Ios 将DynamoDB与Cognito:Token一起使用不是来自此标识池的受支持的提供程序
我正在为我的iOS应用程序实施注册和登录,以该项目为例: 以前,我的应用程序能够使用在我的AppDelegate的Ios 将DynamoDB与Cognito:Token一起使用不是来自此标识池的受支持的提供程序,ios,swift,amazon-dynamodb,amazon-cognito,Ios,Swift,Amazon Dynamodb,Amazon Cognito,我正在为我的iOS应用程序实施注册和登录,以该项目为例: 以前,我的应用程序能够使用在我的AppDelegate的didFinishLaunchingWithOptions方法中设置的凭据提供程序访问DynamoDB资源。但是,在将我的项目更改为包含登录和类似示例的功能后,我看到了错误: "__type":"NotAuthorizedException","message":"Token is not from a supported provider of this identity poo
didFinishLaunchingWithOptions
方法中设置的凭据提供程序访问DynamoDB资源。但是,在将我的项目更改为包含登录和类似示例的功能后,我看到了错误:
"__type":"NotAuthorizedException","message":"Token is not from a supported provider of this identity pool."
AppDelegate中设置credentialsProvider
的代码当前如下所示:
let serviceConfiguration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: nil)
let userPoolConfiguration = AWSCognitoIdentityUserPoolConfiguration(clientId:APP_CLIENT_ID, clientSecret: APP_CLIENT_SECRET, poolId: USER_POOL_ID)
AWSCognitoIdentityUserPool.registerCognitoIdentityUserPoolWithConfiguration(serviceConfiguration, userPoolConfiguration: userPoolConfiguration, forKey: USER_POOL_NAME)
let pool = AWSCognitoIdentityUserPool(forKey:USER_POOL_NAME)
pool.delegate = self
self.storyboard = UIStoryboard(name: "Main", bundle: nil)
let credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager:pool)
let configuration = AWSServiceConfiguration(region:.USEast1, credentialsProvider:credentialsProvider)
let serviceConfiguration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: nil)
let userPoolConfiguration = AWSCognitoIdentityUserPoolConfiguration(clientId:APP_CLIENT_ID, clientSecret: APP_CLIENT_SECRET, poolId: USER_POOL_ID)
AWSCognitoIdentityUserPool.registerCognitoIdentityUserPoolWithConfiguration(serviceConfiguration, userPoolConfiguration: userPoolConfiguration, forKey: USER_POOL_NAME)
let pool = AWSCognitoIdentityUserPool(forKey:USER_POOL_NAME)
pool.delegate = self
self.storyboard = UIStoryboard(name: "Main", bundle: nil)
self.credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager:pool)
let manager = IdentityProviderManager(tokens: [NSString:NSString]())
self.credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager: manager)
let configuration = AWSServiceConfiguration(region:.USEast1, credentialsProvider:credentialsProvider!)
AWSServiceManager.defaultServiceManager().defaultServiceConfiguration = configuration
if locked { return }
trimRegistrationValues()
let name = usernameField.text!
let user = pool!.getUser(name)
lock()
user.getSession(name, password: passwordField.text!, validationData: nil, scopes: nil).continueWithExecutor(AWSExecutor.mainThreadExecutor(), withBlock: {
(task:AWSTask!) -> AnyObject! in
if task.error != nil {
self.sendErrorPopup("ERROR: Unable to sign in. Error description: " + task.error!.description)
} else {
print("Successful Login")
let loginKey = "cognito-idp.us-east-1.amazonaws.com/" + USER_POOL_ID
var logins = [NSString : NSString]()
self.credentialsProvider!.identityProvider.logins().continueWithBlock { (task: AWSTask!) -> AnyObject! in
if (task.error != nil) {
print("ERROR: Unable to get logins. Description: " + task.error!.description)
} else {
if task.result != nil{
let prevLogins = task.result as! [NSString:NSString]
print("Previous logins: " + String(prevLogins))
logins = prevLogins
}
logins[loginKey] = name
let manager = IdentityProviderManager(tokens: logins)
self.credentialsProvider!.setIdentityProviderManagerOnce(manager)
self.credentialsProvider!.getIdentityId().continueWithBlock { (task: AWSTask!) -> AnyObject! in
if (task.error != nil) {
print("ERROR: Unable to get ID. Error description: " + task.error!.description)
} else {
print("Signed in user with the following ID:")
print(task.result)
dispatch_async(dispatch_get_main_queue()){
self.performSegueWithIdentifier("mainViewControllerSegue", sender: self)
}
}
return nil
}
}
return nil
}
}
self.unlock()
return nil
})
我也无法通过我的应用程序访问任何DynamoDB数据
根据控制台输出,注册过程似乎正常工作,尽管我不确定登录过程。我突然想到,我已经将存储DynamoDB资源的EU-West-1区域改为US-East-1区域。为了解释这一变化,我重复了最初允许我的应用程序访问DynamoDB的相同步骤:
- 我创建了Auth和Unauth角色,这两个角色都可以访问与以前工作过的角色相同的操作,但是可以使用EU-West-1资源
- 我将这些角色设置为在“未验证角色”和“已验证角色”下设置注册时创建的用户池
let name = usernameField.text!
let user = pool!.getUser(name)
lock()
user.getSession(name, password: passwordField.text!, validationData: nil, scopes: nil).continueWithExecutor(AWSExecutor.mainThreadExecutor(), withBlock: {
(task:AWSTask!) -> AnyObject! in
if task.error != nil {
self.sendErrorPopup("ERROR: Unable to sign in. Error description: " + task.error!.description)
} else {
print("Successful Login")
dispatch_async(dispatch_get_main_queue()){
self.performSegueWithIdentifier("mainViewControllerSegue", sender: self)
}
}
self.unlock()
return nil
})
方法lock()
、unlock()
和senderropopup()
都是我创建的与UI严格相关的方法,这样登录过程的开始和结束在视觉上会更加清晰。控制台输出总是显示“successfulllogin”,但我想知道这段代码是否真的正确登录了用户,因为错误消息听起来似乎用户可能没有得到正确授权
我突然想到,美国西部的表格可能设置不正确,但即使在尝试创建新表格时,我也会遇到同样的问题,因此我认为这不是问题所在。在允许用户访问DynamoDB方面,我是否错过了一些步骤?AWS Cognito的新测试版用户池系统是否改变了流程
编辑2:
我修复了前一个问题,有一段时间,我的应用程序运行良好。但是,当我登录时,它突然停止加载DynamoDB数据,并显示错误消息:无效登录令牌。无法传入Cognito令牌。
当前,我的AppData
代码如下所示:
let serviceConfiguration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: nil)
let userPoolConfiguration = AWSCognitoIdentityUserPoolConfiguration(clientId:APP_CLIENT_ID, clientSecret: APP_CLIENT_SECRET, poolId: USER_POOL_ID)
AWSCognitoIdentityUserPool.registerCognitoIdentityUserPoolWithConfiguration(serviceConfiguration, userPoolConfiguration: userPoolConfiguration, forKey: USER_POOL_NAME)
let pool = AWSCognitoIdentityUserPool(forKey:USER_POOL_NAME)
pool.delegate = self
self.storyboard = UIStoryboard(name: "Main", bundle: nil)
let credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager:pool)
let configuration = AWSServiceConfiguration(region:.USEast1, credentialsProvider:credentialsProvider)
let serviceConfiguration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: nil)
let userPoolConfiguration = AWSCognitoIdentityUserPoolConfiguration(clientId:APP_CLIENT_ID, clientSecret: APP_CLIENT_SECRET, poolId: USER_POOL_ID)
AWSCognitoIdentityUserPool.registerCognitoIdentityUserPoolWithConfiguration(serviceConfiguration, userPoolConfiguration: userPoolConfiguration, forKey: USER_POOL_NAME)
let pool = AWSCognitoIdentityUserPool(forKey:USER_POOL_NAME)
pool.delegate = self
self.storyboard = UIStoryboard(name: "Main", bundle: nil)
self.credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager:pool)
let manager = IdentityProviderManager(tokens: [NSString:NSString]())
self.credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager: manager)
let configuration = AWSServiceConfiguration(region:.USEast1, credentialsProvider:credentialsProvider!)
AWSServiceManager.defaultServiceManager().defaultServiceConfiguration = configuration
if locked { return }
trimRegistrationValues()
let name = usernameField.text!
let user = pool!.getUser(name)
lock()
user.getSession(name, password: passwordField.text!, validationData: nil, scopes: nil).continueWithExecutor(AWSExecutor.mainThreadExecutor(), withBlock: {
(task:AWSTask!) -> AnyObject! in
if task.error != nil {
self.sendErrorPopup("ERROR: Unable to sign in. Error description: " + task.error!.description)
} else {
print("Successful Login")
let loginKey = "cognito-idp.us-east-1.amazonaws.com/" + USER_POOL_ID
var logins = [NSString : NSString]()
self.credentialsProvider!.identityProvider.logins().continueWithBlock { (task: AWSTask!) -> AnyObject! in
if (task.error != nil) {
print("ERROR: Unable to get logins. Description: " + task.error!.description)
} else {
if task.result != nil{
let prevLogins = task.result as! [NSString:NSString]
print("Previous logins: " + String(prevLogins))
logins = prevLogins
}
logins[loginKey] = name
let manager = IdentityProviderManager(tokens: logins)
self.credentialsProvider!.setIdentityProviderManagerOnce(manager)
self.credentialsProvider!.getIdentityId().continueWithBlock { (task: AWSTask!) -> AnyObject! in
if (task.error != nil) {
print("ERROR: Unable to get ID. Error description: " + task.error!.description)
} else {
print("Signed in user with the following ID:")
print(task.result)
dispatch_async(dispatch_get_main_queue()){
self.performSegueWithIdentifier("mainViewControllerSegue", sender: self)
}
}
return nil
}
}
return nil
}
}
self.unlock()
return nil
})
…我的登录代码如下所示:
let serviceConfiguration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: nil)
let userPoolConfiguration = AWSCognitoIdentityUserPoolConfiguration(clientId:APP_CLIENT_ID, clientSecret: APP_CLIENT_SECRET, poolId: USER_POOL_ID)
AWSCognitoIdentityUserPool.registerCognitoIdentityUserPoolWithConfiguration(serviceConfiguration, userPoolConfiguration: userPoolConfiguration, forKey: USER_POOL_NAME)
let pool = AWSCognitoIdentityUserPool(forKey:USER_POOL_NAME)
pool.delegate = self
self.storyboard = UIStoryboard(name: "Main", bundle: nil)
let credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager:pool)
let configuration = AWSServiceConfiguration(region:.USEast1, credentialsProvider:credentialsProvider)
let serviceConfiguration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: nil)
let userPoolConfiguration = AWSCognitoIdentityUserPoolConfiguration(clientId:APP_CLIENT_ID, clientSecret: APP_CLIENT_SECRET, poolId: USER_POOL_ID)
AWSCognitoIdentityUserPool.registerCognitoIdentityUserPoolWithConfiguration(serviceConfiguration, userPoolConfiguration: userPoolConfiguration, forKey: USER_POOL_NAME)
let pool = AWSCognitoIdentityUserPool(forKey:USER_POOL_NAME)
pool.delegate = self
self.storyboard = UIStoryboard(name: "Main", bundle: nil)
self.credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager:pool)
let manager = IdentityProviderManager(tokens: [NSString:NSString]())
self.credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager: manager)
let configuration = AWSServiceConfiguration(region:.USEast1, credentialsProvider:credentialsProvider!)
AWSServiceManager.defaultServiceManager().defaultServiceConfiguration = configuration
if locked { return }
trimRegistrationValues()
let name = usernameField.text!
let user = pool!.getUser(name)
lock()
user.getSession(name, password: passwordField.text!, validationData: nil, scopes: nil).continueWithExecutor(AWSExecutor.mainThreadExecutor(), withBlock: {
(task:AWSTask!) -> AnyObject! in
if task.error != nil {
self.sendErrorPopup("ERROR: Unable to sign in. Error description: " + task.error!.description)
} else {
print("Successful Login")
let loginKey = "cognito-idp.us-east-1.amazonaws.com/" + USER_POOL_ID
var logins = [NSString : NSString]()
self.credentialsProvider!.identityProvider.logins().continueWithBlock { (task: AWSTask!) -> AnyObject! in
if (task.error != nil) {
print("ERROR: Unable to get logins. Description: " + task.error!.description)
} else {
if task.result != nil{
let prevLogins = task.result as! [NSString:NSString]
print("Previous logins: " + String(prevLogins))
logins = prevLogins
}
logins[loginKey] = name
let manager = IdentityProviderManager(tokens: logins)
self.credentialsProvider!.setIdentityProviderManagerOnce(manager)
self.credentialsProvider!.getIdentityId().continueWithBlock { (task: AWSTask!) -> AnyObject! in
if (task.error != nil) {
print("ERROR: Unable to get ID. Error description: " + task.error!.description)
} else {
print("Signed in user with the following ID:")
print(task.result)
dispatch_async(dispatch_get_main_queue()){
self.performSegueWithIdentifier("mainViewControllerSegue", sender: self)
}
}
return nil
}
}
return nil
}
}
self.unlock()
return nil
})
在我的应用程序运行和不运行之间,我没有做任何改变。在测试密码重置功能时,我确实导致了“密码重置次数过多”错误,但即使在我的应用程序上创建了一个新的用户帐户时,问题仍然存在,因此我认为这不是原因。我是否正确处理登录?如果是这样的话,我应该在哪里寻找这个问题的其他可能原因呢?如果您已经给了Cognito一个登录名,但是还没有启用您的身份池来使用该登录名提供者,那么通常会引发该异常。如果没有,请转到Cognito Federated Identifications控制台并打开您尝试使用的任何提供者(看起来像用户池),这个错误应该会消失
如果你确定你已经设置好了,你能给出一个如何设置登录名的代码片段吗?如果你已经给Cognito一个登录名,但是没有启用你的身份池来使用该登录名提供者,那么通常会引发异常。如果没有,请转到Cognito Federated Identifications控制台并打开您尝试使用的任何提供者(看起来像用户池),这个错误应该会消失
如果你确定你已经设置好了,你能给出一个你如何设置登录的代码片段吗?在登录中设置ID令牌的密钥应该是
cognito idp..amazonaws.com/
格式,而不是你的用户名。在您发布的开发指南的链接中,应该解释您需要的步骤和代码
对于不推荐使用的登录字典的解决方案,您需要使用来创建凭据提供程序。此处的identityProviderManager应该是的实现,logins方法应该返回提供者名称到令牌的字典映射。凭据提供程序将在每次需要标识提供程序令牌时调用此方法。查看更多详细信息。您在登录中设置ID令牌的密钥的格式应为
cognito idp..amazonaws.com/
而不是您的用户名。在您发布的开发指南的链接中,应该解释您需要的步骤和代码
对于不推荐使用的登录字典的解决方案,您需要使用来创建凭据提供程序。此处的identityProviderManager应该是的实现,logins方法应该返回提供者名称到令牌的字典映射。凭据提供程序将在每次需要标识提供程序令牌时调用此方法。查看更多详细信息。我编辑了我的帖子,以反映我所做的一些更改。本质上,我找到了更多的代码示例,但它们似乎与我最初使用的代码示例大不相同,因此我尝试按照我在本示例中看到的方式设置登录名:我的编辑显示了我设置登录名的方式,但我遇到了一个新的错误,应用程序挂起。这篇文章使我免于发飙。非常感谢。请记住将您的应用程序id添加到用户池和联合身份!我编辑了我的文章以反映我所做的一些改变。本质上,我找到了更多的代码示例,但它们似乎与我最初使用的代码示例大不相同,因此我尝试按照我在本示例中看到的方式设置登录名:我的编辑显示了我设置登录名的方式,但我遇到了一个新的错误,应用程序挂起。这篇文章使我免于发飙。非常感谢。