使用身份池(联合身份)时如何由管理员创建用户

时间:2019-02-07 11:47:49

标签: amazon-web-services amazon-cognito

我想在我的用户池中创建任何用户。我需要使用adminCreateUser才能从我的应用程序注册新用户。

cognitoGetUser.getSession(function(err, session) {
    console.log ('Jwt Token: ' + session.getIdToken().getJwtToken());
    const url = 'cognito-idp.' + this.region.toLowerCase() + '.amazonaws.com/' + 
    this.poolData.UserPoolId;
    const logins: CognitoIdentity.LoginsMap = {};
    logins[url] = idTokenJwt;
    const params = {
        IdentityPoolId: this.identityPool,
        Logins: logins
    };
    const serviceConfigs = <awsservice.ServiceConfigurationOptions>{};
    const creds = new AWS.CognitoIdentityCredentials(params, serviceConfigs);
    console.log('buildCognitoCreds ' + creds);
    AWS.config.credentials = creds;

    const params = {
        UserPoolId: 'eu-central-1_KQ7Uxxxxx',
        Username: 'foo',
        DesiredDeliveryMediums: [ 'EMAIL' ],
        ForceAliasCreation: false,
        MessageAction: 'SUPPRESS',
        TemporaryPassword: '1234Foo*',
        UserAttributes: [
            {
                Name: 'email',
                Value: 'foo@domain.com'
            }
        ]
    };
    const cognitoidentityserviceprovider = new AWSCognito.CognitoIdentityServiceProvider();
    cognitoidentityserviceprovider.adminCreateUser(params, function(errr, data) {
        if (errr) {
            console.log(errr);
        } else {
            console.log(data);
        }
    });
}

我的第一条日志找到我的identityId(在身份池(联合身份)中找到的身份ID):

identityId: eu-central-1:c0613a73-3e7f-41ba-951a-bef1aeaffb0b

我的请求未运行,并且出现此错误:

Error: Missing credentials in config
    at c (aws-cognito-sdk.js:8437)
    at constructor.getCredentials (aws-cognito-sdk.js:8476)
    at constructor.<anonymous> (aws-cognito-sdk.js:9116)
    at constructor.callListeners (aws-cognito-sdk.js:11966)
    at constructor.emit (aws-cognito-sdk.js:11944)
    at constructor.emitEvent (aws-cognito-sdk.js:11571)
    at constructor.a (aws-cognito-sdk.js:11300)
    at d.runTo (aws-cognito-sdk.js:13172)
    at constructor.runTo (aws-cognito-sdk.js:11388)
    at constructor.send (aws-cognito-sdk.js:11374) "CredentialsError: Missing credentials in config
    at c (https://cdn.rawgit.com/aws/amazon-cognito-identity-js/master/dist/aws-cognito-sdk.min.js:25:25280)
    at constructor.getCredentials (https://cdn.rawgit.com/aws/amazon-cognito-identity-js/master/dist/aws-cognito-sdk.min.js:25:25799)
    at constructor.<anonymous> (https://cdn.rawgit.com/aws/amazon-cognito-identity-js/master/dist/aws-cognito-sdk.min.js:26:4064)
    at constructor.callListeners (https://cdn.rawgit.com/aws/amazon-cognito-identity-js/master/dist/aws-cognito-sdk.min.js:27:18300)
    at constructor.emit (https://cdn.rawgit.com/aws/amazon-cognito-identity-js/master/dist/aws-cognito-sdk.min.js:27:18038)
    at constructor.emitEvent (https://cdn.rawgit.com/aws/amazon-cognito-identity-js/master/dist/aws-cognito-sdk.min.js:27:12442)
    at constructor.a (https://cdn.rawgit.com/aws/amazon-cognito-identity-js/master/dist/aws-cognito-sdk.min.js:27:8292)
    at d.runTo (https://cdn.rawgit.com/aws/amazon-cognito-identity-js/master/dist/aws-cognito-sdk.min.js:28:6272)
    at constructor.runTo (https://cdn.rawgit.com/aws/amazon-cognito-identity-js/master/dist/aws-cognito-sdk.min.js:27:9860)
    at constructor.send (https://cdn.rawgit.com/aws/amazon-cognito-identity-js/master/dist/aws-cognito-sdk.min.js:27:9753)"

其他测试:如果我使用此测试就可以了,但是我的adminCreateUser却不行:

const clientParams: any = {};
const sts = new STS(clientParams);
sts.getCallerIdentity(function (errrr, data) {
    console.log('UserLoginService: Successfully set the AWS credentials');
});

2 个答案:

答案 0 :(得分:0)

更改

const cognitoidentityserviceprovider = new AWSCognito.CognitoIdentityServiceProvider();

作者

const cognitoidentityserviceprovider = new AWSCognito.CognitoIdentityServiceProvider({
              credentials: creds
            });

答案 1 :(得分:0)

在我的情况下,还需要将区域也添加到凭据对象:

aws.config.credentials = new AWS.CognitoIdentityCredentials({
    IdentityId: 'your-identity-id',
    Logins: {
      'cognito-idp.' + 'your-region' + '.amazonaws.com/' + 
'userPoolId': 
       idToken.jwtToken,
    },
  }, {
    region: 'your-region',
  });