Fatal编程技术网
  • android/
  • AWS S3-如何为Android获得正确的凭据?

AWS S3-如何为Android获得正确的凭据?

android amazon-web-services amazon-s3

AWS S3-如何为Android获得正确的凭据?,android,amazon-web-services,amazon-s3,amazon,credentials,Android,Amazon Web Services,Amazon S3,Amazon,Credentials,我正在用S3制作一个Android应用程序,这样用户就可以把东西上传到S3服务器上。对于AWS令牌,我们使用自己的服务器获得以下内容 java是以下json的POJO { "id": "us-east-1:xxxxx", "token": "xxxxx", "region": "us-east-1", "identityPoolId": "us-east-1:xxxxx", "loginProvider": "xxxxx" } 然后我尝试使用它来创建identityP

我正在用S3制作一个Android应用程序,这样用户就可以把东西上传到S3服务器上。对于AWS令牌,我们使用自己的服务器获得以下内容

java是以下json的POJO

{
  "id": "us-east-1:xxxxx",
  "token": "xxxxx",
  "region": "us-east-1",
  "identityPoolId": "us-east-1:xxxxx",
  "loginProvider": "xxxxx"
}
然后我尝试使用它来创建identityProvider和credentialsProvider,以获取AmazonS3Client和TransferUtility

KOIAWSAuthenticatedIdentityProvider identityProvider = new KOIAWSAuthenticatedIdentityProvider(awsToken);

CognitoCachingCredentialsProvider cognitoCachingCredentialsProvider = new CognitoCachingCredentialsProvider(
    getApplicationContext(), // Context
    identityProvider,
    Regions.US_EAST_1 // Region
);

AmazonS3Client sS3Client = new AmazonS3Client(cognitoCachingCredentialsProvider);
TransferUtility transferUtility = new TransferUtility(sS3Client, getApplicationContext());
KOIAWSAuthenticatedIdentityProvider.java

package com.krossover.network.aws;

import com.amazonaws.auth.AWSCognitoIdentityProvider;
import com.amazonaws.auth.IdentityChangedListener;
import com.krossover.network.models.AWSToken;

import java.util.Map;

/**
 * Created by paulshin on 9/26/16.
 */
public class KOIAWSAuthenticatedIdentityProvider implements AWSCognitoIdentityProvider {
    private AWSToken awsToken;

    public KOIAWSAuthenticatedIdentityProvider(AWSToken awsToken) {
        this.awsToken = awsToken;
    }

    @Override
    public String getIdentityId() {
        return awsToken.id;
    }

    @Override
    public String getIdentityPoolId() {
        return awsToken.identityPoolId;
    }

    @Override
    public void setLogins(Map<String, String> loginsMap) {

    }

    @Override
    public Map<String, String> getLogins() {
        return null;
    }

    @Override
    public boolean isAuthenticated() {
        return true;
    }

    @Override
    public void registerIdentityChangedListener(IdentityChangedListener listener) {

    }

    @Override
    public void unregisterIdentityChangedListener(IdentityChangedListener listener) {

    }

    @Override
    public void identityChanged(String newIdentity) {

    }

    @Override
    public void clearListeners() {

    }

    @Override
    public String getToken() {
        return awsToken.token;
    }

    @Override
    public String refresh() {
        return null;
    }
}

class KOIAWSAuthenticatedIdentityProvider: AWSCognitoCredentialsProviderHelper {

    private var awsToken: String

    init(regionType: AWSRegionType,
         identityPoolId: String,
         providerName: String,
         identityId: String,
         token: String)
    {
        self.awsToken = token

        super.init(
            regionType: regionType,
            identityPoolId: identityPoolId,
            useEnhancedFlow: true,
            identityProviderManager: nil)

        self.identityId = identityId
    }

    override func token() -> AWSTask {
        return AWSTask(result: self.awsToken)
    }
}
我们的iOS应用程序具有非常相似的逻辑,它工作正常,从未出现访问禁止错误。我不知道为什么我从安卓图书馆得到它

仅供参考,这是KOIAWSAuthenticatedIdentityProvider.java的iOS版本

package com.krossover.network.aws;

import com.amazonaws.auth.AWSCognitoIdentityProvider;
import com.amazonaws.auth.IdentityChangedListener;
import com.krossover.network.models.AWSToken;

import java.util.Map;

/**
 * Created by paulshin on 9/26/16.
 */
public class KOIAWSAuthenticatedIdentityProvider implements AWSCognitoIdentityProvider {
    private AWSToken awsToken;

    public KOIAWSAuthenticatedIdentityProvider(AWSToken awsToken) {
        this.awsToken = awsToken;
    }

    @Override
    public String getIdentityId() {
        return awsToken.id;
    }

    @Override
    public String getIdentityPoolId() {
        return awsToken.identityPoolId;
    }

    @Override
    public void setLogins(Map<String, String> loginsMap) {

    }

    @Override
    public Map<String, String> getLogins() {
        return null;
    }

    @Override
    public boolean isAuthenticated() {
        return true;
    }

    @Override
    public void registerIdentityChangedListener(IdentityChangedListener listener) {

    }

    @Override
    public void unregisterIdentityChangedListener(IdentityChangedListener listener) {

    }

    @Override
    public void identityChanged(String newIdentity) {

    }

    @Override
    public void clearListeners() {

    }

    @Override
    public String getToken() {
        return awsToken.token;
    }

    @Override
    public String refresh() {
        return null;
    }
}

class KOIAWSAuthenticatedIdentityProvider: AWSCognitoCredentialsProviderHelper {

    private var awsToken: String

    init(regionType: AWSRegionType,
         identityPoolId: String,
         providerName: String,
         identityId: String,
         token: String)
    {
        self.awsToken = token

        super.init(
            regionType: regionType,
            identityPoolId: identityPoolId,
            useEnhancedFlow: true,
            identityProviderManager: nil)

        self.identityId = identityId
    }

    override func token() -> AWSTask {
        return AWSTask(result: self.awsToken)
    }
}
我发现区别在于Android与useEnhancedFlow没有任何关系:真的”

有人知道吗?谢谢。

当身份x是经过身份验证的身份(已经有登录链接的身份)时,几乎总是会抛出对身份x的访问被禁止,但正在请求该标识,但未包含登录名。Cognito要求您在尝试访问该标识时提供链接到已验证标识的>=1登录名

很可能您遇到了这个问题,因为您正在子类化的类不是正确的类。根据,您应该子类化AWSABStractCognitodeveloperEntityProvider。

当标识x是经过身份验证的标识(已经有一个登录链接到它的标识)时,几乎总是会引发对该标识x的访问被禁止,但正在请求该标识,但未包含登录名。Cognito要求您在尝试访问该标识时提供链接到已验证标识的>=1登录名

很可能您遇到了这个问题,因为您正在子类化的类不是正确的类。根据,您应该子类化AWSABStractCognitodeveloperEntityProvider