AWS - nodejs SDK - CognitoIdentityServiceProvider.initiateAuth - CredentialsError:配置中缺少凭据
Jar*_*ice 5 amazon-web-services node.js aws-cognito
我正在尝试使用带有用户池的AWS Cognito通过我的API进行身份验证.我有一个通过AWS Cognito用户池创建的用户,我正在尝试使用该用户登录.
我得到的错误是CredentialsError: Missing credentials in config.特别是它告诉我,我需要一个IdentityPoolId.但我似乎无法IdentityPoolId在我的AWS控制台中找到它.在哪里,我从我的用户池得到这个?我看到的只是一个Pool id和一个Pool ARN.
相关源代码:
var aws = require('aws-sdk');
aws.config.update({
region: 'us-east-1',
credentials: new aws.CognitoIdentityCredentials({
IdentityPoolId: '???'
})
});
var authUser = function(params, callback)
{
if (!params || !params.Email || !params._password)
{
callback(new Error('Invalid parameters.'));
return false;
}
var cognito = new aws.CognitoIdentityServiceProvider();
var authParams = {
AuthFlow: 'USER_SRP_AUTH', // not sure what this means...
ClientId: conf.AWSConfig.ClientId,
AuthParameters: {
Username: params.Email,
Password: params._password
}
};
cognito.initiateAuth(authParams, function(err, data)
{
if (err)
{
console.log('Error details: ' + util.inspect(err));
callback(err);
return false;
}
callback(null, {success: true, data: data});
});
}
对于authParams对象,我不确定AuthFlow应该是什么.看看http://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/CognitoIdentityServiceProvider.html#initiateAuth-property看起来就像USER_SRP_AUTH我应该使用的那样.
编辑:
我相信我可能已经找到了我的地方IdentityPoolId.我查看了我的Federated Identities部分,并在编辑身份池时添加了相应User Pool的Authentication Providers部分.
我相关Authentication Provider的Cognito到,我创建通过输入我的用户群User Pool ID,并App Client ID为该用户池.现在使用相同的代码,Identity pool ID我收到错误CredentialsError: Missing credentials in config.它说Unauthorized access is not supported for this identity pool.好的......我正在尝试授权用户......我是否需要创建一个未经身份验证的角色,以便用户可以在未经过身份验证时进行身份验证?如果这就是我需要做的事,这似乎很愚蠢.
编辑2:
我还要指出的是,我能够登录并获得一个AccessToken以及一个IdToken和RefreshToken使用JavaScript SDK(没有的NodeJS).我没有需要这样做IdentityPoolId.我需要的唯一东西是a UserPoolId和a ClientId.
var authenticateUser = function(onSuccessCallback)
{
var authData = {
Username: getUserName(), // gets username from an html text field
Password: getPassword() // gets password from an html password field
};
var authDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authData);
var cognitoUser = getCognitoUser();
cognitoUser.authenticateUser(authDetails,
{
onSuccess: function(result)
{
console.log('access token: ' + result.getAccessToken().getJwtToken());
console.log('idToken: ' + result.idToken.jwtToken);
console.log(result);
if (onSuccessCallback && typeof(onSuccessCallback) == 'function')
{
onSuccessCallback(cognitoUser);
}
},
onFailure: function(err)
{
// UserNotConfirmedException: User is not confirmed.
console.log('authError');
alert(err);
}
});
}
事实证明,这initiateAuth根本不是我想做的。我还缺少一个名为amazon-cognito-identity-js. 安装后,我更新了我的代码,如下所示:
var authUser = function(params, callback)
{
if (!params || !params.Email || !params._password)
{
callback(new Error('Invalid parameters.'));
return false;
}
var poolData = {
UserPoolId: conf.AWSConfig.UserPoolId,
ClientId: conf.AWSConfig.ClientId
};
var userPool = new aws.CognitoIdentityServiceProvider.CognitoUserPool(poolData);
var authData = {
Username: params.Email,
Password: params._password
};
var authDetails = new aws.CognitoIdentityServiceProvider.AuthenticationDetails(authData);
var userData = {
Username: params.Email,
Pool: userPool
};
var cognitoUser = new aws.CognitoIdentityServiceProvider.CognitoUser(userData);
cognitoUser.authenticateUser(authDetails, {
onSuccess: function(result)
{
callback(null, {success: true, data: result});
},
onFailure: function(err)
{
console.log('authUser error: ' + util.inspect(err));
callback(err);
}
});
}
我现在成功地得到了令牌的响应!万岁!
| 归档时间: |
|
| 查看次数: |
4794 次 |
| 最近记录: |