Fatal编程技术网
  • ios/
  • Ios 将DynamoDB与Cognito:Token一起使用不是来自此标识池的受支持的提供程序

Ios 将DynamoDB与Cognito:Token一起使用不是来自此标识池的受支持的提供程序

ios swift amazon-dynamodb

Ios 将DynamoDB与Cognito:Token一起使用不是来自此标识池的受支持的提供程序,ios,swift,amazon-dynamodb,amazon-cognito,Ios,Swift,Amazon Dynamodb,Amazon Cognito,我正在为我的iOS应用程序实施注册和登录,以该项目为例: 以前,我的应用程序能够使用在我的AppDelegate的didFinishLaunchingWithOptions方法中设置的凭据提供程序访问DynamoDB资源。但是,在将我的项目更改为包含登录和类似示例的功能后,我看到了错误: "__type":"NotAuthorizedException","message":"Token is not from a supported provider of this identity poo

我正在为我的iOS应用程序实施注册和登录,以该项目为例:

以前,我的应用程序能够使用在我的AppDelegate的
didFinishLaunchingWithOptions
方法中设置的凭据提供程序访问DynamoDB资源。但是,在将我的项目更改为包含登录和类似示例的功能后,我看到了错误:

"__type":"NotAuthorizedException","message":"Token is not from a supported provider of this identity pool."
AppDelegate中设置
credentialsProvider
的代码当前如下所示:

let serviceConfiguration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: nil)
    let userPoolConfiguration = AWSCognitoIdentityUserPoolConfiguration(clientId:APP_CLIENT_ID, clientSecret: APP_CLIENT_SECRET, poolId: USER_POOL_ID)
    AWSCognitoIdentityUserPool.registerCognitoIdentityUserPoolWithConfiguration(serviceConfiguration, userPoolConfiguration: userPoolConfiguration, forKey: USER_POOL_NAME)
    let pool = AWSCognitoIdentityUserPool(forKey:USER_POOL_NAME)
    pool.delegate = self
    self.storyboard = UIStoryboard(name: "Main", bundle: nil)
    let credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager:pool)
    let configuration = AWSServiceConfiguration(region:.USEast1, credentialsProvider:credentialsProvider)

let serviceConfiguration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: nil)
    let userPoolConfiguration = AWSCognitoIdentityUserPoolConfiguration(clientId:APP_CLIENT_ID, clientSecret: APP_CLIENT_SECRET, poolId: USER_POOL_ID)
    AWSCognitoIdentityUserPool.registerCognitoIdentityUserPoolWithConfiguration(serviceConfiguration, userPoolConfiguration: userPoolConfiguration, forKey: USER_POOL_NAME)
    let pool = AWSCognitoIdentityUserPool(forKey:USER_POOL_NAME)
    pool.delegate = self
    self.storyboard = UIStoryboard(name: "Main", bundle: nil)
    self.credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager:pool)
    let manager = IdentityProviderManager(tokens: [NSString:NSString]())
    self.credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager: manager)
    let configuration = AWSServiceConfiguration(region:.USEast1, credentialsProvider:credentialsProvider!)
    AWSServiceManager.defaultServiceManager().defaultServiceConfiguration = configuration

if locked { return }
    trimRegistrationValues()
    let name = usernameField.text!
    let user = pool!.getUser(name)
    lock()
    user.getSession(name, password: passwordField.text!, validationData: nil, scopes: nil).continueWithExecutor(AWSExecutor.mainThreadExecutor(), withBlock: {
        (task:AWSTask!) -> AnyObject! in

        if task.error != nil {
            self.sendErrorPopup("ERROR: Unable to sign in. Error description: " + task.error!.description)
        } else {
            print("Successful Login")

            let loginKey = "cognito-idp.us-east-1.amazonaws.com/" + USER_POOL_ID
            var logins = [NSString : NSString]()
            self.credentialsProvider!.identityProvider.logins().continueWithBlock { (task: AWSTask!) -> AnyObject! in

                if (task.error != nil) {
                    print("ERROR: Unable to get logins. Description: " + task.error!.description)

                } else {
                    if task.result != nil{
                        let prevLogins = task.result as! [NSString:NSString]
                        print("Previous logins: " + String(prevLogins))
                        logins = prevLogins
                    }
                    logins[loginKey] = name
                    let manager = IdentityProviderManager(tokens: logins)
                    self.credentialsProvider!.setIdentityProviderManagerOnce(manager)
                    self.credentialsProvider!.getIdentityId().continueWithBlock { (task: AWSTask!) -> AnyObject! in

                        if (task.error != nil) {
                            print("ERROR: Unable to get ID. Error description: " + task.error!.description)

                        } else {
                            print("Signed in user with the following ID:")
                            print(task.result)
                            dispatch_async(dispatch_get_main_queue()){
                                self.performSegueWithIdentifier("mainViewControllerSegue", sender: self)
                            }
                        }
                        return nil
                    }
                }
                return nil
            }
        }
        self.unlock()
        return nil
    })
我也无法通过我的应用程序访问任何DynamoDB数据

根据控制台输出,注册过程似乎正常工作,尽管我不确定登录过程。我突然想到,我已经将存储DynamoDB资源的EU-West-1区域改为US-East-1区域。为了解释这一变化,我重复了最初允许我的应用程序访问DynamoDB的相同步骤:

  • 我创建了Auth和Unauth角色,这两个角色都可以访问与以前工作过的角色相同的操作,但是可以使用EU-West-1资源
  • 我将这些角色设置为在“未验证角色”和“已验证角色”下设置注册时创建的用户池
如果有不同,我应该注意,我没有使用我链接的示例项目中概述的完全相同的登录过程。相反,我使用了显式登录过程,如下所示:

    let name = usernameField.text!
    let user = pool!.getUser(name)
    lock()
    user.getSession(name, password: passwordField.text!, validationData: nil, scopes: nil).continueWithExecutor(AWSExecutor.mainThreadExecutor(), withBlock: {
        (task:AWSTask!) -> AnyObject! in
        if task.error != nil {
            self.sendErrorPopup("ERROR: Unable to sign in. Error description: " + task.error!.description)
        } else {
            print("Successful Login")
            dispatch_async(dispatch_get_main_queue()){
                self.performSegueWithIdentifier("mainViewControllerSegue", sender: self)
            }
        }
        self.unlock()
        return nil
    })
方法
lock()
unlock()
senderropopup()
都是我创建的与UI严格相关的方法,这样登录过程的开始和结束在视觉上会更加清晰。控制台输出总是显示“successfulllogin”,但我想知道这段代码是否真的正确登录了用户,因为错误消息听起来似乎用户可能没有得到正确授权

我突然想到,美国西部的表格可能设置不正确,但即使在尝试创建新表格时,我也会遇到同样的问题,因此我认为这不是问题所在。在允许用户访问DynamoDB方面,我是否错过了一些步骤?AWS Cognito的新测试版用户池系统是否改变了流程

编辑2:

我修复了前一个问题,有一段时间,我的应用程序运行良好。但是,当我登录时,它突然停止加载DynamoDB数据,并显示错误消息:
无效登录令牌。无法传入Cognito令牌。
当前,我的
AppData
代码如下所示:

let serviceConfiguration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: nil)
    let userPoolConfiguration = AWSCognitoIdentityUserPoolConfiguration(clientId:APP_CLIENT_ID, clientSecret: APP_CLIENT_SECRET, poolId: USER_POOL_ID)
    AWSCognitoIdentityUserPool.registerCognitoIdentityUserPoolWithConfiguration(serviceConfiguration, userPoolConfiguration: userPoolConfiguration, forKey: USER_POOL_NAME)
    let pool = AWSCognitoIdentityUserPool(forKey:USER_POOL_NAME)
    pool.delegate = self
    self.storyboard = UIStoryboard(name: "Main", bundle: nil)
    let credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager:pool)
    let configuration = AWSServiceConfiguration(region:.USEast1, credentialsProvider:credentialsProvider)

let serviceConfiguration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: nil)
    let userPoolConfiguration = AWSCognitoIdentityUserPoolConfiguration(clientId:APP_CLIENT_ID, clientSecret: APP_CLIENT_SECRET, poolId: USER_POOL_ID)
    AWSCognitoIdentityUserPool.registerCognitoIdentityUserPoolWithConfiguration(serviceConfiguration, userPoolConfiguration: userPoolConfiguration, forKey: USER_POOL_NAME)
    let pool = AWSCognitoIdentityUserPool(forKey:USER_POOL_NAME)
    pool.delegate = self
    self.storyboard = UIStoryboard(name: "Main", bundle: nil)
    self.credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager:pool)
    let manager = IdentityProviderManager(tokens: [NSString:NSString]())
    self.credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager: manager)
    let configuration = AWSServiceConfiguration(region:.USEast1, credentialsProvider:credentialsProvider!)
    AWSServiceManager.defaultServiceManager().defaultServiceConfiguration = configuration

if locked { return }
    trimRegistrationValues()
    let name = usernameField.text!
    let user = pool!.getUser(name)
    lock()
    user.getSession(name, password: passwordField.text!, validationData: nil, scopes: nil).continueWithExecutor(AWSExecutor.mainThreadExecutor(), withBlock: {
        (task:AWSTask!) -> AnyObject! in

        if task.error != nil {
            self.sendErrorPopup("ERROR: Unable to sign in. Error description: " + task.error!.description)
        } else {
            print("Successful Login")

            let loginKey = "cognito-idp.us-east-1.amazonaws.com/" + USER_POOL_ID
            var logins = [NSString : NSString]()
            self.credentialsProvider!.identityProvider.logins().continueWithBlock { (task: AWSTask!) -> AnyObject! in

                if (task.error != nil) {
                    print("ERROR: Unable to get logins. Description: " + task.error!.description)

                } else {
                    if task.result != nil{
                        let prevLogins = task.result as! [NSString:NSString]
                        print("Previous logins: " + String(prevLogins))
                        logins = prevLogins
                    }
                    logins[loginKey] = name
                    let manager = IdentityProviderManager(tokens: logins)
                    self.credentialsProvider!.setIdentityProviderManagerOnce(manager)
                    self.credentialsProvider!.getIdentityId().continueWithBlock { (task: AWSTask!) -> AnyObject! in

                        if (task.error != nil) {
                            print("ERROR: Unable to get ID. Error description: " + task.error!.description)

                        } else {
                            print("Signed in user with the following ID:")
                            print(task.result)
                            dispatch_async(dispatch_get_main_queue()){
                                self.performSegueWithIdentifier("mainViewControllerSegue", sender: self)
                            }
                        }
                        return nil
                    }
                }
                return nil
            }
        }
        self.unlock()
        return nil
    })
…我的登录代码如下所示:

let serviceConfiguration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: nil)
    let userPoolConfiguration = AWSCognitoIdentityUserPoolConfiguration(clientId:APP_CLIENT_ID, clientSecret: APP_CLIENT_SECRET, poolId: USER_POOL_ID)
    AWSCognitoIdentityUserPool.registerCognitoIdentityUserPoolWithConfiguration(serviceConfiguration, userPoolConfiguration: userPoolConfiguration, forKey: USER_POOL_NAME)
    let pool = AWSCognitoIdentityUserPool(forKey:USER_POOL_NAME)
    pool.delegate = self
    self.storyboard = UIStoryboard(name: "Main", bundle: nil)
    let credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager:pool)
    let configuration = AWSServiceConfiguration(region:.USEast1, credentialsProvider:credentialsProvider)

let serviceConfiguration = AWSServiceConfiguration(region: .USEast1, credentialsProvider: nil)
    let userPoolConfiguration = AWSCognitoIdentityUserPoolConfiguration(clientId:APP_CLIENT_ID, clientSecret: APP_CLIENT_SECRET, poolId: USER_POOL_ID)
    AWSCognitoIdentityUserPool.registerCognitoIdentityUserPoolWithConfiguration(serviceConfiguration, userPoolConfiguration: userPoolConfiguration, forKey: USER_POOL_NAME)
    let pool = AWSCognitoIdentityUserPool(forKey:USER_POOL_NAME)
    pool.delegate = self
    self.storyboard = UIStoryboard(name: "Main", bundle: nil)
    self.credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager:pool)
    let manager = IdentityProviderManager(tokens: [NSString:NSString]())
    self.credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USEast1, identityPoolId: IDENTITY_POOL_ID, identityProviderManager: manager)
    let configuration = AWSServiceConfiguration(region:.USEast1, credentialsProvider:credentialsProvider!)
    AWSServiceManager.defaultServiceManager().defaultServiceConfiguration = configuration

if locked { return }
    trimRegistrationValues()
    let name = usernameField.text!
    let user = pool!.getUser(name)
    lock()
    user.getSession(name, password: passwordField.text!, validationData: nil, scopes: nil).continueWithExecutor(AWSExecutor.mainThreadExecutor(), withBlock: {
        (task:AWSTask!) -> AnyObject! in

        if task.error != nil {
            self.sendErrorPopup("ERROR: Unable to sign in. Error description: " + task.error!.description)
        } else {
            print("Successful Login")

            let loginKey = "cognito-idp.us-east-1.amazonaws.com/" + USER_POOL_ID
            var logins = [NSString : NSString]()
            self.credentialsProvider!.identityProvider.logins().continueWithBlock { (task: AWSTask!) -> AnyObject! in

                if (task.error != nil) {
                    print("ERROR: Unable to get logins. Description: " + task.error!.description)

                } else {
                    if task.result != nil{
                        let prevLogins = task.result as! [NSString:NSString]
                        print("Previous logins: " + String(prevLogins))
                        logins = prevLogins
                    }
                    logins[loginKey] = name
                    let manager = IdentityProviderManager(tokens: logins)
                    self.credentialsProvider!.setIdentityProviderManagerOnce(manager)
                    self.credentialsProvider!.getIdentityId().continueWithBlock { (task: AWSTask!) -> AnyObject! in

                        if (task.error != nil) {
                            print("ERROR: Unable to get ID. Error description: " + task.error!.description)

                        } else {
                            print("Signed in user with the following ID:")
                            print(task.result)
                            dispatch_async(dispatch_get_main_queue()){
                                self.performSegueWithIdentifier("mainViewControllerSegue", sender: self)
                            }
                        }
                        return nil
                    }
                }
                return nil
            }
        }
        self.unlock()
        return nil
    })
在我的应用程序运行和不运行之间,我没有做任何改变。在测试密码重置功能时,我确实导致了“密码重置次数过多”错误,但即使在我的应用程序上创建了一个新的用户帐户时,问题仍然存在,因此我认为这不是原因。我是否正确处理登录?如果是这样的话,我应该在哪里寻找这个问题的其他可能原因呢?

如果您已经给了Cognito一个登录名,但是还没有启用您的身份池来使用该登录名提供者,那么通常会引发该异常。如果没有,请转到Cognito Federated Identifications控制台并打开您尝试使用的任何提供者(看起来像用户池),这个错误应该会消失

如果你确定你已经设置好了,你能给出一个如何设置登录名的代码片段吗?

如果你已经给Cognito一个登录名,但是没有启用你的身份池来使用该登录名提供者,那么通常会引发异常。如果没有,请转到Cognito Federated Identifications控制台并打开您尝试使用的任何提供者(看起来像用户池),这个错误应该会消失

如果你确定你已经设置好了,你能给出一个你如何设置登录的代码片段吗?

在登录中设置ID令牌的密钥应该是
cognito idp..amazonaws.com/
格式,而不是你的用户名。在您发布的开发指南的链接中,应该解释您需要的步骤和代码

对于不推荐使用的登录字典的解决方案,您需要使用来创建凭据提供程序。此处的identityProviderManager应该是的实现,logins方法应该返回提供者名称到令牌的字典映射。凭据提供程序将在每次需要标识提供程序令牌时调用此方法。查看更多详细信息。

您在登录中设置ID令牌的密钥的格式应为
cognito idp..amazonaws.com/
而不是您的用户名。在您发布的开发指南的链接中,应该解释您需要的步骤和代码

对于不推荐使用的登录字典的解决方案,您需要使用来创建凭据提供程序。此处的identityProviderManager应该是的实现,logins方法应该返回提供者名称到令牌的字典映射。凭据提供程序将在每次需要标识提供程序令牌时调用此方法。查看更多详细信息。

我编辑了我的帖子,以反映我所做的一些更改。本质上,我找到了更多的代码示例,但它们似乎与我最初使用的代码示例大不相同,因此我尝试按照我在本示例中看到的方式设置登录名:我的编辑显示了我设置登录名的方式,但我遇到了一个新的错误,应用程序挂起。这篇文章使我免于发飙。非常感谢。请记住将您的应用程序id添加到用户池和联合身份!我编辑了我的文章以反映我所做的一些改变。本质上,我找到了更多的代码示例,但它们似乎与我最初使用的代码示例大不相同,因此我尝试按照我在本示例中看到的方式设置登录名:我的编辑显示了我设置登录名的方式,但我遇到了一个新的错误,应用程序挂起。这篇文章使我免于发飙。非常感谢。