Soo*_*L V 3 amazon-cognito aws-amplify
Cognito '/oauth2/token' 端点不返回 PKCE 授权代码授予的 'id_token',即使文档说它将返回(链接)。它也应该返回 id_token。这是正常现象还是我需要进行更多配置?如果有帮助的话,我已经在下面添加了我打开的 git Issue 的内容(Issue 7393)
重现 重现该行为的步骤:
预期行为 它还应该返回 id_token
代码片段
import React, {useEffect, useState} from 'react';
import { Amplify, Auth, Hub } from 'aws-amplify';
import {AmplifyConfig} from '../../config/amplifyConfig';
Amplify.configure({
Auth: AmplifyConfig.auth
});
const AuthorizePage = (props: any) => {
const [user, setUser] = useState(null);
useEffect(() => {
Hub.listen('auth', ({ payload: { event, data } }) => {
switch (event) {
case 'signIn':
case 'cognitoHostedUI':
getUser().then(userData => setUser(userData));
break;
case 'signOut':
setUser(null);
break;
case 'signIn_failure':
case 'cognitoHostedUI_failure':
console.log('Sign in failure', data);
break;
}
});
getUser().then(userData => setUser(userData));
}, []);
function getUser() {
return Auth.currentAuthenticatedUser()
.then(userData => userData)
.catch(() => console.log('Not signed in'));
}
return (
<div className="menu-card-filter--items" data-id="aperitif">
<span>
Authorizing
</span>
</div>
)
}
export default AuthorizePage;
截图
配置了什么?
Auth: {
mandatorySignIn: true,
region: "******-*",
userPoolId: "**-******-*_*******",
userPoolWebClientId: "**********************",
oauth: {
domain: "**********************.amazoncognito.com",
scope: [
"phone",
"email",
"profile",
],
redirectSignIn: "http://localhost:3000/authorize",
redirectSignOut: "http://localhost:3000/logout",
responseType: "code"
}
}
将“openid”范围添加到身份验证配置中的范围列表中。
openid 范围返回 ID 令牌中客户端可读的所有用户属性。如果客户端未请求 openid 范围,则不会返回 ID 令牌。
https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-idp-settings.html此处
| 归档时间: |
|
| 查看次数: |
2557 次 |
| 最近记录: |