Android:AWS Cognito与API Gateway结合使用了错误的凭证

时间:2018-07-27 20:09:41

标签: android amazon-web-services kotlin aws-api-gateway amazon-cognito

我正在尝试将AWS Cognito用户池与AWS API Gateway结合使用。

登录工作正常,输入凭据时将调用成功处理程序,并且我可以看到凭据。在jwt.io上验证JWT令牌时,我还可以看到用户是正确的。

但是,当使用ApiClientFactory调用API网关时,我总是收到错误:com.amazonaws.mobileconnectors.apigateway.ApiClientException: Basic (classic) flow is not supported with RoleMappings, please use enhanced flow. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: InvalidParameterException; Request ID: 1a61f1fd-91d8-11e8-82bc-675071b1c307) (Service: null; Status Code: 0; Error Code: null; Request ID: null)

请在下面查看我的代码:

主要活动:

AWSMobileClient.getInstance().initialize(this) {
            // Obtain the reference to the AWSCredentialsProvider and AWSConfiguration objects
            // Use IdentityManager#getUserID to fetch the identity id.
            IdentityManager.getDefaultIdentityManager().getUserID(object : IdentityHandler {
                override fun onIdentityId(identityId: String) {
                    Log.d("MainActivity", "Identity ID = " + identityId)
                }

                override fun handleError(exception: Exception) {
                    Log.d("MainActivity", "Error in retrieving the identity" + exception)
                }
            })
        }.execute()

LoginFragment:

val authenticationHandler = object : AuthenticationHandler {
    override fun getAuthenticationDetails(continuation: AuthenticationContinuation, userID: String) {
        val authDetails = AuthenticationDetails(inputUsername.text.toString(), inputPassword.text.toString(), null)
        // Now allow the authentication to continue
        continuation.setAuthenticationDetails(authDetails)
        continuation.continueTask()
    }
    override fun onSuccess(userSession: CognitoUserSession, newDevice: CognitoDevice?) {
        progressLoader.visibility = View.GONE
        (activity as? OnboardingActivity)?.proceedAfterLogin()
    }
    override fun onFailure(exception: Exception) {
        progressLoader.visibility = View.GONE
        val snackbar = Snackbar.make(view, R.string.ERR_GENERAL, Snackbar.LENGTH_LONG)
        snackbar.show()
        progressLoader.visibility = View.GONE
    }
    override fun getMFACode(continuation: MultiFactorAuthenticationContinuation) {
        continuation.continueTask()
    }
    override fun authenticationChallenge(continuation: ChallengeContinuation) {
        continuation.continueTask()
    }
}

loginButton.setOnClickListener {
    val userPool = CognitoUserPool(context, AWSMobileClient.getInstance().configuration)
    val user = userPool.getUser(inputUsername.text.toString())
    progressLoader.visibility = View.VISIBLE

    user.getSessionInBackground(authenticationHandler)
}

Api客户端:

val factory = ApiClientFactory().credentialsProvider(AWSMobileClient.getInstance().credentialsProvider)
        val = factory.build(MyClient::class.java)
        try {
            val request = GetChallengesRequest("", nextPageKey)
            val response = client.getRunningChallenges(request)
        } catch (t: Throwable) {
            // This catch is allways called with the error
        }

使用存储在原始资源文件夹中的awsconfiguration.json加载配置。

AWS4Signer符号方法中设置断点时,我可以看到AnonymousAWSCredentials调用了sign方法,但是我真的不知道为什么,因为我在登录后调用了该方法。

我希望有人可以帮助我解决这个奇怪的问题,这困扰了我好几天了!

0 个答案:

没有答案