CognitoIdentityClient - 404 not found in iam/secur

2019-08-17 02:39发布

站内问答 / 前端开发
2000 1 5

I want to register an AWS Cognito Identity using getOpenIdTokenForDeveloperIdentity.

Below are my codes written in CodeIgniter framework:

Awscognitoauth.php

<?php
// <MYPROJECT>/application/controllers/Awscognitoauth.php

defined('BASEPATH') or exit('No direct script access allowed');

class Awscognitoauth extends CI_Controller {

    function getOpenId($userId) {
        $this->load->library('awsauth');
        return $this->awsauth->identity($userId);
    }

}

Awsauth.php

<?php
// <MY PROJECT>/application/libraries/Awsauth.php

defined('BASEPATH') or exit('No direct script access allowed');

require_once APPPATH . "third_party/aws/aws-autoloader.php";

use Aws\CognitoIdentity\CognitoIdentityClient;
use Aws\Sts\StsClient;

class Awsauth {

    public function identity($userId) {
        $region = '<my region>';
        $key = '<my key>';
        $secret = '<my secret>';
        $version = 'latest';

        $client = CognitoIdentityClient::factory(array('region' => $region, 'key' => $key, 'secret' => $secret, 'version' => $version));

        $poolId = '<my pool Id>'; // formatted: "<region>:<UUID>"
        $domain = '<my reversed company domain>'; // com.<company...>...

        return $client->GetOpenIdTokenForDeveloperIdentity(array('IdentityPoolId' => $poolId, 'Logins' => array($domain => $userId))); // https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetOpenIdTokenForDeveloperIdentity.html
    }

}

In safari, I call the controller Awscognitoauth and get the following error:

404notfound

I double-checked my user's role here:

  • It is AdministratorAccess AdministratorAccess
  • Access key does match with the key in my code Accesskey

What could cause this 404 Not Found response? I thought that my user has AdministratorAccess and I can access any resource. Do I miss something?

1条回答
爷、活的狠高调
2楼-- · 2019-08-17 03:12

oh shoot!

I just found out that the $key and $secret must be wrapped in credentials.

So, the final code for Awsauth.php is:

<?php
// <MY PROJECT>/iot.kooltechs.com/application/libraries

defined('BASEPATH') or exit('No direct script access allowed');

require_once APPPATH . "third_party/aws/aws-autoloader.php";

use Aws\CognitoIdentity\CognitoIdentityClient;
use Aws\Sts\StsClient;

class Awsauth {

    public function identity($userId) {
        $region = '<my region>';
        $key = '<my key>';
        $secret = '<my secret>';
        $version = 'latest';

        $config = [
            'version' => $version,
            'region' => $region,
            'credentials' => [
                'key' => $key,
                'secret' => $secret
            ]
        ];

        $client = CognitoIdentityClient::factory($config);

        $poolId = '<my pool Id>'; // formatted: "<region>:<UUID>"
        $domain = '<my reversed company domain>'; // com.<company...>...

        return $client->GetOpenIdTokenForDeveloperIdentity(array('IdentityPoolId' => $poolId, 'Logins' => array($domain => $userId)));
    }

}

Regards,

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)