Javascript 使用AWS Cognito,在给定禁用的未经身份验证的标识ID的情况下,我可以解析经过身份验证的标识ID吗?
我有一个JavaScript web应用程序,它支持Cognito未经验证的身份。我正在尝试找出如何为Javascript 使用AWS Cognito,在给定禁用的未经身份验证的标识ID的情况下,我可以解析经过身份验证的标识ID吗?,javascript,amazon-web-services,authentication,amazon-cognito,Javascript,Amazon Web Services,Authentication,Amazon Cognito,我有一个JavaScript web应用程序,它支持Cognito未经验证的身份。我正在尝试找出如何为禁用的未经身份验证的标识标识识别链接的身份验证标识 let unathenticatedIdentityId; const AWS = require('aws-sdk'); AWS.config.region = region; AWS.config.credentials = new AWS.CognitoIdentityCredentials({ IdentityPoolId }
禁用的未经身份验证的标识标识识别链接的身份验证标识
let unathenticatedIdentityId;
const AWS = require('aws-sdk');
AWS.config.region = region;
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId
});
AWS.config.credentials.get(err => {
unathenticatedIdentityId = AWS.config.credentials.identityId;
});
let authenticatedIdentityId;
const { CognitoUserPool, CognitoUser, AuthenticationDetails } = require('amazon-cognito-identity-js');
const Pool = new CognitoUserPool({
UserPoolId,
ClientId,
});
const authDetails = new AuthenticationDetails({
Username,
Password,
});
const user = new CognitoUser({
Pool,
Username,
});
user.authenticateUser(authDetails, {
onSuccess: (session) => {
AWS.config.credentials.params.Logins = {
[PoolProviderName]: session.idToken.jwtToken,
};
AWS.config.credentials.expired = true;
AWS.config.credentials.refresh(err => {
authenticatedIdentityId = AWS.config.credentials.identityId;
});
},
});
首先,未经身份验证的用户将通过AWS.config.credentials.get
获得一个标识ID。内部CognitoIdentityCredentials
用于生成新的未经验证的标识ID
let unathenticatedIdentityId;
const AWS = require('aws-sdk');
AWS.config.region = region;
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId
});
AWS.config.credentials.get(err => {
unathenticatedIdentityId = AWS.config.credentials.identityId;
});
let authenticatedIdentityId;
const { CognitoUserPool, CognitoUser, AuthenticationDetails } = require('amazon-cognito-identity-js');
const Pool = new CognitoUserPool({
UserPoolId,
ClientId,
});
const authDetails = new AuthenticationDetails({
Username,
Password,
});
const user = new CognitoUser({
Pool,
Username,
});
user.authenticateUser(authDetails, {
onSuccess: (session) => {
AWS.config.credentials.params.Logins = {
[PoolProviderName]: session.idToken.jwtToken,
};
AWS.config.credentials.expired = true;
AWS.config.credentials.refresh(err => {
authenticatedIdentityId = AWS.config.credentials.identityId;
});
},
});
然后,我们的用户通过amazoncognito identity js
向Cognito用户池进行身份验证,未经身份验证的IdentityId将更改为与其Cognito登录相关联的身份验证IdentityId。未经身份验证的标识ID将自动标记为已禁用
,并在内部链接到经身份验证的标识ID
let unathenticatedIdentityId;
const AWS = require('aws-sdk');
AWS.config.region = region;
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId
});
AWS.config.credentials.get(err => {
unathenticatedIdentityId = AWS.config.credentials.identityId;
});
let authenticatedIdentityId;
const { CognitoUserPool, CognitoUser, AuthenticationDetails } = require('amazon-cognito-identity-js');
const Pool = new CognitoUserPool({
UserPoolId,
ClientId,
});
const authDetails = new AuthenticationDetails({
Username,
Password,
});
const user = new CognitoUser({
Pool,
Username,
});
user.authenticateUser(authDetails, {
onSuccess: (session) => {
AWS.config.credentials.params.Logins = {
[PoolProviderName]: session.idToken.jwtToken,
};
AWS.config.credentials.expired = true;
AWS.config.credentials.refresh(err => {
authenticatedIdentityId = AWS.config.credentials.identityId;
});
},
});
我有unauthenticatedIdentityId
和authenticatedIdentityId
的值,但我在AWS Cognito API中看不到一种方法来解决禁用的未经身份验证的身份ID
已链接到authenticatedIdentityId
。相反,我看不到一种方法来识别哪些标识已链接到authenticatedIdentityId
。API将告诉我,unauthenticatedIdentityId
已禁用并且它没有登录
,但它不指向链接的authenticatedIdentityId
我如何在仅链接/禁用的未经身份验证的身份id的值的情况下解析该值已验证身份id
?我有一个应用程序,它使用AWS Cognito获取身份id,然后可能对其进行身份验证。这种情况是,客户端首先以未经身份验证(guest)的身份使用应用程序,然后使用Facebook登录,使他/她成为经过身份验证的用户,AWS会为经过身份验证的用户保留给定的身份ID,因为他是新用户。现在,问题来了,当你从应用程序中注销,而其他人想将此应用程序作为未经验证或甚至已验证的应用程序使用时。Cognito将错误地指出,对身份ID的访问是被禁止的,因为它已经链接到以前用户的Facebook帐户
Cognito移动SDK有一种内置的方法来处理这个问题。它们在使用标识id时缓存标识id,这会导致您看到的问题。当您注销时,您需要清除该缓存。我不确定您使用的是哪个SDK,但在iOS中它是AWSCognitoIdentityProvider.clear()和CognitoCachingCredentialsProvider.clear()。类似地,如果您使用的是Cognito Sync,则该客户端中有一个方法将擦除缓存的id和同步数据
也看看
希望您也关注我感谢您抽出时间回答,但这并不能回答我的问题。我的问题是关于用户何时已经拥有帐户,但正在从未经验证的设备访问应用程序。当他们最终通过身份验证时,分配的IdentityId
将发生变化,未经身份验证的IdentityId
将被标记为禁用
。我不确定如何找出哪个经过身份验证的IdentityId
导致未经身份验证的IdentityId
被禁用。