在 cognito 中发出 getUser 请求时访问令牌无效
Invalid Access Token when make getUser Request in cognito
我正在将 AWS cognito
身份验证与社交登录 (facebook/google) 集成。
我按照文档中给出的所有步骤进行操作,但最后 return 访问令牌无效
Service: AmazonCognitoIdentityProvider;
Status Code: 400;
Error Code: NotAuthorizedException;
Request ID: 58fc3cfc-1649-11e9-91bc-3fb47a1bd404
将 facebook 登录到凭据提供程序此代码在我的身份池中生成身份:
Map<String, String> logins = new HashMap<String, String>();
logins.put("graph.facebook.com",
AccessToken.getCurrentAccessToken().getToken());
credentialsProvider.setLogins(logins);
为了在用户池中创建用户,我正在使用这个 url:
val url = "https://<my-domain-name>.auth.ca-central-1.amazoncognito.com/oauth2/authorize?redirect_uri=myapp://&response_type=token&client_id=<my-ClientId>&identity_provider=Facebook"
url 在用户池中创建我的用户,return 访问令牌和 ID 令牌结果如下:
access_token=eyJraWQiOiJyUXpaTDRUVGt6UDdoU3ZDbVB0NktpTVZDcXB4Z2ZFT3pJckpCWFB0WXZVPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI2OTIwZDUwZC0zMTU4LTQwMTYtOTgyMi0wNDc0Yzc1MDFjYjIiLCJ0b2tlbl91c2UiOiJhY2Nlc3MiLCJzY29wZSI6ImF3cy5jb2duaXRvLnNpZ25pbi51c2VyLmFkbWluIHBob25lIG9wZW5pZCBwcm9maWxlIGVtYWlsIiwiYXV0aF90aW1lIjoxNTQ3Mjg4NDc0LCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAuY2EtY2VudHJhbC0xLmFtYXpvbmF3cy5jb21cL2NhLWNlbnRyYWwtMV9DSFVMbDV5c2wiLCJleHAiOjE1NDcyOTIwNzQsImlhdCI6MTU0NzI4ODQ3NCwidmVyc2lvbiI6MiwianRpIjoiNDE4MjNmNzUtMGFkMC00MTdjLThhOTYtM2JjZDM0NWNlZDQ3IiwiY2xpZW50X2lkIjoiN244Z25tdXFuM3NzZWFnaGNoOGQ2OWRibTIiLCJ1c2VybmFtZSI6IkZhY2Vib29rXzE5NDkyNzI0OTg1MDM3ODcifQ.GhaV996dFl7vx-tdkhhuq5HeSG0K5Tn20arF4M2i6YyRdm12mGJBWfmStOLLTzvYzz9ABRcIRmvy8imTSblafKMEqfDoRXn475g3xt0qs-omQTF2aFO_fi1wCCAMqT2Tb7LNG0CnGrcVXyutf3xB6vRg7ge7u6WPOEZqkLqf5bq2e5MMYCFSdqPIVMwnfV0AH6lGROCPr8GqHz8vPM3tdvSGMQYVL7PcL9I3IXgA354qt91RcqrXV_kxSkOFpysyJHB_eii0Wgrxe_zNFZvfx41ox7WlrVArZF9wF5VoqDF55160EJjlFwTqehmplZLh10rBhGn9ygpYLMSByibyKA
&id_token=eyJraWQiOiJ6ellnUlNYNDlMNzNEaWNLdEE4dWowOTF3akpNWHI1M2JnMjJJbW93QnF3PSIsImFsZyI6IlJTMjU2In0.eyJhdF9oYXNoIjoiekQ3WkZSVTFia2FOcXJQSWltV2h2dyIsInN1YiI6IjY5MjBkNTBkLTMxNTgtNDAxNi05ODIyLTA0NzRjNzUwMWNiMiIsImF1ZCI6IjduOGdubXVxbjNzc2VhZ2hjaDhkNjlkYm0yIiwiaWRlbnRpdGllcyI6W3sidXNlcklkIjoiMTk0OTI3MjQ5ODUwMzc4NyIsInByb3ZpZGVyTmFtZSI6IkZhY2Vib29rIiwicHJvdmlkZXJUeXBlIjoiRmFjZWJvb2siLCJpc3N1ZXIiOm51bGwsInByaW1hcnkiOiJ0cnVlIiwiZGF0ZUNyZWF0ZWQiOiIxNTQ3MjExMjg1MTEzIn1dLCJ0b2tlbl91c2UiOiJpZCIsImF1dGhfdGltZSI6MTU0NzI4ODQ3NCwiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLmNhLWNlbnRyYWwtMS5hbWF6b25hd3MuY29tXC9jYS1jZW50cmFsLTFfQ0hVTGw1eXNsIiwibmFtZSI6IkpheSBWZXJtYSIsImNvZ25pdG86dXNlcm5hbWUiOiJGYWNlYm9va18xOTQ5MjcyNDk4NTAzNzg3IiwiZXhwIjoxNTQ3MjkyMDc0LCJpYXQiOjE1NDcyODg0NzQsImVtYWlsIjoianYudmVybWEyOUBnbWFpbC5jb20ifQ.dK5D1Z1IIeEGdmDI6mbTV48580Rr26_ekQ7za6GrtGADQpm06Fgvtj2SJhv35u6kI6KVnCbNoRC9ewoGB8QmWFCvL2VI-djdDqbCrHSTKsb9RkG1PsfFXoFezvlv4NROc7p5pFPTrltZVH1oI2nf6bAtcMEp7Cp0v_NaYt8dJ0cdYslIGwikH3Dm1QiNKzoqkkUy1-fjwLRSJ5CiH9eUO8DvzB6VomNOHHN0A5F-EJbIAZFXiD3z9N86TsRyEKSpaR7JhmO20VVVLp_YvpUuY9Nagiknkx3gp08vYCBBro0dTnDDQSsOqfVTlNTI5QZz_7AQXrUl7iyAMcw91mfajw
&token_type=Bearer
&expires_in=3600
在最后一步中,我将获取用户请求并将 accessToken
作为参数发送。
点击这个 API 之后,我得到了无效的访问令牌
Service: AmazonCognitoIdentityProvider;
Status Code: 400;
Error Code: NotAuthorizedException;
Request ID: 58fc3cfc-1649-11e9-91bc-3fb47a1bd404)
Invalid Access Token (Service: AmazonCognitoIdentityProvider;
Status Code: 400;
Error Code: NotAuthorizedException;
Request ID: 58fc3cfc-1649-11e9-91bc-3fb47a1bd404)
您可以尝试从 Facebook 设置中删除您的应用并重新登录。
终于找到了解决方案,只是根据我在 request.Now Facebook 中的区域手动添加端点,并且 google 登录在 'AWS Cognito' 下正常工作。
我正在将 AWS cognito
身份验证与社交登录 (facebook/google) 集成。
我按照文档中给出的所有步骤进行操作,但最后 return 访问令牌无效
Service: AmazonCognitoIdentityProvider;
Status Code: 400;
Error Code: NotAuthorizedException;
Request ID: 58fc3cfc-1649-11e9-91bc-3fb47a1bd404
将 facebook 登录到凭据提供程序此代码在我的身份池中生成身份:
Map<String, String> logins = new HashMap<String, String>();
logins.put("graph.facebook.com",
AccessToken.getCurrentAccessToken().getToken());
credentialsProvider.setLogins(logins);
为了在用户池中创建用户,我正在使用这个 url:
val url = "https://<my-domain-name>.auth.ca-central-1.amazoncognito.com/oauth2/authorize?redirect_uri=myapp://&response_type=token&client_id=<my-ClientId>&identity_provider=Facebook"
url 在用户池中创建我的用户,return 访问令牌和 ID 令牌结果如下:
access_token=eyJraWQiOiJyUXpaTDRUVGt6UDdoU3ZDbVB0NktpTVZDcXB4Z2ZFT3pJckpCWFB0WXZVPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI2OTIwZDUwZC0zMTU4LTQwMTYtOTgyMi0wNDc0Yzc1MDFjYjIiLCJ0b2tlbl91c2UiOiJhY2Nlc3MiLCJzY29wZSI6ImF3cy5jb2duaXRvLnNpZ25pbi51c2VyLmFkbWluIHBob25lIG9wZW5pZCBwcm9maWxlIGVtYWlsIiwiYXV0aF90aW1lIjoxNTQ3Mjg4NDc0LCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAuY2EtY2VudHJhbC0xLmFtYXpvbmF3cy5jb21cL2NhLWNlbnRyYWwtMV9DSFVMbDV5c2wiLCJleHAiOjE1NDcyOTIwNzQsImlhdCI6MTU0NzI4ODQ3NCwidmVyc2lvbiI6MiwianRpIjoiNDE4MjNmNzUtMGFkMC00MTdjLThhOTYtM2JjZDM0NWNlZDQ3IiwiY2xpZW50X2lkIjoiN244Z25tdXFuM3NzZWFnaGNoOGQ2OWRibTIiLCJ1c2VybmFtZSI6IkZhY2Vib29rXzE5NDkyNzI0OTg1MDM3ODcifQ.GhaV996dFl7vx-tdkhhuq5HeSG0K5Tn20arF4M2i6YyRdm12mGJBWfmStOLLTzvYzz9ABRcIRmvy8imTSblafKMEqfDoRXn475g3xt0qs-omQTF2aFO_fi1wCCAMqT2Tb7LNG0CnGrcVXyutf3xB6vRg7ge7u6WPOEZqkLqf5bq2e5MMYCFSdqPIVMwnfV0AH6lGROCPr8GqHz8vPM3tdvSGMQYVL7PcL9I3IXgA354qt91RcqrXV_kxSkOFpysyJHB_eii0Wgrxe_zNFZvfx41ox7WlrVArZF9wF5VoqDF55160EJjlFwTqehmplZLh10rBhGn9ygpYLMSByibyKA
&id_token=eyJraWQiOiJ6ellnUlNYNDlMNzNEaWNLdEE4dWowOTF3akpNWHI1M2JnMjJJbW93QnF3PSIsImFsZyI6IlJTMjU2In0.eyJhdF9oYXNoIjoiekQ3WkZSVTFia2FOcXJQSWltV2h2dyIsInN1YiI6IjY5MjBkNTBkLTMxNTgtNDAxNi05ODIyLTA0NzRjNzUwMWNiMiIsImF1ZCI6IjduOGdubXVxbjNzc2VhZ2hjaDhkNjlkYm0yIiwiaWRlbnRpdGllcyI6W3sidXNlcklkIjoiMTk0OTI3MjQ5ODUwMzc4NyIsInByb3ZpZGVyTmFtZSI6IkZhY2Vib29rIiwicHJvdmlkZXJUeXBlIjoiRmFjZWJvb2siLCJpc3N1ZXIiOm51bGwsInByaW1hcnkiOiJ0cnVlIiwiZGF0ZUNyZWF0ZWQiOiIxNTQ3MjExMjg1MTEzIn1dLCJ0b2tlbl91c2UiOiJpZCIsImF1dGhfdGltZSI6MTU0NzI4ODQ3NCwiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLmNhLWNlbnRyYWwtMS5hbWF6b25hd3MuY29tXC9jYS1jZW50cmFsLTFfQ0hVTGw1eXNsIiwibmFtZSI6IkpheSBWZXJtYSIsImNvZ25pdG86dXNlcm5hbWUiOiJGYWNlYm9va18xOTQ5MjcyNDk4NTAzNzg3IiwiZXhwIjoxNTQ3MjkyMDc0LCJpYXQiOjE1NDcyODg0NzQsImVtYWlsIjoianYudmVybWEyOUBnbWFpbC5jb20ifQ.dK5D1Z1IIeEGdmDI6mbTV48580Rr26_ekQ7za6GrtGADQpm06Fgvtj2SJhv35u6kI6KVnCbNoRC9ewoGB8QmWFCvL2VI-djdDqbCrHSTKsb9RkG1PsfFXoFezvlv4NROc7p5pFPTrltZVH1oI2nf6bAtcMEp7Cp0v_NaYt8dJ0cdYslIGwikH3Dm1QiNKzoqkkUy1-fjwLRSJ5CiH9eUO8DvzB6VomNOHHN0A5F-EJbIAZFXiD3z9N86TsRyEKSpaR7JhmO20VVVLp_YvpUuY9Nagiknkx3gp08vYCBBro0dTnDDQSsOqfVTlNTI5QZz_7AQXrUl7iyAMcw91mfajw
&token_type=Bearer
&expires_in=3600
在最后一步中,我将获取用户请求并将 accessToken
作为参数发送。
点击这个 API 之后,我得到了无效的访问令牌
Service: AmazonCognitoIdentityProvider;
Status Code: 400;
Error Code: NotAuthorizedException;
Request ID: 58fc3cfc-1649-11e9-91bc-3fb47a1bd404)
Invalid Access Token (Service: AmazonCognitoIdentityProvider;
Status Code: 400;
Error Code: NotAuthorizedException;
Request ID: 58fc3cfc-1649-11e9-91bc-3fb47a1bd404)
您可以尝试从 Facebook 设置中删除您的应用并重新登录。
终于找到了解决方案,只是根据我在 request.Now Facebook 中的区域手动添加端点,并且 google 登录在 'AWS Cognito' 下正常工作。