放大身份验证(Cognito)-登录期间出现“联盟令牌错误”

时间:2019-05-08 19:30:06

标签: android authentication amazon-cognito aws-amplify

我们正在尝试在Android上配置AWS Amplify Authentication(Cognito),但是当我们尝试使用有效的用户名和密码登录用户时,将使用等于signInState.DONE的signInState调用onResult回调,但是当我们尝试获取令牌(同步或异步令牌),都会引发异常:“ getTokens在注销时不支持检索令牌”。

在日志中查找,似乎引发了未处理的异常,并且似乎被忽略了(由于登录状态为DONE)

  

java.lang.RuntimeException:联合令牌时出错。   在com.amazonaws.mobile.client.AWSMobileClient $ 8.run(AWSMobileClient.java:1484)   在com.amazonaws.mobile.client.internal.InternalCallback.await(InternalCallback.java:115)   在com.amazonaws.mobile.client.AWSMobileClient.federatedSignInWithoutAssigningState(AWSMobileClient.java:1414)   at com.amazonaws.mobile.client.AWSMobileClient $ 6 $ 1.onSuccess(AWSMobileClient.java:1156)   在com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getSession(CognitoUser.java:745)   在com.amazonaws.mobile.client.AWSMobileClient $ 6.run(AWSMobileClient.java:1142)   在com.amazonaws.mobile.client.internal.InternalCallback $ 1.run(InternalCallback.java:101)   在java.lang.Thread.run(Thread.java:818)   由以下原因引起:com.amazonaws.services.cognitoidentity.model.NotAuthorizedException:令牌不是来自此身份池的受支持提供者。 (服务:AmazonCognitoIdentity;状态代码:400;错误代码:NotAuthorizedException;请求ID:3c924e1f-70ea-11e9-80ca-01ad7f96c8b7)   在com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)   在com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)   在com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)   在com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:1658)   在com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getId(AmazonCognitoIdentityClient.java:739)   在com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.getIdentityId(AWSAbstractCognitoIdentityProvider.java:172)   在com.amazonaws.mobile.client.AWSMobileClientCognitoIdentityProvider.refresh(AWSMobileClient.java:3600)   在com.amazonaws.auth.CognitoCredentialsProvider.startSession(CognitoCredentialsProvider.java:678)   在com.amazonaws.auth.CognitoCredentialsProvider.refresh(CognitoCredentialsProvider.java:631)   在com.amazonaws.auth.CognitoCachingCredentialsProvider.refresh(CognitoCachingCredentialsProvider.java:510)   在com.amazonaws.mobile.client.AWSMobileClient.federateWithCognitoIdentity(AWSMobileClient.java:1515)   在com.amazonaws.mobile.client.AWSMobileClient $ 8.run(AWSMobileClient.java:1471)

我的配置:

build.gradle(应用程序)

implementation "com.amazonaws:aws-android-sdk-mobile-client:2.13.4"
implementation "com.amazonaws:aws-android-sdk-auth-userpools:2.13.4"

MainApplication.kt(扩展应用程序)

AWSMobileClient.getInstance().initialize(applicationContext, object : Callback<UserStateDetails> {
    override fun onError(e: Exception?) {
        Timber.e(e, "An error occurred while tried to init the AWSMobileClient")
    }
    override fun onResult(result: UserStateDetails?) {
        Timber.d("Successfully started the AWSMobileClient: ${result?.userState}") // Reaches here with SIGNED_OUT
    }
})

Repository.kt 

suspend fun signInOnCognito(email: String, password: String): String =
        suspendCoroutine { continuation ->
            val signInCallback = object : Callback<SignInResult> {
                override fun onResult(result: SignInResult) {
                    Timber.d("Sign in result: ${result.signInState}") // <---- DONE 
                    fetchToken(continuation)
                }

                override fun onError(exception: java.lang.Exception) {
                    continuation.resumeWithException(exception)
                }
            }

            AWSMobileClient.getInstance().signIn(email, password, null, signInCallback)
        }

fun fetchToken(continuation: Continuation<String>) {
    val getTokensCallback = object : Callback<Tokens> {
        override fun onResult(result: Tokens) {
            Timber.d("Got the user token")
            continuation.resume(result.idToken.tokenString)
        }

        override fun onError(e: Exception) {
            Timber.e(e, "Cannot get the user token")
            continuation.resumeWithException(e)
        }

    }
    AWSMobileClient.getInstance().getTokens(getTokensCallback) // <---- EXCEPTION
}

awsconfiguration.json 

{
    "UserAgent": "aws-amplify-cli/0.1.0",
    "Version": "1.0",
    "IdentityManager": {
        "Default": {}
    },
    "CredentialsProvider": {
        "CognitoIdentity": {
            "Default": {
                "PoolId": "XXXXXXXXXXXXXXXXXXXXXXXXXX",
                "Region": "us-east-1"
            }
        }
    },
    "CognitoUserPool": {
        "Default": {
            "PoolId": "XXXXXXXXXXXXXXXXXXXXXXXXXX",
            "AppClientId": "XXXXXXXXXXXXXXXXXXXXXXXXXX",
            "AppClientSecret": "XXXXXXXXXXXXXXXXXXXXXXXXXX",
            "Region": "us-east-1"
        }
    }
}

2 个答案:

答案 0 :(得分:0)

请在 app -> src -> res -> raw -> amplifyconfiguration.json & awsconfiguration.json 中检查您的身份 poolId 是否正确(即使您没有使用访客访问)。您可以在 AWS 控制台中找到您的 poolId -> cognito -> 管理身份池 -> 单击您的池 -> 单击示例代码。之后,我的状态从 SIGNED_OUT 更改为 SIGNED_IN:

enter image description here

答案 1 :(得分:0)

我在使用 Amplify API 时遇到了同样的问题(能够登录但无法获取令牌)。 固定者 1.转到您的身份池并选择编辑 2.将您的“用户池”和“应用客户端”添加为身份验证提供程序之一enter image description here

相关问题
最新问题