iOS-亚马逊Cognito+;作为来宾用户的Kinesis视频
TLDR:如何与来宾/未经身份验证的用户一起使用亚马逊服务 我一直在尝试与一位来宾用户实现Amazon Kinesis视频流,但没有成功。以下是我迄今为止所做或取得的成果iOS-亚马逊Cognito+;作为来宾用户的Kinesis视频,ios,swift,amazon-web-services,amazon-cognito,amazon-kinesis,Ios,Swift,Amazon Web Services,Amazon Cognito,Amazon Kinesis,TLDR:如何与来宾/未经身份验证的用户一起使用亚马逊服务 我一直在尝试与一位来宾用户实现Amazon Kinesis视频流,但没有成功。以下是我迄今为止所做或取得的成果 遵循此步骤,并准备好一个项目,用于用户池和标识池设置 如本文所述,已在我的身份池中启用未经身份验证的访问 我已经看过了,但我不认为我完全明白我需要做什么。我试过了,因为我理解它,但没有成功(张贴代码如下) 已使用策略模拟器验证创建并与标识池关联的角色(Auth和UnAuth)是否具有作业的权限(两个角色具有相同的权限) 现在,
AWSKinesisVideo
上的createSignalingChannel
或describeSignalingChannel
,并在XCode中得到以下错误:
Error Domain=com.amazonaws.AWSKinesisVideoErrorDomain Code=1 "null" UserInfo={NSLocalizedDescription=null, NSLocalizedFailureReason=AccessDeniedException:http://internal.amazon.com/coral/com.amazon.coral.service/}
我一直在寻找一种方法来做到这一点已经有几天了,我在文档等中找到的唯一信息是,这是可能的,但没有如何做到这一点。我认为唯一缺少的一步是连接应用程序或以来宾用户或其他用户的身份访问服务。控制台等配置均已设置
用于创建用于动态视频流共享的频道的代码:
let credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast2, identityPoolId: cognitoIdentityPoolId)
let configuration = AWSServiceConfiguration(region: .USEast2, credentialsProvider: credentialsProvider)
AWSServiceManager.default().defaultServiceConfiguration = configuration
credentialsProvider.getIdentityId().continueWith(block: { (task) -> AnyObject? in
if (task.error != nil) {
print("Error: " + task.error!.localizedDescription)
}
else {
// the task result will contain the identity id
// let cognitoId = task.result!
// I don't know what to do here or what to do with this Id, this code block is here
// because it was part of getting credentials link. I have tried without it as well
}
return task;
})
// let configuration = AWSServiceConfiguration(region: self.awsRegionType, credentialsProvider: AWSMobileClient.default())
AWSKinesisVideo.register(with: configuration!, forKey: awsKinesisVideoKey) // "kinesisvideo"
self.retrieveChannelARN(channelName: channelNameValue)
if self.channelARN == nil {
self.createChannel(channelName: channelNameValue)
}
retrieveChannelARN
和createChannel
方法不变,它们是的一部分,如下所示:
func createChannel(channelName: String) {
let kvsClient = AWSKinesisVideo(forKey: awsKinesisVideoKey)
let createSigalingChannelInput = AWSKinesisVideoCreateSignalingChannelInput.init()
createSigalingChannelInput?.channelName = channelName
kvsClient.createSignalingChannel(createSigalingChannelInput!).continueWith(block: { (task) -> Void in
if let error = task.error {
print("Error creating channel \(error)")
return
} else {
self.channelARN = task.result?.channelARN
print("Channel ARN : ", task.result?.channelARN)
}
}).waitUntilFinished()
if (self.channelARN == nil) {
let alertController = UIAlertController(title: "Unable to create channel",
message: "Please validate all the input fields",
preferredStyle: .alert)
let okAction = UIAlertAction(title: "Ok", style: .default, handler: nil)
alertController.addAction(okAction)
self.present(alertController, animated: true, completion: nil)
return
}
}
func retrieveChannelARN(channelName: String) {
if !channelName.isEmpty {
let describeInput = AWSKinesisVideoDescribeSignalingChannelInput()
describeInput?.channelName = channelName
let kvsClient = AWSKinesisVideo(forKey: awsKinesisVideoKey)
kvsClient.describeSignalingChannel(describeInput!).continueWith(block: { (task) -> Void in
if let error = task.error {
print("Error describing channel: \(error)")
} else {
self.channelARN = task.result?.channelInfo?.channelARN
print("Channel ARN : ", task.result!.channelInfo!.channelARN ?? "Channel ARN empty.")
}
}).waitUntilFinished()
} else {
let alertController = UIAlertController(title: "Channel Name is Empty",
message: "Valid Channel Name is required.",
preferredStyle: .alert)
let okAction = UIAlertAction(title: "Ok", style: .default, handler: nil)
alertController.addAction(okAction)
present(alertController, animated: true, completion: nil)
return
}
}
另外,我注意到,credentialsProvider
的internalCredentials
属性存在于authenticated user中,但不存在于来宾用户,我只是不知道如何补救。在此方面的任何帮助都将不胜感激。谢谢大家!
您将获得AccessDeniedException,这意味着您的角色没有操作权限/I wish mate,但正如我所提到的,我已经验证了与标识池连接的角色具有运动视频流所需的权限。我给这些角色的权限是Amazon在文档中给出的权限(我在Point1文章中的第一个链接)。我还通过策略模拟器验证了所调用的方法createChannel和RetrieveChannel Arn可以在身份池附带的Auth和UnAuth角色上执行。@usman,我已经为身份池设置和取消授权添加了图像,以便您可以验证这些事情是否正常。@Abdul91您也可以附加AuthRole吗?我已经为AuthRole mate添加了图像