AWS Cognito Error: 'identityPoolId' failed to satisfy constraint
AWS Cognito Error: 'identityPoolId' failed to satisfy constraint
我是新 Cognito。我正在尝试使用 Lambda 实施 AWS Cognito。这是我正在关注的tutorial。
AmazonCognitoIdentityClient client =
new AmazonCognitoIdentityClient();
GetOpenIdTokenForDeveloperIdentityRequest tokenRequest = new GetOpenIdTokenForDeveloperIdentityRequest();
tokenRequest.setIdentityPoolId("us-east-1_XXXXXXX");
这是我在 setIdentityPoolId
中使用的池 ID
这是 JUnit 测试
public class AuthenticateUser implements RequestHandler<Object, Object> {
@Override
public Object handleRequest(Object input, Context context) {
AuthenticateUserResponse authenticateUserResponse = new AuthenticateUserResponse();
@SuppressWarnings("unchecked")
LinkedHashMap inputHashMap = (LinkedHashMap)input;
User user = authenticateUser(inputHashMap);
return null;
}
public User authenticateUser(LinkedHashMap input){
User user = null;
String userName = (String) input.get("userName");
String passwordHash = (String) input.get("passwordHash");
try {
AmazonDynamoDBClient client = new AmazonDynamoDBClient();
client.setRegion(Region.getRegion(Regions.US_EAST_1));
DynamoDBMapper mapper = new DynamoDBMapper(client);
user = mapper.load(User.class, userName);
if(user != null){
System.out.println("user found");
if(user.getPasswordHash().equals(passwordHash)){
System.out.println("user password matched");
String openIdToken = getOpenIdToken(user.getUserId());
user.setOpenIdToken(openIdToken);
return user;
} else {
System.out.println("password unmatched");
}
} else {
System.out.println("user not found");
}
} catch (Exception e) {
System.out.println("Error: " + e.toString());
}
return user;
}
这是输出
user found
user password matched
但我收到以下错误,因此,return user 语句失败
1 validation error detected: Value 'us-east-1_XXXXXX' at 'identityPoolId'
failed to satisfy constraint: Member must satisfy regular expression pattern: [\w-]+:[0-9a-f-]+
(Service: AmazonCognitoIdentity; Status Code: 400; Error Code: ValidationException;
您正在使用 Cognito 用户池 ID 作为身份池 ID。他们是两个不同的东西。身份池 ID 的格式为 us-east-1:XXXX-XXXXXX-XXXX-XXXX。
要获取身份池 ID,您应该使用 Cognito 控制台的 "Manage Federated Identities" 部分而不是 "Manage User Pools" 部分。希望这有帮助。
您可以在 User Pools > Federated Identities > App clients > App client id
中找到它
请注意:您还可以在项目的 aws-exports.js 中找到正确的用户池应用程序客户端 ID。 属性 名字是 "aws_user_pools_web_client_id"
“用户池”和“联合身份”是不同的东西。
确保您没有在配置中提供“aws_cognito_identity_pool_id”。
我的配置如下:
...
"Auth": {
"region": "us-east-1",
"userPoolId": "<...>",
"userPoolWebClientId": "<...>",
"mandatorySignIn": false,
"oauth": {
"domain": "<...>.auth.us-east-1.amazoncognito.com",
"scope": [
"phone",
"email",
"openid",
"profile",
"aws.cognito.signin.user.admin"
],
"redirectSignIn": "<...>",
"redirectSignOut": "<...>",
"responseType": "code"
}
}
...
在用户池中 - 允许的 OAuth 流程
- 授权码授予-检查
- 隐式授予 - 检查
我是新 Cognito。我正在尝试使用 Lambda 实施 AWS Cognito。这是我正在关注的tutorial。
AmazonCognitoIdentityClient client =
new AmazonCognitoIdentityClient();
GetOpenIdTokenForDeveloperIdentityRequest tokenRequest = new GetOpenIdTokenForDeveloperIdentityRequest();
tokenRequest.setIdentityPoolId("us-east-1_XXXXXXX");
这是我在 setIdentityPoolId
中使用的池 ID这是 JUnit 测试
public class AuthenticateUser implements RequestHandler<Object, Object> {
@Override
public Object handleRequest(Object input, Context context) {
AuthenticateUserResponse authenticateUserResponse = new AuthenticateUserResponse();
@SuppressWarnings("unchecked")
LinkedHashMap inputHashMap = (LinkedHashMap)input;
User user = authenticateUser(inputHashMap);
return null;
}
public User authenticateUser(LinkedHashMap input){
User user = null;
String userName = (String) input.get("userName");
String passwordHash = (String) input.get("passwordHash");
try {
AmazonDynamoDBClient client = new AmazonDynamoDBClient();
client.setRegion(Region.getRegion(Regions.US_EAST_1));
DynamoDBMapper mapper = new DynamoDBMapper(client);
user = mapper.load(User.class, userName);
if(user != null){
System.out.println("user found");
if(user.getPasswordHash().equals(passwordHash)){
System.out.println("user password matched");
String openIdToken = getOpenIdToken(user.getUserId());
user.setOpenIdToken(openIdToken);
return user;
} else {
System.out.println("password unmatched");
}
} else {
System.out.println("user not found");
}
} catch (Exception e) {
System.out.println("Error: " + e.toString());
}
return user;
}
这是输出
user found
user password matched
但我收到以下错误,因此,return user 语句失败
1 validation error detected: Value 'us-east-1_XXXXXX' at 'identityPoolId'
failed to satisfy constraint: Member must satisfy regular expression pattern: [\w-]+:[0-9a-f-]+
(Service: AmazonCognitoIdentity; Status Code: 400; Error Code: ValidationException;
您正在使用 Cognito 用户池 ID 作为身份池 ID。他们是两个不同的东西。身份池 ID 的格式为 us-east-1:XXXX-XXXXXX-XXXX-XXXX。
要获取身份池 ID,您应该使用 Cognito 控制台的 "Manage Federated Identities" 部分而不是 "Manage User Pools" 部分。希望这有帮助。
您可以在 User Pools > Federated Identities > App clients > App client id
请注意:您还可以在项目的 aws-exports.js 中找到正确的用户池应用程序客户端 ID。 属性 名字是 "aws_user_pools_web_client_id"
“用户池”和“联合身份”是不同的东西。 确保您没有在配置中提供“aws_cognito_identity_pool_id”。
我的配置如下:
...
"Auth": {
"region": "us-east-1",
"userPoolId": "<...>",
"userPoolWebClientId": "<...>",
"mandatorySignIn": false,
"oauth": {
"domain": "<...>.auth.us-east-1.amazoncognito.com",
"scope": [
"phone",
"email",
"openid",
"profile",
"aws.cognito.signin.user.admin"
],
"redirectSignIn": "<...>",
"redirectSignOut": "<...>",
"responseType": "code"
}
}
...
在用户池中 - 允许的 OAuth 流程
- 授权码授予-检查
- 隐式授予 - 检查