握手期间,AWS AppSync订阅失败

时间:2019-10-15 08:48:44

标签: apollo aws-amplify aws-appsync amplifyjs

我正在尝试设置graphql订阅,但出现错误:

Unhandled GraphQL subscription error Error: Error during subscription handshake

我正在使用AWS Cognito用户池进行授权。

要创建我正在使用的订阅:

this.subscription = this.props.client.subscribe({ query: gql(onCreateVehicle) }).subscribe({
  next: response => {
    console.log(response.data.onCreateVehicle);
  },
  error: error => {
    console.warn(error);
  }
});

'onCreateVehicle'由Amplify自动生成,如下所示:

export const onCreateVehicle = `subscription OnCreateVehicle($owner: String!) {
  onCreateVehicle(owner: $owner) {
    id
    name
    events {
      items {
        id
        name
        date
        isDeleted
        owner
      }
      nextToken
    }
    sessions {
      items {
        id
        name
        isDeleted
        createdAt
        owner
      }
      nextToken
    }
    isDeleted
    owner
  }
}
`;

请求解析器:

{
    "version": "2018-05-29",
    "payload": {}
}

响应解析器:

## [Start] Determine request authentication mode **
#if( $util.isNullOrEmpty($authMode) && !$util.isNull($ctx.identity) && !$util.isNull($ctx.identity.sub) && !$util.isNull($ctx.identity.issuer) && !$util.isNull($ctx.identity.username) && !$util.isNull($ctx.identity.claims) && !$util.isNull($ctx.identity.sourceIp) && !$util.isNull($ctx.identity.defaultAuthStrategy) )
  #set( $authMode = "userPools" )
#end
## [End] Determine request authentication mode **
## [Start] Check authMode and execute owner/group checks **
#if( $authMode == "userPools" )
  ## No Static Group Authorization Rules **


  ## [Start] Owner Authorization Checks **
  #set( $isOwnerAuthorized = false )
  ## Authorization rule: { allow: owner, ownerField: "owner", identityClaim: "cognito:username" } **
  #set( $allowedOwners0 = $util.defaultIfNull($ctx.args.owner, null) )
  #set( $identityValue = $util.defaultIfNull($ctx.identity.claims.get("username"),
                        $util.defaultIfNull($ctx.identity.claims.get("cognito:username"), "___xamznone____")) )
  #if( $util.isList($allowedOwners0) )
    #foreach( $allowedOwner in $allowedOwners0 )
      #if( $allowedOwner == $identityValue )
        #set( $isOwnerAuthorized = true )
      #end
    #end
  #end
  #if( $util.isString($allowedOwners0) )
    #if( $allowedOwners0 == $identityValue )
      #set( $isOwnerAuthorized = true )
    #end
  #end
  ## [End] Owner Authorization Checks **


  ## [Start] Throw if unauthorized **
  #if( !($isStaticGroupAuthorized == true || $isOwnerAuthorized == true) )
    $util.unauthorized()
  #end
  ## [End] Throw if unauthorized **
#end
## [End] Check authMode and execute owner/group checks **

$util.toJson(null)

我知道它与授权有关,因为当我从schema.graphql中删除@auth时,它没有引发握手错误。请求解析器中应该有什么东西可以处理授权?

亚当

1 个答案:

答案 0 :(得分:1)

我只需要通过变量对象传递“所有者”值。

subscribeToVehicles: async () => props.data.subscribeToMore({
    document: gql(onCreateVehicle),
    variables: {
        owner: (await Auth.currentSession()).getIdToken().payload.sub
    },
    ...
相关问题
最新问题