我有一个使用 Amplify Auth 的 Android 应用程序。我可以使用访客访问和密钥,但不能使用会话令牌。Postman 在使用临时凭证时需要会话令牌。
根据Amplify 文档,我使用此代码来获取密钥:
Amplify.Auth.fetchAuthSession(
result -> {
Log.i(TAG, "inside getGuestCredentials()...result....." + result.toString());
AWSCognitoAuthSession cognitoAuthSession = (AWSCognitoAuthSession) result;
Log.i(TAG, "Is user signed in: " + cognitoAuthSession.isSignedIn());
switch (cognitoAuthSession.getIdentityId().getType()) {
case SUCCESS:
Log.i(TAG, "Guest IdentityId: " + cognitoAuthSession.getIdentityId().getValue());
Log.i(TAG, "Guest access key: " + cognitoAuthSession.getAWSCredentials().getValue().getAWSAccessKeyId());
Log.i(TAG, "Guest secret key: " + cognitoAuthSession.getAWSCredentials().getValue().getAWSSecretKey());
String sessionToken = ((AWSSessionCredentials) mobileClient.getCredentials()).getSessionToken();
Log.i(TAG, "Guest sessionToken: " + sessionToken);
break;
case FAILURE:
Log.i(TAG, "failure Guest IdentityId not present because: " + cognitoAuthSession.getIdentityId().getError().toString());
break;
default:
Log.i(TAG, "default guest session: " + cognitoAuthSession.toString());
break;
}
},
error -> Log.i(TAG, error.toString())
);
然后我使用一个实例AWSMobileClient(我使用逃生舱口获得)来获取会话令牌。
这工作了一段时间,但突然我开始收到这个 403 消息:
“消息”:“用户:arn:aws:sts::xxxxxx:assumed-role/amplify-xxxxxx-unauthRole/CognitoIdentityCredentials 无权执行:execute-api:Invoke on resource:arn:aws:execute-api:xxxxxyyyyyyzzzz "
如何获取会话令牌?