stackoom
  简体   繁体   中英

Cognito Identity Not Passed Into AWS Lambda function

 原文  2016-06-15 20:29:29       ios/ aws-lambda/ amazon-cognito/ aws-api-gateway

Question

I have set up the AWS SDK for iOS to authenticate using Amazon Cognito. Here is the code that does that: 

let credentials = AWSCognitoCredentialsProvider(regionType: .USEast1,
                                                    identityPoolId: IdentityManager.identityPoolId,
                                                    identityProviderManager: self)

AWSServiceManager.defaultServiceManager().defaultServiceConfiguration = AWSServiceConfiguration(region: .USEast1,
                                                                                                    credentialsProvider: credentials)

I can use this credentials provider to successfully get an identity id. From here I attempt to set up an API Gateway generated client to make a call to my lambda function. 

let client = APIGatewayClient.defaultClient()

client.endpointGet() { task in


}

I've confirmed that the APIGatewayClient has the AWSCognitoCredentialsProvider attached to it's configuration property and stepped through the request signing code to make sure it's requests get signed properly.

Here is the Lambda function being called by the client: 

exports.handler = function(event, context) {

    console.log('context: ' + require('util').inspect(context));

    if (context.identity) {

        context.succeed("found cognito identity")

    } else {

        return context.fail(new Error("cognito identity not found"))
    } 
}

The problem is that context.identity is null even though the request is being signed with the AWSCognitoCredentialsProvider . What additional steps do I need to take to ensure Lambda recognizes my request is signed with a Cognito identity and populates the related field in the context object?

1 answers

solution1
 3 ACCPTED  2016-06-16 02:13:27

In order to have the Cognito identity object available in your lambda function which is invoked through API gateway, you need to enable "Invoke with caller credentials" on the API Gateway "Integration Request" page of the API gateway resource. This will inject the identity object in lambda context which will have cognitoIdentityId and cognitoIdentityPoolId within it.

Some similar posts:

SO: AWS API Gateway: How to pass IAM identity to Lambda function?

AWS Forums: https://forums.aws.amazon.com/message.jspa?messageID=669060#669060

Hope this helps.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question AWS Cognito Identity Null Using AWS Cognito and AWS Lambda to authenticate users AWS Cognito Federated Identity Pool - Role on Authentication AWS Lambda/Cognito Authentication - Assuming Auth Role AWS / iOS / Cognito: unauthenticated access is not supported for this identity pool Is it save to include AWS Cognito Identity Pool ID when pushing to github AWS Cognito: “Unauthenticated access is not supported for this identity pool.” Get AWS Cognito JWT token from Federated Identity credentials How to specify Amazon AWS User Pool in trust relationship with Cognito Identity AWS: How to properly authenticate a user against Cognito Pool and use it for Cognito Federated Identity?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM