我有一个简单的测试代码,用于使用 Spring Boot 使用 Java 编写 Cognito 身份验证代码。它在我的本地运行良好,但当我在远程服务器(CentOS)上时,它的行为非常奇怪。如果池中不存在用户。不断创建和重新创建新线程并发送请求。
代码:
protected boolean isValidCognito(String username, String password) {
// Retrieving the AWS credentials from the default instance profile credentials instead of ".withCredentials()".
// More info on https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html
AWSCognitoIdentityProvider awsCognitoIDPClient = AWSCognitoIdentityProviderClientBuilder.standard().build();
Map<String,String> authParams =new HashMap<>();
authParams.put("USERNAME", username);
authParams.put("PASSWORD", password);
AdminInitiateAuthRequest initialRequest = new AdminInitiateAuthRequest()
.withAuthFlow(AuthFlowType.ADMIN_NO_SRP_AUTH)
.withAuthParameters(authParams)
.withClientId(COGNITO_CLIENT_ID)
.withUserPoolId(COGNITO_POOL_ID);
try {
// NOTE: I know the request is being sent for sure, so we probably get at least this far
AdminInitiateAuthResult initialResponse = awsCognitoIDPClient.adminInitiateAuth(initialRequest);
Map<String, String> challengeParams = initialResponse.getChallengeParameters();
String cognitoUserIdForSrp = challengeParams.get("USER_ID_FOR_SRP");
String cognitoUserAttributes = challengeParams.get("userAttributes");
logger.debug("Cognito authenticated user ID: " + cognitoUserIdForSrp
+ " with user attributes: " + cognitoUserAttributes);
return true;
} catch (NotAuthorizedException nae) {
logger.error("Invalid Cognito username/password provided for " + authParams.get("USERNAME"));
return false;
} catch (AWSCognitoIdentityProviderException acipe) {
logger.error("Amazon Cognito Identity Provider Error!");
logger.debug("Make sure the user exists in the pool, and ALLOW_ADMIN_USER_PASSWORD_AUTH is enabled.");
return false;
} catch (Exception e) {
logger.error("Unexpected Error: ", e);
return false;
}
}
记录是否有帮助:
2020-02-25 17:14:54.919 TRACE 25144 --- [http-nio-8080-exec-98] o.s.t.i.TransactionInterceptor : Getting transaction for [METHOD_NAME]
2020-02-25 17:14:54.926 TRACE 25144 --- [http-nio-8080-exec-98] o.s.t.i.TransactionInterceptor : Completing transaction for [METHOD_NAME]
2020-02-25 17:14:54.935 TRACE 25144 --- [http-nio-8080-exec-98] o.s.t.i.TransactionInterceptor : Getting transaction for [METHOD_NAME]
2020-02-25 17:14:54.942 TRACE 25144 --- [http-nio-8080-exec-98] o.s.t.i.TransactionInterceptor : Completing transaction for [METHOD_NAME]
2020-02-25 17:14:54.950 DEBUG 25144 --- [http-nio-8080-exec-98] c.c.c.r.persistence.CognDaoImpl : There is a user migrated to Cognito with user_id: SOME_UUID
2020-02-25 17:14:54.950 INFO 25144 --- [http-nio-8080-exec-98] c.c.c.r.c.AuthenticationController : my_email@mailinator.com has been migrated. Using Cognito for authentication.
2020-02-25 17:14:56.655 TRACE 25144 --- [http-nio-8080-exec-160] o.s.t.i.TransactionInterceptor : Getting transaction for [METHOD_NAME]
2020-02-25 17:14:56.673 TRACE 25144 --- [http-nio-8080-exec-160] o.s.t.i.TransactionInterceptor : Completing transaction for [METHOD_NAME]
2020-02-25 17:14:56.683 TRACE 25144 --- [http-nio-8080-exec-160] o.s.t.i.TransactionInterceptor : Getting transaction for [METHOD_NAME]
2020-02-25 17:14:56.692 TRACE 25144 --- [http-nio-8080-exec-160] o.s.t.i.TransactionInterceptor : Completing transaction for [METHOD_NAME]
2020-02-25 17:14:56.705 DEBUG 25144 --- [http-nio-8080-exec-160] c.c.c.r.persistence.CogDaoImpl : There is a user migrated to Cognito with user_id: SOME_UUID
2020-02-25 17:14:56.705 INFO 25144 --- [http-nio-8080-exec-160] c.c.c.r.c.AuthenticationController : my_email@mailinator.com has been migrated. Using Cognito for authentication.
...
最佳答案
“创建和重新创建线程”本质上没有任何错误。如果您有太多线程,您的 jvm 将耗尽内存,或者您的进程将因达到某些系统限制而终止。如果您认为您的代码进入了循环,您需要找出谁在调用您的代码并分析这部分代码。也许线程转储可能会有所帮助。
关于java - Cognito 身份验证会永远重试,不会引发异常,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/60405657/