Amazon web services 如何使用AWS Cognito和Boto3和OAuth获取概要文件数据？

好的，用户登录后，我想获取他们的个人资料数据。所以我尝试的方法是通过boto3.client（'cognito-idp'）。get_user，但它不断返回：

NotAuthorizedException:调用GetUser操作时发生错误（NotAuthorizedException）：访问令牌没有所需的作用域

据我所知，我已经把每一个内置的Cognito范围，我不确定为什么它不工作。任何帮助都将不胜感激

我的授权脚本

scope = request.args.get(
    'scope',
    'email phone profile openid')
sumukey = make_session(scope=scope.split(' '))
authorization_url, state = sumukey.authorization_url(AUTHORIZATION_BASE_URL)
session['oauth2_state'] = state
return redirect(authorization_url)

我的回报

sumukey = make_session(state=session.get('oauth2_state'))
token = sumukey.fetch_token(
    TOKEN_URL,
    client_secret=OAUTH2_CLIENT_SECRET,
    authorization_response=request.url)
session['oauth2_token'] = token
return redirect(url_for('.index'))

return OAuth2Session(
    scope=scope,
    client_id=OAUTH2_CLIENT_ID,
    token=token,
    state=state,
    redirect_uri=OAUTH2_REDIRECT_URI,
    auto_refresh_kwargs={
        'client_id': OAUTH2_CLIENT_ID,
        'client_secret': OAUTH2_CLIENT_SECRET,
    },
    auto_refresh_url=TOKEN_URL,
    token_updater=token_updater)

当前获取数据的尝试

client = boto3.client('cognito-idp')
response = client.get_user(
    AccessToken=session['oauth2_token']['access_token']
)
return str(jsonify(response))

制作会话

sumukey = make_session(state=session.get('oauth2_state'))
token = sumukey.fetch_token(
    TOKEN_URL,
    client_secret=OAUTH2_CLIENT_SECRET,
    authorization_response=request.url)
session['oauth2_token'] = token
return redirect(url_for('.index'))

return OAuth2Session(
    scope=scope,
    client_id=OAUTH2_CLIENT_ID,
    token=token,
    state=state,
    redirect_uri=OAUTH2_REDIRECT_URI,
    auto_refresh_kwargs={
        'client_id': OAUTH2_CLIENT_ID,
        'client_secret': OAUTH2_CLIENT_SECRET,
    },
    auto_refresh_url=TOKEN_URL,
    token_updater=token_updater)