ApolloHttpException：在Android应用程序中将AWS Appsync与IAM身份验证模式结合使用时使用HTTP 401

Question

我正在尝试将具有AWS_IAM身份验证模式的Appsync Graphql API集成到Android应用程序中。我已经遵循了与此有关的AWS文档，但是却遇到了ApolloHttpException：HTTP 401错误。

2018-10-19 09:38:34.853 4679-4739/io.xxxxxxx.android.cognitoiamtest E/AWS: Failed to perform AllPostsQuery
com.apollographql.apollo.exception.ApolloHttpException: HTTP 401 
    at com.apollographql.apollo.internal.interceptor.ApolloParseInterceptor.parse(ApolloParseInterceptor.java:147)
    at com.apollographql.apollo.internal.interceptor.ApolloParseInterceptor.access$100(ApolloParseInterceptor.java:54)
    at com.apollographql.apollo.internal.interceptor.ApolloParseInterceptor$1.onResponse(ApolloParseInterceptor.java:83)
    at com.apollographql.apollo.internal.interceptor.ApolloServerInterceptor$1$1.onResponse(ApolloServerInterceptor.java:110)
    at okhttp3.RealCall$AsyncCall.execute(RealCall.java:141)
    at okhttp3.internal.NamedRunnable.run(NamedRunnable.java:32)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
    at java.lang.Thread.run(Thread.java:764)

Appsync客户端代码：

val awsConfig = AWSConfiguration(context)

val credentialsProvider = CognitoCachingCredentialsProvider(context, awsConfig)

client = AWSAppSyncClient.builder()
                .context(context)
                .awsConfiguration(awsConfig)
                .credentialsProvider(credentialsProvider)
                .build()

我的awsconfiguration.json

{
    "UserAgent": "aws-amplify-cli/0.1.0",
    "Version": "1.0",
    "IdentityManager": {
    "Default": {}
    },
    "CredentialsProvider": {
        "CognitoIdentity": {
            "Default": {
                "PoolId": "xx-xxxx-x:xxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
                "Region": "xx-xxxx-x"
            }
        }
    },
    "CognitoUserPool": {
        "Default": {
            "PoolId": "xx-xxxxx-x_xxxxxx",
            "AppClientId": "xxxxxxxxxxxxxxxxxx",
            "AppClientSecret": "xxxxxxxxxxxxxxxxxxxxxxxxxxxx",
            "Region": "xx-xxxxx-x"
        }
    },
    "AppSync": {
        "Default": {
            "ApiUrl": "https://xxxxxxxxxxxxxxxxxx.appsync-api.xx-xxxxx-x.amazonaws.com/graphql",
            "Region": "xx-xxxxx-x",
            "AuthMode": "AWS_IAM",
            "ApiKey": "xxx-xxxxxxxxxxxxxxxxxxx"
        }
    }
}

我还向身份池中的已验证角色添加了以下策略。

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
            "appsync:GraphQL"
            ],
            "Resource": [
                "arn:aws:appsync:xx-xxxx-x:xxxxxxxxx:apis/CognitoIAMTest/types/Query/fields/listCities"
            ]
        }
    ]
}

尽管有用于Android的IAM身份验证的Appsync资源非常少，但我已经尝试了可以​​在网上找到的一切。我不确定我缺少什么。任何对此的帮助将不胜感激。