我正尝试在不使用亚马逊AuthUI 的情况下支持与多个提供商进行身份验证。即 Google 和用户池 我已经设法从 Google 处获取凭据,但是在登录用户池时遇到了问题。
我尝试使用显式登录
user?.getSession("*****", password: "*********", validationData: nil).continueWith(block: { (task) -> Any? in
这会产生“ 此身份池不支持未经身份验证的访问”错误。
但是,如果我先尝试通过 google 进行身份验证,然后尝试登录用户池,那么我成功了! 这有点令人困惑,因为如果我必须登录才能破坏整个观点。我一定会丢失一些东西。
credentialsProvider = AWSCognitoCredentialsProvider(
regionType: AWSRegionType.EUWest1,
identityPoolId: Constants.cognitoIdentityPoolId,
identityProviderManager: customProviderManager)
let configuration = AWSServiceConfiguration(region: AWSRegionType.EUWest1,
credentialsProvider: credentialsProvider)
AWSServiceManager.default().defaultServiceConfiguration = configuration
let poolConfig = AWSCognitoIdentityUserPoolConfiguration(clientId: Constants.appClientId,
clientSecret: Constants.appClientSecret,
poolId: Constants.userPoolId)
AWSCognitoIdentityUserPool.register(with: configuration,
userPoolConfiguration: poolConfig,
forKey: "userPoolSignInProviderKey")
pool = AWSCognitoIdentityUserPool(forKey: "userPoolSignInProviderKey")
自定义identityProviderManager
func logins() -> AWSTask<NSDictionary> {
let poolUser = (UIApplication.shared.delegate as! AppDelegate)
.pool?
.currentUser()
if GIDSignIn.sharedInstance().currentUser == nil &&
poolUser?.isSignedIn == false {
print("unauthenticated user")
return AWSTask(result:nil)
} else if let token = GIDSignIn
.sharedInstance()
.currentUser?
.authentication?
.idToken {
print("got google token")
return AWSTask(result: [AWSIdentityProviderGoogle: token])
} else if let token = poolUser?
.getSession()
.result?
.idToken?
.tokenString {
print("got pool token")
return AWSTask(result: [AWSIdentityProviderAmazonCognitoIdentity: token])
} else {
print("error getting logins")
return AWSTask(error:NSError(domain: "login", code: -1 , userInfo: ["login" : "No current access token"]))
}
}