[英]How to integrate Cognito User Pools with Cognito Federated Identity Pools
Here's our scenario for implementing user accounts in our app 这是在我们的应用中实现用户帐户的方案
We don't force users to complete steps #3 and #4. 我们不强迫用户完成步骤3和#4。 As long as they don't need to switch devices, or factory reset their device, they won't lose access to their guest account.
只要他们不需要切换设备或恢复设备出厂设置,他们就不会失去对访客帐户的访问权限。
Using Amazon Mobile SDK 2.3.x and Cognito Federated Identity Pools, we implemented the above steps as such: 使用Amazon Mobile SDK 2.3.x和Cognito联合身份池,我们实现了上述步骤,例如:
To implement these steps, we used sample code generated by AWS Mobile Hub, before the introduction of Cognito User Pools. 为了实现这些步骤,我们在引入Cognito用户池之前使用了由AWS Mobile Hub生成的示例代码。 It used a combination of AWSIdentityManager and AWSFacebookSignInProvider, and their supporting code.
它结合使用了AWSIdentityManager和AWSFacebookSignInProvider及其支持代码。 Everything worked as expected.
一切都按预期进行。
We are now trying to convert to the latest Amazon Mobile SDK 2.4.9 and use Cognito User Pools instead of Facebook login, to implement the same flow: 我们现在正尝试转换为最新的Amazon Mobile SDK 2.4.9,并使用Cognito用户池而不是Facebook登录来实现相同的流程:
Steps #1 & #2 are implemented using AWSIdentityManager from the AWSMobileHubHelper.framework ; 步骤1和步骤2是使用来自AWSMobileHubHelper.framework的AWSIdentityManager实施的; steps #3 & #4 are implemented with sample code from CognitoYourUserPoolsSample sample project.
步骤3和步骤4是使用CognitoYourUserPoolsSample示例项目中的示例代码实现的。
The problems we're having are: 我们遇到的问题是:
There is a very important step that I'm missing here. 我在这里缺少一个非常重要的步骤。 I suspect that I'm not explicitly linking the Cognito User Pool login to the Cognito Identity Pool identity.
我怀疑我没有将Cognito用户池登录名明确链接到Cognito身份池标识。 In their CognitoYourUserPoolsSample, they don't give an example of how to integrate User Pool identities with Federated Identity Pool.
在他们的CognitoYourUserPoolsSample中,他们没有提供如何将用户池身份与联合身份池集成的示例。
The documentation says to simply do this and it's automatic, but I couldn't get that to work: 该文档说只需执行此操作即可自动完成,但我无法做到这一点:
AWSCognitoIdentityUserPool *pool = [AWSCognitoIdentityUserPool CognitoIdentityUserPoolForKey:@"UserPool"];
AWSCognitoCredentialsProvider *credentialsProvider = [[AWSCognitoCredentialsProvider alloc]
initWithRegionType:AWSRegionUSEast1
identityPoolId:@“<identity-pool-id>"
identityProviderManager:pool];
AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc] initWithRegion:AWSRegionUSEast1 credentialsProvider:credentialsProvider];
AWSServiceManager.defaultServiceManager.defaultServiceConfiguration = configuration;
Anyone have any ideas or sample code that demonstrates the process? 任何人都有任何想法或示例代码来演示该过程吗? The closest sample code I could find was this fork of CognitoSyncDemo , and it still wasn't quite what I needed.
我能找到的最接近的示例代码是CognitoSyncDemo的这个fork ,但仍然不是我所需要的。
The merging of identities is supported by the credentials provider but is not supported by the AWSIdentityManager (a part of the mobile-hub-helper). 身份提供者支持身份合并,但AWSIdentityManager(mobile-hub-helper的一部分)不支持身份合并。 I have a modified version of the mobile-hub-helper (it is a fork off of the mobile-hub-helper github at https://github.com/BruceBuckland/aws-mobilehub-helper-ios ).
我有一个mobile-hub-helper的修改版(它是来自mobile-hub-helper github的一个分支,位于https://github.com/BruceBuckland/aws-mobilehub-helper-ios )。 That fork modifies AWSIdentityManager to support several things: 1) It supports writing new AWSSignInProviders (a mobile-hub-helper protocol) and using them to resume sessions.
该fork修改了AWSIdentityManager以支持以下几项:1)它支持编写新的AWSSignInProviders(移动集线器帮助程序协议)并使用它们恢复会话。 2) It supports "Allow Merged Identities" and the merging of identities.
2)它支持“允许合并的身份”和身份的合并。 3) It has a couple of helper methods to find which provider is doing the authenticating currently and the friendly name of a provider which is useful for showing the user what is linked, and showing which provider denied a login for example.
3)它有几种帮助程序方法,以查找哪个提供者当前正在进行身份验证以及提供者的友好名称,这对于向用户显示链接的内容以及例如显示哪个提供者拒绝登录很有用。
There is also a sample app that includes an implementation in swift of an AWSSignInProvider for Cognito User Pools. 还有一个示例应用程序,其中包含针对Cognito用户池的AWSSignInProvider的快速实施。 It demonstrates signin signout and account linking for the three providers (UserPools FaceBook and Google).
它演示了三个提供商(UserPools FaceBook和Google)的登录注销和帐户链接。 It implements several capabilities of userpools including signup, signin, forgot password, update attributes, and the confirmation of those.
它实现了用户池的多种功能,包括注册,登录,忘记密码,更新属性以及确认这些功能。 It is at https://github.com/BruceBuckland/SignIn-awsmhh .
它位于https://github.com/BruceBuckland/SignIn-awsmhh 。
Finally I recommend that you take a look at the pdf of notes in the example app. 最后,我建议您看一下示例应用程序中的pdf注释。 They may help you understand the interactions of the components better.
它们可以帮助您更好地了解组件之间的相互作用。 It took me a long time to understand cognito and I pulled my notes together to try to clarify the system for others.
我花了很长时间才了解了认知功能,因此我整理了笔记以尝试为他人澄清系统。 They are here: Cognito Notes and Diagram
它们在这里: Cognito注释和图表
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.