Question

I am using the AWS SDK JS V3 in the browser in an Angular app along with Cognito to handle user authentication.

我能够成功地通过,像:

this.cognitoClient = new CognitoIdentityProviderClient({
      region: environment.cognito.region,
      credentials: fromCognitoIdentityPool({
        clientConfig: { region: environment.cognito.region },
        identityPoolId: environment.cognito.identityPoolId,
        logins: {
          [`cognito-idp.${environment.cognito.region}.amazonaws.com/${environment.cognito.userPoolId}`]: this.authService.getIdToken()! // getIdToken() returns a JWT string for the IDToken from the CognitoUserSession object.
        }
      })
    });

并按惯例提出请求(如名单用户团体)。

然而,在闲置时间一小时后,Colignito提供的ID Token 以及随后提出的任何申请交存了<代码>。不离岸外包例外:“代谢/编码错误”。

我期望,我只需要一度立即向客户报到,然后要么自动处理复习,要么需要人工启动复习。我尝试了几个不同的解决办法,包括重新确认客户,但我认为他们当中没有任何人能够适当和有效地处理复习。

我已经研究了。如何在AWS JS SDK v3?中更新全权证书,但回答者使用案件32,地点在amazon-cognito-identity-js,其中提到了AWS SDK J2执行。

简言之,我举了一个例子,说明如何适当更新使用<条码>的AWS SDK JS V3客户的全权证书,这些客户来自Cgnito IdentityPool credential提供商。

Answer 1

在探讨如何利用与亚马孙定位服务有关的这一职能时,我很感兴趣地回答了你的问题。它们拥有一个。因此,减少它们对相关界限的影响:

const credentialsProvider = fromCognitoIdentityPool({
    identityPoolId,
    clientConfig: {
        region,
    },
});

// Defined here to be accessible elsewhere outside the refresh function
let credentials: AwsCredentialIdentity;

async function refreshCredentials() {
    credentials = await credentialsProvider();

    // default to 1 hour if credentials does not have expiration field
    let timeToRefresh = 3600000;
    if (credentials.expiration) {
        timeToRefresh = credentials.expiration.getTime() - new Date().getTime();
    }

    // timeToRefresh minus 1 minute to give some time for the actual refresh to happen.
    setTimeout(refreshCredentials, timeToRefresh - 60000);
}

await refreshCredentials();

友情链接