我正在尝试使用aws cognito
作为Non-Google account authentication来授权端点。
我正在尝试如下操作:
chrome.identity.launchWebAuthFlow(
{'url': 'https://mydomain.auth.eu-west-1.amazoncognito.com/oauth2/authorize?response_type=token&client_id=myapplicationclientid&redirect_uri=https://myid.chromiumapp.org/&state=STATE&scope=aws.cognito.signin.user.admin', 'interactive': true},
function(redirect_url) {
if (chrome.runtime.lastError) {
sampleSupport.log(chrome.runtime.lastError);
changeState(STATE_START);
} else {
//sampleSupport.log(chrome.identity.getRedirectURL());
sampleSupport.log('Token acquired:'+redirect_url+
'. See chrome://identity-internals for details.');
changeState(STATE_AUTHTOKEN_ACQUIRED);
}
});
在aws Amazon Cognito应用程序配置菜单中,我按如下所示设置了回调URL:https://myid.chromiumapp.org/provider_cb。另外,我将Authorization code grant
设置为aws.cognito.signin.user.admin
允许的OAuth范围。
我不知道自己在做什么错,但收到以下错误:
Token acquired:https://myid.chromiumapp.org/#error_description=unauthorized_client&state=STATE&error=invalid_request. See chrome://identity-internals for details.
答案 0 :(得分:0)
response_type=token
的同时启用了配置Authorization code grant
。将response_type
更改为code
或启用Implicit grant
chrome.identity.getRedirectURL()
docs代替人工构建