如何在 Amplify for Android 中将 Cognito 身份池与 UnAuthenticatd 用户一起使用
[英]How to use Cognito identity pool with UnAuthenticatd users in Amplify for Android
问题描述
I've been going through the AWS Amplify docs and tutorials for how to use Amplify and Cognito identity pools together with UNauthenticated users.
我一直在浏览 AWS Amplify 文档和教程,了解如何与未经身份验证的用户一起使用 Amplify 和 Cognito 身份池。 The example given by the Amplify docs is: Amplify 文档给出的示例是:
Amplify.Auth.fetchAuthSession(
result -> {
AWSCognitoAuthSession cognitoAuthSession = (AWSCognitoAuthSession) result;
switch(cognitoAuthSession.getIdentityId().getType()) {
case SUCCESS:
Log.i("AuthQuickStart", "IdentityId: " + cognitoAuthSession.getIdentityId().getValue());
break;
case FAILURE:
Log.i("AuthQuickStart", "IdentityId not present because: " + cognitoAuthSession.getIdentityId().getError().toString());
}
},
error -> Log.e("AuthQuickStart", error.toString())
);
But in practice when I use this code - I get an error printed out in LogCat:但实际上,当我使用此代码时 - 我在 LogCat 中打印出一个错误:
AuthQuickStart: FAILURE IdentityId not present because: AmplifyException {message=You are currently signed out., cause=null, recoverySuggestion=Please sign in and reattempt the operation.}
Note: I did configure AWS Cognito to support Unauthenticaed users!注意:我确实配置了 AWS Cognito 以支持未经身份验证的用户!
I've also looked everywhere for the Amplify Android API doc to see what other APIs are supported - couldn't find any Android API docs.我还到处寻找 Amplify Android API 文档以查看支持哪些其他 API - 找不到任何 Android API 文档。 And looking into the AWS Amplify.Auth methods i could not find ANY function that deals with unauthenticated users并查看 AWS Amplify.Auth方法,我找不到任何处理未经Amplify.Auth验证的用户的功能
Question:题:
Any clue how can i use Amplify (Android) and have AWS credentials via AWS Cognito for unauthenticated users ???任何线索我如何使用 Amplify (Android) 并通过 AWS Cognito 为未经身份验证的用户拥有 AWS 凭证???
2 个解决方案
解决方案1
4 已采纳 2020-09-17 17:46:28
This is David from the Amplify Android team.我是 Amplify Android 团队的 David。 I was actually just looking into this the other day and currently there's a hack that's required to make unauth users work.前几天我实际上只是在研究这个问题,目前需要一个 hack 才能使 unauth 用户工作。
After setting up unauth/guest users through the CLI (as you mentioned you had) you have to call the getAWSCredentials method on the underlying escape hatch once for the app to get it to work.通过 CLI 设置 unauth/guest 用户后(正如您所提到的),您必须在底层逃生舱口上调用getAWSCredentials方法一次,应用程序才能使其工作。
Here's a code snippet I'd written that you can run after Amplify.configure (and again, this only needs to be run once per app install):这是我编写的代码片段,您可以在Amplify.configure之后Amplify.configure (同样,每次应用安装只需要运行一次):
AWSMobileClient mobileClient = (AWSMobileClient) Amplify.Auth.getPlugin("awsCognitoAuthPlugin").getEscapeHatch();
mobileClient.getAWSCredentials(new Callback<AWSCredentials>() {
@Override
public void onResult(AWSCredentials result) {
// Now you'll see the Identity ID and AWSCredentials in the resulting auth session object.
Amplify.Auth.fetchAuthSession(
result2 -> Log.i(TAG, result2.toString()),
error -> Log.e(TAG, error.toString()));
} catch (InterruptedException e) {
e.printStackTrace();
}
}
@Override
public void onError(Exception e) {
// Handle the error however is best for your app
}
});
I'm working on a solution to avoid this hack right now and adding a documentation section on Unauth users to our site but in the meantime this should get it working for you.我现在正在研究一个解决方案来避免这种黑客行为,并在我们的网站上添加了一个关于 Unauth 用户的文档部分,但与此同时,这应该让它为你工作。
Again note you only have to do this once and from then on out, it should just work when you call fetchAuthSession .再次注意,您只需执行一次此操作,从那时起,它应该在您调用fetchAuthSession 。
UPDATE: The non patched (official) version:更新:未打补丁的(官方)版本:
Amplify.Auth.fetchAuthSession(
result -> {
AWSCognitoAuthSession cognitoAuthSession = (AWSCognitoAuthSession) result;
switch (cognitoAuthSession.getIdentityId().getType()) {
case SUCCESS:
Log.i(TAG, "identity: " + cognitoAuthSession.getIdentityId().getValue());
Log.i(TAG, "credentials: " + cognitoAuthSession.getAWSCredentials().getValue(););
break;
case FAILURE:
Log.i(TAG, "FAILURE IdentityId not present because: " + cognitoAuthSession.getIdentityId().getError().toString());
}
},
error -> Log.e(TAG, "UNAUTH USERS ERR: " + error.toString()));
解决方案2
1 2020-09-14 08:38:56
You wont be able to retrieve an authenticated session unless you have a logged in user.除非您有登录用户,否则您将无法检索经过身份验证的会话。
If your Identity Pool (not User Pool) is configured for unauthenticated or guest users you can make a simple call to the GetId endpoint:如果您的身份池(不是用户池)是为未经身份验证的用户或来宾用户配置的,您可以对GetId端点进行简单调用:
GetId获取ID
Generates (or retrieves) a Cognito ID.生成(或检索)一个 Cognito ID。 Supplying multiple logins will create an implicit linked account.提供多个登录名将创建一个隐式链接帐户。
This is a public API.这是一个公共 API。 You do not need any credentials to call this API.您不需要任何凭据即可调用此 API。
Request Syntax请求语法
{
"AccountId": "string",
"IdentityPoolId": "string",
"Logins": {
"string" : "string"
}
}
https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetId.html https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetId.html
You should then be able to use the ID to retrieve a token using:然后,您应该能够使用该 ID 来检索令牌:
GetOpenIdToken获取OpenIdToken
Gets an OpenID token, using a known Cognito ID.使用已知的 Cognito ID 获取 OpenID 令牌。 This known Cognito ID is returned by GetId.这个已知的 Cognito ID 由 GetId 返回。 You can optionally add additional logins for the identity.您可以选择为身份添加其他登录名。 Supplying multiple logins creates an implicit link.提供多个登录名会创建一个隐式链接。
The OpenID token is valid for 10 minutes. OpenID 令牌的有效期为 10 分钟。
This is a public API.这是一个公共 API。 You do not need any credentials to call this API.您不需要任何凭据即可调用此 API。
Request Syntax请求语法
{
"IdentityId": "string",
"Logins": {
"string" : "string"
}
}
https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetOpenIdToken.html https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetOpenIdToken.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.