联盟在配置错误时需要用户池或身份池-放大+角度

编程问答 2022-06-12

问题描述

我在查找有关如何将现有用户池与使用Angular进行放大相关联的信息时遇到了麻烦。目前,当我使用Google按钮点击登录时,会出现以下错误

enter image description here

amplify configure CMD没有提供有关.config文件的选项。因此,我不确定如何建立这种关系以使该错误消失。我已经做过amplify init,并且顺利完成了。

如何建立与用户池的连接?

感谢您的帮助!

当我在登录组件中单击Google登录按钮时发生错误

login.component.ts 

async signInWithGoogle(): Promise < void > {
    const socialResult =
        await this.authService.socialSignIn(AuthService.GOOGLE);
    console.log('google Result:',socialResult);
}

auth.service.ts 

import { Injectable } from '@angular/core';
import { Router } from '@angular/router';
import { Subject } from 'rxjs';
import { Amplify } from 'aws-amplify';
import { Observable } from 'rxjs';
import { BehaviorSubject } from 'rxjs';
import {
  CognitoUserPool,CognitoUserAttribute,CognitoUser,AuthenticationDetails,CognitoUserSession
} from 'amazon-cognito-identity-js';
import Auth,{ CognitoHostedUIIdentityProvider } from '@aws-amplify/auth'
import { Hub,ICredentials } from '@aws-amplify/core'
import { User } from './user.model';
import awsconfig from '../aws-exports';
Amplify.configure(awsconfig);
const POOL_DATA = {
  UserPoolId: 'us-east-1_fSgUd7X4m',ClientId: '<my id was here>'
};

const userPool = new CognitoUserPool(POOL_DATA);

@Injectable({ providedIn: "root" })
export class AuthService {
  authIsLoading = new BehaviorSubject<boolean>(false);
  authDidFail = new BehaviorSubject<boolean>(false);
  authStatusChanged = new Subject<boolean>();
  public loggedIn: boolean;

  private _authState: Subject<CognitoUser | any> = new Subject<CognitoUser | any>();
  authState: Observable<CognitoUser | any> = this._authState.asObservable();

  public static SIGN_IN = 'signIn';
  public static SIGN_OUT = 'signOut';
  public static GOOGLE = CognitoHostedUIIdentityProvider.Google;
  registeredUser: CognitoUser;
  constructor(private router: Router) {
  }

  signUp(username: string,email: string,password: string): void {

    this.authIsLoading.next(true);
    const user: User = {
      username: username,email: email,password: password
    };
    const attrList: CognitoUserAttribute[] = [];
    const emailAttribute = {
      Name: 'email',Value: user.email
    };
    attrList.push(new CognitoUserAttribute(emailAttribute));
    userPool.signUp(user.username,user.password,attrList,null,(err,result) => {
      if (err) {
        console.log(err)
        this.authDidFail.next(true);
        this.authIsLoading.next(false);
        return;
      }
      this.authDidFail.next(false);
      this.authIsLoading.next(false);
      this.registeredUser = result.user;
    });
    return;
  }

  confirmUser(username: string,code: string) {
    this.authIsLoading.next(true);
    const userData = {
      Username: username,Pool: userPool
    };
    const cognitUser = new CognitoUser(userData);
    cognitUser.confirmRegistration(code,true,result) => {
      if (err) {
        this.authDidFail.next(true);
        this.authIsLoading.next(false);
        return;
      }
      this.authDidFail.next(false);
      this.authIsLoading.next(false);
      this.router.navigate(['/']);
    });
  }
  socialSignIn(provider: CognitoHostedUIIdentityProvider): Promise<ICredentials> {

    return Auth.federatedSignIn({ provider: provider });
  }
  signIn(username: string,password: string): void {
    this.authIsLoading.next(true);
    const authData = {
      Username: username,Password: password
    };
    const authDetails = new AuthenticationDetails(authData);
    const userData = {
      Username: username,Pool: userPool
    };
    const cognitoUser = new CognitoUser(userData);
    const that = this;
    cognitoUser.authenticateUser(authDetails,{
      onSuccess(result: CognitoUserSession): void {
        that.authStatusChanged.next(true);
        that.authDidFail.next(false);
        that.authIsLoading.next(false);
        console.log(result);
      },onFailure(err): void {
        that.authDidFail.next(true);
        that.authIsLoading.next(false);
        console.log(err);
      }
    });
    this.authStatusChanged.next(true); // create user with cognito data

    return;
  }

  getAuthenticatedUser() {
    return userPool.getCurrentUser();
  }

  logout() {
    this.getAuthenticatedUser().signOut();
    this.authStatusChanged.next(false);
  }

  isAuthenticated(): Observable<boolean> {
    const user = this.getAuthenticatedUser();
    const obs = Observable.create((observer) => {
      if (!user) {
        observer.next(false);
      } else {
        user.getSession((err,session) => {
          if (err) {
            observer.next(false);
          } else {
            if (session.isValid()) {
              observer.next(true);
            } else {
              observer.next(false);
            }
          }
        });
      }
      observer.complete();
    });
    return obs;
  }

  initAuth() {
    this.isAuthenticated().subscribe(
      (auth) => this.authStatusChanged.next(auth)
    );
  }
}

解决方法

AWS Amplify auth documentation表示以下有关重新使用现有AWS Cognito资源的信息:

如果您想重复使用来自AWS的现有身份验证资源(例如Amazon Cognito UserPool或身份池),请使用以下信息更新Amplify.configure()方法。

import Amplify,{ Auth } from 'aws-amplify';

Amplify.configure({
    Auth: {

        // REQUIRED only for Federated Authentication - Amazon Cognito Identity Pool ID
        identityPoolId: 'XX-XXXX-X:XXXXXXXX-XXXX-1234-abcd-1234567890ab',// REQUIRED - Amazon Cognito Region
        region: 'XX-XXXX-X',// OPTIONAL - Amazon Cognito Federated Identity Pool Region 
        // Required only if it's different from Amazon Cognito Region
        identityPoolRegion: 'XX-XXXX-X',// OPTIONAL - Amazon Cognito User Pool ID
        userPoolId: 'XX-XXXX-X_abcd1234',// OPTIONAL - Amazon Cognito Web Client ID (26-char alphanumeric string)
        userPoolWebClientId: 'a1b2c3d4e5f6g7h8i9j0k1l2m3',// OPTIONAL - Enforce user authentication prior to accessing AWS resources or not
        mandatorySignIn: false,// OPTIONAL - Configuration for cookie storage
        // Note: if the secure flag is set to true,then the cookie transmission requires a secure protocol
        cookieStorage: {
        // REQUIRED - Cookie domain (only required if cookieStorage is provided)
            domain: '.yourdomain.com',// OPTIONAL - Cookie path
            path: '/',// OPTIONAL - Cookie expiration in days
            expires: 365,// OPTIONAL - See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
            sameSite: "strict" | "lax",// OPTIONAL - Cookie secure flag
        // Either true or false,indicating if the cookie transmission requires a secure protocol (https).
            secure: true
        },// OPTIONAL - customized storage object
        storage: MyStorage,// OPTIONAL - Manually set the authentication flow type. Default is 'USER_SRP_AUTH'
        authenticationFlowType: 'USER_PASSWORD_AUTH',// OPTIONAL - Manually set key value pairs that can be passed to Cognito Lambda Triggers
        clientMetadata: { myCustomKey: 'myCustomValue' },// OPTIONAL - Hosted UI configuration
        oauth: {
            domain: 'your_cognito_domain',scope: ['phone','email','profile','openid','aws.cognito.signin.user.admin'],redirectSignIn: 'http://localhost:3000/',redirectSignOut: 'http://localhost:3000/',responseType: 'code' // or 'token',note that REFRESH token will only be generated when the responseType is code
        }
    }
});

// You can get the current config object
const currentConfig = Auth.configure();

请验证awsconfig变量是否包含类似信息,或根据需要对其进行修改。