Amazon cognito:未找到身份
Amazon cognito: identity not found
我正在开发经过身份验证的开发人员 project.And 我正在尝试使用下面的这个获取凭据 code.But 它给了我以下错误。
我已从服务器代码手动将 IdentityId 和 Token 粘贴到此代码中:
Caused by: com.amazonaws.services.cognitoidentity.model.ResourceNotFoundException: Identity 'ap-northeast-1:fe81cd76-e9d4-4416-99ea-b684b78743c8' not found. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: ResourceNotFoundException; Request ID: 2ac65fe8-d41a-11e5-8674-677eefdb5331)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:709)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:385)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:196)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:533)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getCredentialsForIdentity(AmazonCognitoIdentityClient.java:406)
at com.example.sandesh.aws.MainActivity$network.doInBackground(MainActivity.java:101)
at com.example.sandesh.aws.MainActivity$network.doInBackground(MainActivity.java:52)
at android.os.AsyncTask.call(AsyncTask.java:292)
这是我的代码:MainActivity.java
public class MainActivity extends AppCompatActivity {
Button button;
protected static CognitoCachingCredentialsProvider credentialsProvider = null;
private GetCredentialsForIdentityResult credentialsForIdentityResult;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
button = (Button)findViewById(R.id.button);
button.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
network net = new network();
net.execute();
}
});
}
public class network extends AsyncTask<Void,Void,String>{
@Override
protected void onPreExecute() {
super.onPreExecute();
}
@Override
protected String doInBackground(Void... params) {
Authentication developerProvider = new Authentication(
null,
"ap-northeast-1:XXXXXXXXXXXXXXXXXX",
Regions.AP_NORTHEAST_1);
CognitoCachingCredentialsProvider credentialsProvider = new CognitoCachingCredentialsProvider(
getApplicationContext(),
developerProvider,
Regions.AP_NORTHEAST_1);
HashMap<String, String> loginsMap = new HashMap<String, String>();
loginsMap.put(developerProvider.getProviderName(), "7386372772");
credentialsProvider.setLogins(loginsMap);
credentialsProvider.refresh();
GetCredentialsForIdentityRequest credentialsForIdentityRequest = new GetCredentialsForIdentityRequest();
credentialsForIdentityRequest.setIdentityId(developerProvider.getIdentityId());
credentialsForIdentityRequest.setLogins(loginsMap);
AmazonCognitoIdentityClient cognitoIdentityClient = new AmazonCognitoIdentityClient(credentialsProvider);
credentialsForIdentityResult = cognitoIdentityClient.getCredentialsForIdentity(credentialsForIdentityRequest);
Log.d("access_key",credentialsForIdentityResult.getCredentials().getAccessKeyId());
return credentialsForIdentityResult.getCredentials().getAccessKeyId();
}
@Override
protected void onPostExecute(String s) {
super.onPostExecute(s);
}
}}
Authentication.java
public class Authentication extends AWSAbstractCognitoDeveloperIdentityProvider {
private static final String PROVIDERNAME = "login.blupinch.app";
public String response = " ";
String line = " ";
public Authentication(String accountId, String identityPoolId, Regions region) {
super(accountId, identityPoolId, region);
}
@Override
public String getProviderName() {
return PROVIDERNAME;
}
public String refresh() {
setToken(null);
if (getProviderName() != null &&
!this.loginsMap.isEmpty() &&
this.loginsMap.containsKey(getProviderName())) {
update(identityId, token);
return "eyJraWQiOiJhcC1ub3J0aGVhc3QtMTEiLCJ0eXAiOiJKV1MiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJhcC1ub3J0aGVhc3QtMTpmZTgxY2Q3Ni1lOWQ0LTQ0MTYtOTllYS1iNjg0Yjc4NzQzYzgiLCJhdWQiOiJhcC1ub3J0aGVhc3QtMTphODcxZmE1Zi0yM2EyLTQ4MGQtYmFhNi1iNGVkMzE0MzcyNDQilCJhbXIiOlsiYXV0aGVudGljYXRlZCIsImxvZ2luLmJsdXBpbmNoLmFwcCIsImxvZ2luLmJsdXBpbmNoLmFwcDphcC1ub3J0aGVhc3QtMTphODcxZmE1Zi0yM2EyLTQ4MGQtYmFhNi1iNGVkMzE0MzcyNDQ6NzM4NjM3Mjg3MiJdLCJpc3MiOiJodHRwczovL2NvZ25pdG8taWRlbnRpdHkuYW1hem9uYXdzLmNvbSIsImV4cCI6MTQ1NTU5NTM5NywiaWF0IjoxNDU1NTU5Mzk3fQ.fHHH6aeCn5EaJGxGD6tw7bWyQpPHuYcW8SZLRGVn-3cbamJrWEPmUnNvcLJ-D6nL8AvMQy7-s1LGQ5MNaiuIH7QF6W8aWt2OMALmA_Y7eqpGQ6iQXVma_jTZSpiyBe2cPNggWgeslPtFxomwE90vW0rzS1sY3D5Y3UbnrIHNdiPKIzzP9JaQo1IsTJMKEpQM-jzWP6stV1radDuIzWQroBVQseOQSD-MXV_-cgWWSx0eQmtFbjJW6RP_nACgh0uTbGmMuOi2iKXKQAdGlYWO-PHlShbiHT-WLQoZNWuh95Hh9dMldv-mNdnYSblqYyqptLA3kObioI08XXkTqwaaAw";
} else {
this.getIdentityId();
return null;
}
}
public String getIdentityId() {
identityId = "ap-northeast-1:XXXXXXXXXXXXXXXXXXXXXXXX";
if (identityId == null) {
if (getProviderName() != null && !this.loginsMap.isEmpty()
&& this.loginsMap.containsKey(getProviderName())) {
update(identityId, token);
return "ap-northeast-1:XXXXXXXXXXXXXXXXXXXX";
} else {
return super.getIdentityId();
}
} else {
return identityId;
}
}}
我在 PHP 中尝试过,我在那里执行了 getOpenIdTokenForDeveloperIdentity 、 stsClient 和 AssumerolewithWebIdentity 来获取凭据,效果很好。先感谢您。
使用 Developer Authenticated Identities 时,调用 GetCredentialsForIdentity 的登录映射应将 "cognito-identity.amazonaws.com" 作为键而不是开发者提供商名称。
此外,您不应该自己调用此方法,SDK 会处理此问题。
更新:
调用 getCredentialsForIdentity 时,在登录映射中,当键为 "cognito-identity.amazonaws.com" 时,值应为调用 GetOpenIdTokenForDeveloperIdentity 后从后端获取的令牌。您无需获取执行 AWS 操作的凭证,只需使用此凭证提供程序初始化 AWS 服务客户端即可。
(1) 在您的应用程序中,您不需要调用 GetCredentialsForIdentity,CredentialsProvider 会为您完成这一切。 (并确保传入正确的参数)。
--> 您可以通过调用另一个需要凭据的服务(例如 S3)来测试您是否正在获取凭据
--> 另一种选择是调用 Credentials Provider 上的 getCredentials() 并验证未抛出异常
(2) 在Authentication.java 中刷新,您似乎使用了硬编码令牌?这可能已过期,您应该确保获得新的。 (如果您只是测试应用程序方面,请确保您硬编码一个新的)。
(3) 在 Authentication.java 中刷新,您似乎正在使用空令牌调用更新。
(4) 还要确保您获得了您正在使用的硬编码身份的令牌。 (同样,如果您正在测试,您应该只对此进行硬编码)。
我正在开发经过身份验证的开发人员 project.And 我正在尝试使用下面的这个获取凭据 code.But 它给了我以下错误。
我已从服务器代码手动将 IdentityId 和 Token 粘贴到此代码中:
Caused by: com.amazonaws.services.cognitoidentity.model.ResourceNotFoundException: Identity 'ap-northeast-1:fe81cd76-e9d4-4416-99ea-b684b78743c8' not found. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: ResourceNotFoundException; Request ID: 2ac65fe8-d41a-11e5-8674-677eefdb5331)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:709)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:385)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:196)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:533)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getCredentialsForIdentity(AmazonCognitoIdentityClient.java:406)
at com.example.sandesh.aws.MainActivity$network.doInBackground(MainActivity.java:101)
at com.example.sandesh.aws.MainActivity$network.doInBackground(MainActivity.java:52)
at android.os.AsyncTask.call(AsyncTask.java:292)
这是我的代码:MainActivity.java
public class MainActivity extends AppCompatActivity {
Button button;
protected static CognitoCachingCredentialsProvider credentialsProvider = null;
private GetCredentialsForIdentityResult credentialsForIdentityResult;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
button = (Button)findViewById(R.id.button);
button.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
network net = new network();
net.execute();
}
});
}
public class network extends AsyncTask<Void,Void,String>{
@Override
protected void onPreExecute() {
super.onPreExecute();
}
@Override
protected String doInBackground(Void... params) {
Authentication developerProvider = new Authentication(
null,
"ap-northeast-1:XXXXXXXXXXXXXXXXXX",
Regions.AP_NORTHEAST_1);
CognitoCachingCredentialsProvider credentialsProvider = new CognitoCachingCredentialsProvider(
getApplicationContext(),
developerProvider,
Regions.AP_NORTHEAST_1);
HashMap<String, String> loginsMap = new HashMap<String, String>();
loginsMap.put(developerProvider.getProviderName(), "7386372772");
credentialsProvider.setLogins(loginsMap);
credentialsProvider.refresh();
GetCredentialsForIdentityRequest credentialsForIdentityRequest = new GetCredentialsForIdentityRequest();
credentialsForIdentityRequest.setIdentityId(developerProvider.getIdentityId());
credentialsForIdentityRequest.setLogins(loginsMap);
AmazonCognitoIdentityClient cognitoIdentityClient = new AmazonCognitoIdentityClient(credentialsProvider);
credentialsForIdentityResult = cognitoIdentityClient.getCredentialsForIdentity(credentialsForIdentityRequest);
Log.d("access_key",credentialsForIdentityResult.getCredentials().getAccessKeyId());
return credentialsForIdentityResult.getCredentials().getAccessKeyId();
}
@Override
protected void onPostExecute(String s) {
super.onPostExecute(s);
}
}}
Authentication.java
public class Authentication extends AWSAbstractCognitoDeveloperIdentityProvider {
private static final String PROVIDERNAME = "login.blupinch.app";
public String response = " ";
String line = " ";
public Authentication(String accountId, String identityPoolId, Regions region) {
super(accountId, identityPoolId, region);
}
@Override
public String getProviderName() {
return PROVIDERNAME;
}
public String refresh() {
setToken(null);
if (getProviderName() != null &&
!this.loginsMap.isEmpty() &&
this.loginsMap.containsKey(getProviderName())) {
update(identityId, token);
return "eyJraWQiOiJhcC1ub3J0aGVhc3QtMTEiLCJ0eXAiOiJKV1MiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJhcC1ub3J0aGVhc3QtMTpmZTgxY2Q3Ni1lOWQ0LTQ0MTYtOTllYS1iNjg0Yjc4NzQzYzgiLCJhdWQiOiJhcC1ub3J0aGVhc3QtMTphODcxZmE1Zi0yM2EyLTQ4MGQtYmFhNi1iNGVkMzE0MzcyNDQilCJhbXIiOlsiYXV0aGVudGljYXRlZCIsImxvZ2luLmJsdXBpbmNoLmFwcCIsImxvZ2luLmJsdXBpbmNoLmFwcDphcC1ub3J0aGVhc3QtMTphODcxZmE1Zi0yM2EyLTQ4MGQtYmFhNi1iNGVkMzE0MzcyNDQ6NzM4NjM3Mjg3MiJdLCJpc3MiOiJodHRwczovL2NvZ25pdG8taWRlbnRpdHkuYW1hem9uYXdzLmNvbSIsImV4cCI6MTQ1NTU5NTM5NywiaWF0IjoxNDU1NTU5Mzk3fQ.fHHH6aeCn5EaJGxGD6tw7bWyQpPHuYcW8SZLRGVn-3cbamJrWEPmUnNvcLJ-D6nL8AvMQy7-s1LGQ5MNaiuIH7QF6W8aWt2OMALmA_Y7eqpGQ6iQXVma_jTZSpiyBe2cPNggWgeslPtFxomwE90vW0rzS1sY3D5Y3UbnrIHNdiPKIzzP9JaQo1IsTJMKEpQM-jzWP6stV1radDuIzWQroBVQseOQSD-MXV_-cgWWSx0eQmtFbjJW6RP_nACgh0uTbGmMuOi2iKXKQAdGlYWO-PHlShbiHT-WLQoZNWuh95Hh9dMldv-mNdnYSblqYyqptLA3kObioI08XXkTqwaaAw";
} else {
this.getIdentityId();
return null;
}
}
public String getIdentityId() {
identityId = "ap-northeast-1:XXXXXXXXXXXXXXXXXXXXXXXX";
if (identityId == null) {
if (getProviderName() != null && !this.loginsMap.isEmpty()
&& this.loginsMap.containsKey(getProviderName())) {
update(identityId, token);
return "ap-northeast-1:XXXXXXXXXXXXXXXXXXXX";
} else {
return super.getIdentityId();
}
} else {
return identityId;
}
}}
我在 PHP 中尝试过,我在那里执行了 getOpenIdTokenForDeveloperIdentity 、 stsClient 和 AssumerolewithWebIdentity 来获取凭据,效果很好。先感谢您。
使用 Developer Authenticated Identities 时,调用 GetCredentialsForIdentity 的登录映射应将 "cognito-identity.amazonaws.com" 作为键而不是开发者提供商名称。
此外,您不应该自己调用此方法,SDK 会处理此问题。
更新:
调用 getCredentialsForIdentity 时,在登录映射中,当键为 "cognito-identity.amazonaws.com" 时,值应为调用 GetOpenIdTokenForDeveloperIdentity 后从后端获取的令牌。您无需获取执行 AWS 操作的凭证,只需使用此凭证提供程序初始化 AWS 服务客户端即可。
(1) 在您的应用程序中,您不需要调用 GetCredentialsForIdentity,CredentialsProvider 会为您完成这一切。 (并确保传入正确的参数)。
--> 您可以通过调用另一个需要凭据的服务(例如 S3)来测试您是否正在获取凭据
--> 另一种选择是调用 Credentials Provider 上的 getCredentials() 并验证未抛出异常
(2) 在Authentication.java 中刷新,您似乎使用了硬编码令牌?这可能已过期,您应该确保获得新的。 (如果您只是测试应用程序方面,请确保您硬编码一个新的)。
(3) 在 Authentication.java 中刷新,您似乎正在使用空令牌调用更新。
(4) 还要确保您获得了您正在使用的硬编码身份的令牌。 (同样,如果您正在测试,您应该只对此进行硬编码)。