Java Amazon cognito:未找到标识
我正在进行开发人员身份验证项目。我正在尝试使用下面的代码获取凭据。但它给了我以下错误 我已将IdentityId和令牌从服务器代码手动粘贴到此代码中:Java Amazon cognito:未找到标识,java,android,amazon-web-services,amazon-cognito,Java,Android,Amazon Web Services,Amazon Cognito,我正在进行开发人员身份验证项目。我正在尝试使用下面的代码获取凭据。但它给了我以下错误 我已将IdentityId和令牌从服务器代码手动粘贴到此代码中: Caused by: com.amazonaws.services.cognitoidentity.model.ResourceNotFoundException: Identity 'ap-northeast-1:fe81cd76-e9d4-4416-99ea-b684b78743c8' not found. (Service: Ama
Caused by: com.amazonaws.services.cognitoidentity.model.ResourceNotFoundException: Identity 'ap-northeast-1:fe81cd76-e9d4-4416-99ea-b684b78743c8' not found. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: ResourceNotFoundException; Request ID: 2ac65fe8-d41a-11e5-8674-677eefdb5331)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:709)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:385)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:196)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:533)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getCredentialsForIdentity(AmazonCognitoIdentityClient.java:406)
at com.example.sandesh.aws.MainActivity$network.doInBackground(MainActivity.java:101)
at com.example.sandesh.aws.MainActivity$network.doInBackground(MainActivity.java:52)
at android.os.AsyncTask$2.call(AsyncTask.java:292)
这是我的代码:MainActivity.java
public class MainActivity extends AppCompatActivity {
Button button;
protected static CognitoCachingCredentialsProvider credentialsProvider = null;
private GetCredentialsForIdentityResult credentialsForIdentityResult;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
button = (Button)findViewById(R.id.button);
button.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
network net = new network();
net.execute();
}
});
}
public class network extends AsyncTask<Void,Void,String>{
@Override
protected void onPreExecute() {
super.onPreExecute();
}
@Override
protected String doInBackground(Void... params) {
Authentication developerProvider = new Authentication(
null,
"ap-northeast-1:XXXXXXXXXXXXXXXXXX",
Regions.AP_NORTHEAST_1);
CognitoCachingCredentialsProvider credentialsProvider = new CognitoCachingCredentialsProvider(
getApplicationContext(),
developerProvider,
Regions.AP_NORTHEAST_1);
HashMap<String, String> loginsMap = new HashMap<String, String>();
loginsMap.put(developerProvider.getProviderName(), "7386372772");
credentialsProvider.setLogins(loginsMap);
credentialsProvider.refresh();
GetCredentialsForIdentityRequest credentialsForIdentityRequest = new GetCredentialsForIdentityRequest();
credentialsForIdentityRequest.setIdentityId(developerProvider.getIdentityId());
credentialsForIdentityRequest.setLogins(loginsMap);
AmazonCognitoIdentityClient cognitoIdentityClient = new AmazonCognitoIdentityClient(credentialsProvider);
credentialsForIdentityResult = cognitoIdentityClient.getCredentialsForIdentity(credentialsForIdentityRequest);
Log.d("access_key",credentialsForIdentityResult.getCredentials().getAccessKeyId());
return credentialsForIdentityResult.getCredentials().getAccessKeyId();
}
@Override
protected void onPostExecute(String s) {
super.onPostExecute(s);
}
}}
我曾在PHP中尝试过它,在那里我执行了getOpenIdTokenForDeveloperIdentity、stsClient和AssumerRoleWithWebIdentity,以获得凭证,效果非常好。先谢谢你 当使用开发人员身份验证身份时,调用的登录映射应该使用“cognito identity.amazonaws.com”作为密钥,而不是开发人员提供者名称 另外,您不应该自己调用这个方法,SDK会处理这个问题 更新: 调用getCredentialsForIdentity时,在登录映射中,当键为“cognito identity.amazonaws.com”时,该值应该是调用GetOpenIdTokenForDeveloperIdentity后从后端获得的令牌。您不需要获取用于执行AWS操作的凭据,只需使用此凭据提供程序初始化AWS服务客户端,就可以了。(1)在您的应用程序中,您不需要调用GetCredentialsForIdentity,凭据提供程序会为您完成所有这些操作。(并确保传入正确的参数)。
-->您可以通过调用另一个需要凭据的服务(例如S3)来测试您是否正在获取凭据
-->另一个选项是调用凭据提供程序上的getCredentials(),并验证是否未引发异常 (2) 在Authentication.java中,刷新时,您似乎正在使用硬编码令牌?这可能已过期,您应该确保获得新的。(如果您只是测试应用程序端,请确保您硬编码了一个新的) (3) 在Authentication.java的refresh中,您似乎正在使用空令牌调用update
(4) 还要确保您正在使用的硬编码身份的令牌。(同样,只有在进行测试时才应该硬编码)。知道它为什么会显示错误吗?手动调用GetCredentialsForIdentity的用例是什么?凭据提供程序将为您执行此操作。实际上,您所做的refresh()调用已经完成了。您应该能够将凭据提供程序传递到所需的客户端。这是失败的调用吗?您是说在这一行cognitoIdentityClient.GetCredentialsForIdentity(credentialsForIdentityRequest)中调用GetCredentialsForIdentity;如果是,那么如何从上面的代码中从CognitoIdentity客户端检索这些凭据?上面的loginmap应该类似于loginsMap.put(“cognito identity.amazonaws.com”,“7386372772”);正确的?同样在AwsAbstractCognitodeveloperEntityProvider类中,我是否需要将我的开发人员名称“login.bluspinch.app”?正如您所建议的,我已经尝试提供cognito-identity.amazonaws.com作为登录的密钥。说您提供的令牌不正确是错误的。我尝试在我创建的cognito中使用providername。并没有尝试打印凭证,而是将凭证传递给s3客户端,并尝试将文件上载到s3。令人惊讶的是,它成功了。文件已上载。我真的不知道该怎么理解这件事。请帮助您是否从后端提供了正确的令牌(通过调用GetOpenIdTokenForDeveloperIdentity获得)?另外,如果您有requestId,我可以深入挖掘。对于它工作时的情况,您能否检查它是否创建了经过身份验证或未经身份验证的身份?您可以检查这是Amazon Cognito控制台。我确信我提供了正确的令牌。它正在创建经过身份验证的身份。我在AWS控制台上查过了
public class Authentication extends AWSAbstractCognitoDeveloperIdentityProvider {
private static final String PROVIDERNAME = "login.blupinch.app";
public String response = " ";
String line = " ";
public Authentication(String accountId, String identityPoolId, Regions region) {
super(accountId, identityPoolId, region);
}
@Override
public String getProviderName() {
return PROVIDERNAME;
}
public String refresh() {
setToken(null);
if (getProviderName() != null &&
!this.loginsMap.isEmpty() &&
this.loginsMap.containsKey(getProviderName())) {
update(identityId, token);
return "eyJraWQiOiJhcC1ub3J0aGVhc3QtMTEiLCJ0eXAiOiJKV1MiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJhcC1ub3J0aGVhc3QtMTpmZTgxY2Q3Ni1lOWQ0LTQ0MTYtOTllYS1iNjg0Yjc4NzQzYzgiLCJhdWQiOiJhcC1ub3J0aGVhc3QtMTphODcxZmE1Zi0yM2EyLTQ4MGQtYmFhNi1iNGVkMzE0MzcyNDQilCJhbXIiOlsiYXV0aGVudGljYXRlZCIsImxvZ2luLmJsdXBpbmNoLmFwcCIsImxvZ2luLmJsdXBpbmNoLmFwcDphcC1ub3J0aGVhc3QtMTphODcxZmE1Zi0yM2EyLTQ4MGQtYmFhNi1iNGVkMzE0MzcyNDQ6NzM4NjM3Mjg3MiJdLCJpc3MiOiJodHRwczovL2NvZ25pdG8taWRlbnRpdHkuYW1hem9uYXdzLmNvbSIsImV4cCI6MTQ1NTU5NTM5NywiaWF0IjoxNDU1NTU5Mzk3fQ.fHHH6aeCn5EaJGxGD6tw7bWyQpPHuYcW8SZLRGVn-3cbamJrWEPmUnNvcLJ-D6nL8AvMQy7-s1LGQ5MNaiuIH7QF6W8aWt2OMALmA_Y7eqpGQ6iQXVma_jTZSpiyBe2cPNggWgeslPtFxomwE90vW0rzS1sY3D5Y3UbnrIHNdiPKIzzP9JaQo1IsTJMKEpQM-jzWP6stV1radDuIzWQroBVQseOQSD-MXV_-cgWWSx0eQmtFbjJW6RP_nACgh0uTbGmMuOi2iKXKQAdGlYWO-PHlShbiHT-WLQoZNWuh95Hh9dMldv-mNdnYSblqYyqptLA3kObioI08XXkTqwaaAw";
} else {
this.getIdentityId();
return null;
}
}
public String getIdentityId() {
identityId = "ap-northeast-1:XXXXXXXXXXXXXXXXXXXXXXXX";
if (identityId == null) {
if (getProviderName() != null && !this.loginsMap.isEmpty()
&& this.loginsMap.containsKey(getProviderName())) {
update(identityId, token);
return "ap-northeast-1:XXXXXXXXXXXXXXXXXXXX";
} else {
return super.getIdentityId();
}
} else {
return identityId;
}
}}