Amazon web services 当我选择USER_SRP_AUTH作为身份验证流类型时，为什么AWS Amplify会尝试使用CUSTOM_AUTH进行身份验证？_Amazon Web Services_Amazon Cognito_Aws Amplify_Aws Cdk_Amplifyjs

Amazon web services 当我选择USER_SRP_AUTH作为身份验证流类型时，为什么AWS Amplify会尝试使用CUSTOM_AUTH进行身份验证？

amazon-web-services

Amazon web services 当我选择USER_SRP_AUTH作为身份验证流类型时，为什么AWS Amplify会尝试使用CUSTOM_AUTH进行身份验证？,amazon-web-services,amazon-cognito,aws-amplify,aws-cdk,amplifyjs,Amazon Web Services,Amazon Cognito,Aws Amplify,Aws Cdk,Amplifyjs,我有一个托管在AWSS3上的web应用程序，它允许用户使用AWS Cognito进行身份验证用户池在AWS CDK（1.70.0）中使用以下配置： const userPool = new cognito.UserPool(this, "user-pool", { enableSmsRole: false, mfa: cognito.Mfa.OFF, signInAliases: { email: true }, stan

我有一个托管在AWSS3上的web应用程序，它允许用户使用AWS Cognito进行身份验证

用户池在AWS CDK（1.70.0）中使用以下配置：

const userPool = new cognito.UserPool(this, "user-pool", {
    enableSmsRole: false,
    mfa: cognito.Mfa.OFF,
    signInAliases: {
      email: true
    },
    standardAttributes: {
      email: { mutable: true, required: true }
    },
    userPoolName: "user-pool"
  });

  const client = userPool.addClient("user-pool-client", {
    preventUserExistenceErrors: true,
    authFlows: {
      userSrp: true
    },
    oAuth: {
      flows: {
        implicitCodeGrant: true,
      },
      scopes: [cognito.OAuthScope.OPENID, cognito.OAuthScope.EMAIL]
    }
  });

Amplify.configure({
    Auth: {
        authenticationFlowType: 'USER_SRP_AUTH',
        mandatorySignIn: true,
        region: "eu-west-1",
        userPoolId: "XXXXXXXXXXXXX",
        userPoolWebClientId: "XXXXXXXXXXXXX",
        oauth: {
            domain: "somedomain.auth.eu-west-1.amazoncognito.com",
            redirectSignIn: ["https://abc123.cloudfront.net", "localhost:8080"],
            redirectSignOut: "",
            responseType: "token",
            scope: ["email"]
        },
    },
});

AWS Amplify配置有以下各项：

const userPool = new cognito.UserPool(this, "user-pool", {
    enableSmsRole: false,
    mfa: cognito.Mfa.OFF,
    signInAliases: {
      email: true
    },
    standardAttributes: {
      email: { mutable: true, required: true }
    },
    userPoolName: "user-pool"
  });

  const client = userPool.addClient("user-pool-client", {
    preventUserExistenceErrors: true,
    authFlows: {
      userSrp: true
    },
    oAuth: {
      flows: {
        implicitCodeGrant: true,
      },
      scopes: [cognito.OAuthScope.OPENID, cognito.OAuthScope.EMAIL]
    }
  });

Amplify.configure({
    Auth: {
        authenticationFlowType: 'USER_SRP_AUTH',
        mandatorySignIn: true,
        region: "eu-west-1",
        userPoolId: "XXXXXXXXXXXXX",
        userPoolWebClientId: "XXXXXXXXXXXXX",
        oauth: {
            domain: "somedomain.auth.eu-west-1.amazoncognito.com",
            redirectSignIn: ["https://abc123.cloudfront.net", "localhost:8080"],
            redirectSignOut: "",
            responseType: "token",
            scope: ["email"]
        },
    },
});

然而，当我尝试使用

Auth.sign（电子邮件、密码）登录时，发送到cognito idp的请求负载为
{
    "AuthFlow":"CUSTOM_AUTH",
    "ClientId":"XXXXXXXXXXX",
    "AuthParameters":{"USERNAME":"user@test.com"},
    "ClientMetadata":{}
}

并且我收到错误客户机未启用自定义身份验证

我缺少一些配置吗？我很困惑为什么Amplify会尝试使用自定义身份验证，尽管我在配置中明确说明了用户身份验证。
已解决。
答案很简单，使用Auth.federatedSignIn（）
而不是Auth.signIn（）
。没有特别清楚的错误消息或文档。我会把这个留在这里，以防其他人也有同样的问题