I have set up the AWS SDK for iOS to authenticate using Amazon Cognito. Here is the code that does that:
let credentials = AWSCognitoCredentialsProvider(regionType: .USEast1,
identityPoolId: IdentityManager.identityPoolId,
identityProviderManager: self)
AWSServiceManager.defaultServiceManager().defaultServiceConfiguration = AWSServiceConfiguration(region: .USEast1,
credentialsProvider: credentials)
I can use this credentials provider to successfully get an identity id. From here I attempt to set up an API Gateway generated client to make a call to my lambda function.
let client = APIGatewayClient.defaultClient()
client.endpointGet() { task in
}
I've confirmed that the APIGatewayClient
has the AWSCognitoCredentialsProvider
attached to it's configuration
property and stepped through the request signing code to make sure it's requests get signed properly.
Here is the Lambda function being called by the client:
exports.handler = function(event, context) {
console.log('context: ' + require('util').inspect(context));
if (context.identity) {
context.succeed("found cognito identity")
} else {
return context.fail(new Error("cognito identity not found"))
}
}
The problem is that context.identity
is null even though the request is being signed with the AWSCognitoCredentialsProvider
. What additional steps do I need to take to ensure Lambda recognizes my request is signed with a Cognito identity and populates the related field in the context
object?
In order to have the Cognito identity object available in your lambda function which is invoked through API gateway, you need to enable "Invoke with caller credentials" on the API Gateway "Integration Request" page of the API gateway resource. This will inject the identity object in lambda context which will have cognitoIdentityId and cognitoIdentityPoolId within it.
Some similar posts:
SO: AWS API Gateway: How to pass IAM identity to Lambda function?
AWS Forums: https://forums.aws.amazon.com/message.jspa?messageID=669060#669060
Hope this helps.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.