如何使用 android 从身份池(联合身份)获取 AWS 凭证

【问题标题】:How to get AWS credentials from Identity Pools (Federated Identities) with android如何使用 android 从身份池(联合身份)获取 AWS 凭证
【发布时间】:2018-06-28 03:40:58
【问题描述】:

我是 AWS Cognito 的新手。

从我的程序中,我想获取 AWS 临时凭证以从 API 网关访问 API 服务,例如 api。我拥有的是“IdentityPoolId”、“IdentityId”和“OpenIdToken”。

当我尝试通过 getCredentialsForIdentity 使用 AWS 凭证进行访问时,我每次都在 onError 方法中得到“Identity 'ap-northeast-1:xxxx' not found.”。请帮我看看我做错了什么?

    Single<GetCredentialsForIdentityResult> primeSingle = Single.fromCallable(MyClass::getResult);

    primeSingle
            .subscribeOn(Schedulers.io())
            .observeOn(AndroidSchedulers.mainThread())
            .subscribe(new SingleObserver<GetCredentialsForIdentityResult>() {
                @Override
                public void onSubscribe(@NonNull Disposable d) {
                }

                @Override
                public void onSuccess(@NonNull GetCredentialsForIdentityResult result) {
                    Credentials credentials = result.getCredentials();
                }

                @Override
                public void onError(@NonNull Throwable e) {
                    Log.d("Test", "onError: " + e.getMessage());
                }
            });

这里是获取凭据结果代码。

private static GetCredentialsForIdentityResult getResult() {
    AmazonCognitoIdentity identityClient = new AmazonCognitoIdentityClient(new AnonymousAWSCredentials());

    Map<String, String> logins = new HashMap<String, String>();
    logins.put("cognito-identity.amazonaws.com", MyClass.OPEN_ID_TOKEN);

    GetCredentialsForIdentityRequest getCredentialsForIdentityRequest =
            new GetCredentialsForIdentityRequest()
            .withIdentityId(MyClass.IDENTITY_ID)  // Not Identity Pool Id
            .withLogins(logins);
    getCredentialsForIdentityRequest.setIdentityId(identityId);
    GetCredentialsForIdentityResult result = identityClient.getCredentialsForIdentity(getCredentialsForIdentityRequest);

    return result;
}

【问题讨论】:

    标签: android amazon-web-services aws-cognito


    【解决方案1】:

    最后,我通过引用 this 获得了 Credentials。

    https://docs.aws.amazon.com/cognito/latest/developerguide/developer-authenticated-identities.html

    提前致谢。

    代码如下:

    public class DeveloperAuthenticationProvider extends AWSAbstractCognitoDeveloperIdentityProvider {

private static final String developerProvider = null;

public DeveloperAuthenticationProvider(String identityPoolId, Regions region) {
    super(null, identityPoolId, region);
    // Initialize any other objects needed here.
}

// Return the developer provider name which you choose while setting up the
// identity pool in the &COG; Console

@Override
public String getProviderName() {
    return developerProvider;
}

// Use the refresh method to communicate with your backend to get an
// identityId and token.

@Override
public String refresh() {

    // Override the existing token
    setToken(null);

    // Get the identityId and token by making a call to your backend
    // (Call to your backend)


    // Call the update method with updated identityId and token to make sure
    // these are ready to be used from Credentials Provider.

    update(identityId, token);
    return token;

}

// If the app has a valid identityId return it, otherwise get a valid
// identityId from your backend.

@Override
public String getIdentityId() {
    // Load the identityId from the cache
    identityId = "ap-northeast-1:xxxx";
    return identityId;
}}

    从一种方法调用上述调用:

    private static AWSSessionCredentials getResult(Context context) {
    DeveloperAuthenticationProvider developerProvider =
            new DeveloperAuthenticationProvider("ap-northeast-1:your_pool_id", Regions.AP_NORTHEAST_1);
    CognitoCachingCredentialsProvider credentialsProvider = new CognitoCachingCredentialsProvider( context, developerProvider, Regions.AP_NORTHEAST_1);
    return credentialsProvider.getCredentials();
}

    并使用 rxjava 获取响应:

    Single<AWSSessionCredentials> primeSingle = Single.fromCallable(() -> getResult(this));

    primeSingle
            .subscribeOn(Schedulers.io())
            .observeOn(AndroidSchedulers.mainThread())
            .subscribe(new SingleObserver<AWSSessionCredentials>() {
                @Override
                public void onSubscribe(@NonNull Disposable d) {

                }

                @Override
                public void onSuccess(@NonNull AWSSessionCredentials result) {
                    String secretKey = result.getAWSSecretKey();
                }

                @Override
                public void onError(@NonNull Throwable e) {
                    Log.d("Test", "onError: " + e.getMessage());
                }
            });

    成功后,可以通过onSuccess方法获取Credentials。

    【讨论】:

    • 虽然此链接可能会回答问题,但最好在此处包含答案的基本部分并提供链接以供参考。如果链接页面发生更改,仅链接答案可能会失效。 - From Review
    • 好的。我会说的。
    猜你喜欢
    • 2018-04-05
    • 2020-12-17
    • 2021-01-05
    • 2018-11-07
    • 2020-04-12
    • 2023-04-03
    • 2020-04-20
    • 2018-02-11
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode