Amazon web services 如何使用AWS Cognito和Boto3和OAuth获取概要文件数据?
好的,用户登录后,我想获取他们的个人资料数据。所以我尝试的方法是通过boto3.client('cognito-idp')。get_user,但它不断返回: NotAuthorizedException:调用GetUser操作时发生错误(NotAuthorizedException):访问令牌没有所需的作用域 据我所知,我已经把每一个内置的Cognito范围,我不确定为什么它不工作。任何帮助都将不胜感激 我的授权脚本Amazon web services 如何使用AWS Cognito和Boto3和OAuth获取概要文件数据?,amazon-web-services,oauth,boto3,aws-cognito,Amazon Web Services,Oauth,Boto3,Aws Cognito,好的,用户登录后,我想获取他们的个人资料数据。所以我尝试的方法是通过boto3.client('cognito-idp')。get_user,但它不断返回: NotAuthorizedException:调用GetUser操作时发生错误(NotAuthorizedException):访问令牌没有所需的作用域 据我所知,我已经把每一个内置的Cognito范围,我不确定为什么它不工作。任何帮助都将不胜感激 我的授权脚本 scope = request.args.get( 'scope',
scope = request.args.get(
'scope',
'email phone profile openid')
sumukey = make_session(scope=scope.split(' '))
authorization_url, state = sumukey.authorization_url(AUTHORIZATION_BASE_URL)
session['oauth2_state'] = state
return redirect(authorization_url)
我的回报
sumukey = make_session(state=session.get('oauth2_state'))
token = sumukey.fetch_token(
TOKEN_URL,
client_secret=OAUTH2_CLIENT_SECRET,
authorization_response=request.url)
session['oauth2_token'] = token
return redirect(url_for('.index'))
return OAuth2Session(
scope=scope,
client_id=OAUTH2_CLIENT_ID,
token=token,
state=state,
redirect_uri=OAUTH2_REDIRECT_URI,
auto_refresh_kwargs={
'client_id': OAUTH2_CLIENT_ID,
'client_secret': OAUTH2_CLIENT_SECRET,
},
auto_refresh_url=TOKEN_URL,
token_updater=token_updater)
当前获取数据的尝试
client = boto3.client('cognito-idp')
response = client.get_user(
AccessToken=session['oauth2_token']['access_token']
)
return str(jsonify(response))
制作会话
sumukey = make_session(state=session.get('oauth2_state'))
token = sumukey.fetch_token(
TOKEN_URL,
client_secret=OAUTH2_CLIENT_SECRET,
authorization_response=request.url)
session['oauth2_token'] = token
return redirect(url_for('.index'))
return OAuth2Session(
scope=scope,
client_id=OAUTH2_CLIENT_ID,
token=token,
state=state,
redirect_uri=OAUTH2_REDIRECT_URI,
auto_refresh_kwargs={
'client_id': OAUTH2_CLIENT_ID,
'client_secret': OAUTH2_CLIENT_SECRET,
},
auto_refresh_url=TOKEN_URL,
token_updater=token_updater)