl       // 'http://link-to-my-profilepic.google.com'
 idToken        // idToken that can be exchanged to verify user identity.
 serverAuthCode // Auth code that can be exchanged for an access token and refresh token for offline access
 accessToken    // OAuth2 access token

我如何使用它们来恢复包含以下内容的Cognito用户池会话：

 "access_token":"eyJz9sdfsdfsdfsd" 
 "refresh_token":"dn43ud8uj32nk2je"
 "id_token":"dmcxd329ujdmkemkd349r"

结果是not supported yet。这是feature request。

Answer 1

据我了解，您需要enable a Federated Identity in AWS Cognito Console。该文档提供了此代码段，表明您需要在Google的回复中使用idToken：

function signinCallback(authResult) {
  if (authResult['status']['signed_in']) {

    // Add the Google access token to the Cognito credentials login map.
    AWS.config.credentials = new AWS.CognitoIdentityCredentials({
      IdentityPoolId: 'IDENTITY_POOL_ID',
      Logins: {
        'accounts.google.com': authResult['id_token']
      }
    });

    // Obtain AWS credentials
    AWS.config.credentials.get(function(){
      // Access AWS resources here.
    });
  }
}

如何为AWS Cognito用户池密钥交换Google身份验证详细信息

1 个答案: