放大认证(认知)-在登录时出现“令牌联合错误”

Question

我们试图在Android上配置AWS放大器身份验证(认知)，但当我们尝试使用有效的用户名和密码登录用户时，onResult回调将被调用，其signInState等于SignInState.DONE，但是当我们试图获取令牌(同步或异步)时，会引发一个异常："getTokens不支持在登录时检索令牌“。

在日志中查看，似乎会引发未处理的异常，并似乎被忽略(因为状态已完成)：

java.lang.RuntimeException:在对令牌进行联合时出错。在com.amazonaws.mobile.client.AWSMobileClient$8.run(AWSMobileClient.java:1484) at com.amazonaws.mobile.client.internal.InternalCallback.await(InternalCallback.java:115) at com.amazonaws.mobile.client.AWSMobileClient.federatedSignInWithoutAssigningState(AWSMobileClient.java:1414) at com.amazonaws.mobile.client.AWSMobileClient$6$1.onSuccess(AWSMobileClient.java:1156) at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getSession(CognitoUser.java:745) at com.amazonaws.mobile.client.AWSMobileClient$6.run(AWSMobileClient.java:1142)在com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101) at java.lang.Thread.run(Thread.java:818)上，由: com.amazonaws.services.cognitoidentity.model.NotAuthorizedException:令牌引起的，不是来自此标识池的受支持的提供者。(服务: AmazonCognitoIdentity；状态代码: 400；错误代码: NotAuthorizedException；请求ID: 3c924e1f-70ea-11e9-80ca-01ad7f96c8b7) com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730) at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405) at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212) at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:1658) at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getId(AmazonCognitoIdentityClient.java:739) at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.getIdentityId(AWSAbstractCognitoIdentityProvidercom.amazonaws.mobile.client.AWSMobileClientCognitoIdentityProvider.refresh(AWSMobileClient.java:3600) at com.amazonaws.auth.CognitoCredentialsProvider.startSession(CognitoCredentialsProvider.java:678) at com.amazonaws.auth.CognitoCredentialsProvider.refresh(CognitoCredentialsProvider.java:631) at com.amazonaws.auth.CognitoCachingCredentialsProvider.refresh(CognitoCachingCredentialsProvider.java:510) at com.amazonaws.mobile.client.AWSMobileClient.federateWithCognitoIdentity(AWSMobileClient.java:1515) at com.amazonaws.mobile.client.AWSMobileClient$8.run(AWSMobileClient.java:1471)

我的配置：

build.gradle (app)

implementation "com.amazonaws:aws-android-sdk-mobile-client:2.13.4"
implementation "com.amazonaws:aws-android-sdk-auth-userpools:2.13.4"

MainApplication.kt (扩展应用程序)

AWSMobileClient.getInstance().initialize(applicationContext, object : Callback<UserStateDetails> {
    override fun onError(e: Exception?) {
        Timber.e(e, "An error occurred while tried to init the AWSMobileClient")
    }
    override fun onResult(result: UserStateDetails?) {
        Timber.d("Successfully started the AWSMobileClient: ${result?.userState}") // Reaches here with SIGNED_OUT
    }
})

Repository.kt

suspend fun signInOnCognito(email: String, password: String): String =
        suspendCoroutine { continuation ->
            val signInCallback = object : Callback<SignInResult> {
                override fun onResult(result: SignInResult) {
                    Timber.d("Sign in result: ${result.signInState}") // <---- DONE 
                    fetchToken(continuation)
                }

                override fun onError(exception: java.lang.Exception) {
                    continuation.resumeWithException(exception)
                }
            }

            AWSMobileClient.getInstance().signIn(email, password, null, signInCallback)
        }

fun fetchToken(continuation: Continuation<String>) {
    val getTokensCallback = object : Callback<Tokens> {
        override fun onResult(result: Tokens) {
            Timber.d("Got the user token")
            continuation.resume(result.idToken.tokenString)
        }

        override fun onError(e: Exception) {
            Timber.e(e, "Cannot get the user token")
            continuation.resumeWithException(e)
        }

    }
    AWSMobileClient.getInstance().getTokens(getTokensCallback) // <---- EXCEPTION
}

awsconfiguration.json

{
    "UserAgent": "aws-amplify-cli/0.1.0",
    "Version": "1.0",
    "IdentityManager": {
        "Default": {}
    },
    "CredentialsProvider": {
        "CognitoIdentity": {
            "Default": {
                "PoolId": "XXXXXXXXXXXXXXXXXXXXXXXXXX",
                "Region": "us-east-1"
            }
        }
    },
    "CognitoUserPool": {
        "Default": {
            "PoolId": "XXXXXXXXXXXXXXXXXXXXXXXXXX",
            "AppClientId": "XXXXXXXXXXXXXXXXXXXXXXXXXX",
            "AppClientSecret": "XXXXXXXXXXXXXXXXXXXXXXXXXX",
            "Region": "us-east-1"
        }
    }
}

Answer 1

同样的问题(能够登录，但不能获取令牌)，我在使用放大器API时遇到了这个问题。修正了1.修改到您的身份池并选择编辑2.将您的“用户池”和“应用客户端”添加为Auth 在这里输入图像描述之一

Answer 2

请在应用程序-> src -> res -> raw -> amplifyconfiguration.json & awsconfiguration.json中检查您的身份->是否正确(即使您没有使用来宾访问)。您可以在AWS控制台中找到您的poolId，->认知，->，管理身份池，->，单击您的池，->，单击示例代码。在此之后，我的状态从SIGNED_OUT变为SIGNED_IN：

​

​