我无法获得开发者身份验证在Swift中工作…
我的代码基于这个指南https://mobile.awsblog.com/post/Tx3E3NJURV1LNV1/Integrating-Amazon-Cognito-using-developer-authenticated-identities-An-end-to-en的Swift转换找到这里- https://stackoverflow.com/a/28514719/535363
继承的AWSAbstractCognitoIdentityProvider类
import AWSCore
class EmailIdentityProvider: AWSAbstractCognitoIdentityProvider {
var _token: String!
var _logins: [ NSObject : AnyObject ]!
override var token: String {
get {
return _token
}
}
override var logins: [ NSObject : AnyObject ]! {
get {
return _logins
}
set {
_logins = newValue
}
}
override func getIdentityId() -> AWSTask! {
if self.identityId != nil {
return AWSTask(result: self.identityId)
}else{
return AWSTask(result: nil).continueWithBlock({ (task) -> AnyObject! in
if self.identityId == nil {
return self.refresh()
}
return AWSTask(result: self.identityId)
})
}
}
override func refresh() -> AWSTask! {
let task = AWSTaskCompletionSource()
let tmp = NSMutableDictionary()
tmp.setObject("temp", forKey: "login.continualsuccess.com.motivation")
self.logins = tmp as [NSObject : AnyObject]
self.identityId = "us-east-1:xxxxxx-xxxx-xxxx-xxxx-90223fc9333f"
self._token = "eyJraWQiOiJ....ehTOEVhA"
return AWSTask(result: self.identityId)
}
}
AWSLogger.defaultLogger().logLevel = AWSLogLevel.Verbose
let identityProvider = EmailIdentityProvider()
let cp = AWSCognitoCredentialsProvider(
regionType: AWSRegionType.USEast1 ,
identityProvider: identityProvider,
unauthRoleArn: "Cognito_ContinualSuccessUnauth_Role",
authRoleArn: "Cognito_ContinualSuccessAuth_Role"
);
let configuration = AWSServiceConfiguration(region: AWSRegionType.USEast1, credentialsProvider: cp)
AWSServiceManager.defaultServiceManager().defaultServiceConfiguration = configuration
let syncClient = AWSCognito.defaultCognito()
let dataSet = syncClient.openOrCreateDataset("myDataSet")
dataSet.setString("123", forKey: "new")
dataSet.synchronize()
使用以下后端代码。写于Golang
我用它来生成字符串值,我把它作为self。identityId和self。_token在refresh()中返回
var testCredentials = credentials.NewStaticCredentials("MY_KEY", "MY_SECRET", "")
svc := cognitoidentity.New(&aws.Config{Credentials: testCredentials,Region: aws.String("us-east-1")})
params := &cognitoidentity.GetOpenIdTokenForDeveloperIdentityInput{
IdentityPoolId: aws.String( "us-east-1:xxxxxxx-xxxx-xxxx-xxxx-2fb2e08f7daf" ), // Required
Logins: map[string]*string{ // Required
"login.continualsuccess.com.motivation": aws.String(userid), // Required
// More values...
},
IdentityId: nil,
TokenDuration: aws.Int64(82800),
}
resp, err := svc.GetOpenIdTokenForDeveloperIdentity(params)
得到的错误是
AWSCognitoSQLiteManager.m line:1455 | -[AWSCognitoSQLiteManager filePath] | Local database is: /Users/Jase/Library/Developer/CoreSimulator/Devices/32D1AE52-E4A4-421D-BBC7-B32F30A03772/data/Containers/Data/Application/61402FEB-F499-4829-A051-013EF45EAF0A/Documents/CognitoData.sqlite3
2015-09-27 19:25:28.322 SlideOutNavigation[42167:635443] AWSiOSSDKv2 [Debug] AWSCognitoSQLiteManager.m line:179 | __51-[AWSCognitoSQLiteManager initializeDatasetTables:]_block_invoke | sqlString = 'INSERT INTO CognitoMetadata(Dataset,ModifiedBy,IdentityId) VALUES (?,?,?)'
2015-09-27 19:25:28.324 SlideOutNavigation[42167:635443] AWSiOSSDKv2 [Debug] AWSCognitoSQLiteManager.m line:282 | __53-[AWSCognitoSQLiteManager loadDatasetMetadata:error:]_block_invoke | query = 'SELECT LastSyncCount, LastModified, ModifiedBy, CreationDate, DataStorage, RecordCount FROM CognitoMetadata WHERE IdentityId = ? and Dataset = ?'
2015-09-27 19:25:28.324 SlideOutNavigation[42167:635443] AWSiOSSDKv2 [Debug] AWSCognitoSQLiteManager.m line:386 | __73-[AWSCognitoSQLiteManager getRecordById_internal:datasetName:error:sync:]_block_invoke | query = 'SELECT LastModified, ModifiedBy, Data, Type, SyncCount, Dirty FROM CognitoData WHERE Key = ? AND IdentityId = ? AND Dataset = ?'
2015-09-27 19:25:33.060 SlideOutNavigation[42167:635690] AWSiOSSDKv2 [Verbose] AWSURLRequestSerialization.m line:483 | -[AWSQueryStringRequestSerializer serializeRequest:headers:parameters:] | Request body: [RoleArn=Cognito_ContinualSuccessAuth_Role&Version=2011-06-15&RoleSessionName=iOS-Provider&Action=AssumeRoleWithWebIdentity&WebIdentityToken=eyJraW....4fehTOEVhA]
2015-09-27 19:25:35.134 SlideOutNavigation[42167:635692] AWSiOSSDKv2 [Debug] AWSURLResponseSerialization.m line:257 | -[AWSXMLResponseSerializer responseObjectForResponse:originalRequest:currentRequest:data:error:] | Response header: [{
Connection = close;
"Content-Length" = 269;
"Content-Type" = "text/xml";
Date = "Sun, 27 Sep 2015 09:25:34 GMT";
"x-amzn-RequestId" = "b45aec1d-64f9-11e5-8fbd-d148bd98dc03";
}]
2015-09-27 19:25:35.135 SlideOutNavigation[42167:635692] AWSiOSSDKv2 [Verbose] AWSURLResponseSerialization.m line:262 | -[AWSXMLResponseSerializer responseObjectForResponse:originalRequest:currentRequest:data:error:] | Response body: [<ErrorResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">
<Error>
<Type>Sender</Type>
<Code>ValidationError</Code>
<Message>Request ARN is invalid</Message>
</Error>
<RequestId>b45aec1d-64f9-11e5-8fbd-d148bd98dc03</RequestId>
</ErrorResponse>
]
2015-09-27 19:25:35.139 SlideOutNavigation[42167:635692] AWSiOSSDKv2 [Error] AWSCredentialsProvider.m line:527 | __40-[AWSCognitoCredentialsProvider refresh]_block_invoke352 | Unable to refresh. Error is [Error Domain=com.amazonaws.AWSSTSErrorDomain Code=0 "(null)" UserInfo={Type=Sender, Message=Request ARN is invalid, Code=ValidationError, __text=(
"n ",
"n ",
"n ",
"n "
)}]
2015-09-27 19:25:35.140 SlideOutNavigation[42167:635692] AWSiOSSDKv2 [Error] AWSCognitoDataset.m line:315 | __30-[AWSCognitoDataset syncPull:]_block_invoke | Unable to list records: Error Domain=com.amazonaws.AWSSTSErrorDomain Code=0 "(null)" UserInfo={Type=Sender, Message=Request ARN is invalid, Code=ValidationError, __text=(
"n ",
"n ",
"n ",
"n "
)}
看起来您使用了角色名称,而不是角色ARN (Amazon Resource name)来初始化您的凭据提供程序。
角色ARN的形式为:arn:aws:iam::1234567890:role/ROLE_NAME .
您可以在提供程序中使用arn替换角色名,或者在凭据提供程序中将角色值保留为nil,这将告诉Cognito使用与您的身份池关联的角色。
后为增强流;你可以在我们的开发者指南中了解更多。