我是 AWS Cognito 的新手。
在我的程序中,我想获取 AWS 临时凭证以访问 API 服务,例如来自 API 网关的 api。我拥有的是“IdentityPoolId”、“IdentityId”和“OpenIdToken”。
当我尝试通过 getCredentialsForIdentity 访问 AWS Credential 时,我每次都在 onError 方法中收到“Identity 'ap-northeast-1:xxxx' not found.”。请帮我看看我哪里错了?
Single<GetCredentialsForIdentityResult> primeSingle = Single.fromCallable(MyClass::getResult);
primeSingle
.subscribeOn(Schedulers.io())
.observeOn(AndroidSchedulers.mainThread())
.subscribe(new SingleObserver<GetCredentialsForIdentityResult>() {
@Override
public void onSubscribe(@NonNull Disposable d) {
}
@Override
public void onSuccess(@NonNull GetCredentialsForIdentityResult result) {
Credentials credentials = result.getCredentials();
}
@Override
public void onError(@NonNull Throwable e) {
Log.d("Test", "onError: " + e.getMessage());
}
});
这里是获取凭证结果代码。
private static GetCredentialsForIdentityResult getResult() {
AmazonCognitoIdentity identityClient = new AmazonCognitoIdentityClient(new AnonymousAWSCredentials());
Map<String, String> logins = new HashMap<String, String>();
logins.put("cognito-identity.amazonaws.com", MyClass.OPEN_ID_TOKEN);
GetCredentialsForIdentityRequest getCredentialsForIdentityRequest =
new GetCredentialsForIdentityRequest()
.withIdentityId(MyClass.IDENTITY_ID) // Not Identity Pool Id
.withLogins(logins);
getCredentialsForIdentityRequest.setIdentityId(identityId);
GetCredentialsForIdentityResult result = identityClient.getCredentialsForIdentity(getCredentialsForIdentityRequest);
return result;
}
最佳答案
最后,我通过引用this获得了Credentials。
https://docs.aws.amazon.com/cognito/latest/developerguide/developer-authenticated-identities.html
提前致谢。
代码如下:
public class DeveloperAuthenticationProvider extends AWSAbstractCognitoDeveloperIdentityProvider {
private static final String developerProvider = null;
public DeveloperAuthenticationProvider(String identityPoolId, Regions region) {
super(null, identityPoolId, region);
// Initialize any other objects needed here.
}
// Return the developer provider name which you choose while setting up the
// identity pool in the &COG; Console
@Override
public String getProviderName() {
return developerProvider;
}
// Use the refresh method to communicate with your backend to get an
// identityId and token.
@Override
public String refresh() {
// Override the existing token
setToken(null);
// Get the identityId and token by making a call to your backend
// (Call to your backend)
// Call the update method with updated identityId and token to make sure
// these are ready to be used from Credentials Provider.
update(identityId, token);
return token;
}
// If the app has a valid identityId return it, otherwise get a valid
// identityId from your backend.
@Override
public String getIdentityId() {
// Load the identityId from the cache
identityId = "ap-northeast-1:xxxx";
return identityId;
}}
从一个方法调用上面的调用:
private static AWSSessionCredentials getResult(Context context) {
DeveloperAuthenticationProvider developerProvider =
new DeveloperAuthenticationProvider("ap-northeast-1:your_pool_id", Regions.AP_NORTHEAST_1);
CognitoCachingCredentialsProvider credentialsProvider = new CognitoCachingCredentialsProvider( context, developerProvider, Regions.AP_NORTHEAST_1);
return credentialsProvider.getCredentials();
}
并使用 rxjava 获取响应:
Single<AWSSessionCredentials> primeSingle = Single.fromCallable(() -> getResult(this));
primeSingle
.subscribeOn(Schedulers.io())
.observeOn(AndroidSchedulers.mainThread())
.subscribe(new SingleObserver<AWSSessionCredentials>() {
@Override
public void onSubscribe(@NonNull Disposable d) {
}
@Override
public void onSuccess(@NonNull AWSSessionCredentials result) {
String secretKey = result.getAWSSecretKey();
}
@Override
public void onError(@NonNull Throwable e) {
Log.d("Test", "onError: " + e.getMessage());
}
});
成功后,可以通过onSuccess方法获取Credentials。
关于android - 如何使用 Android 从身份池(联合身份)获取 AWS 凭证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51074371/