AWS Cognito用户池和OpenId [英] AWS Cognito User Pools and OpenId
问题描述
我正在使用Amazon Cognito,在阅读了一些文档并创建了用户池之后,我遇到了一些问题。我相信cognito用户池可与OpenId一起使用,以将用户重定向到托管的UI进行用户身份验证(无需与其他提供者联合)。我尝试使用DotNetCore 2中的身份验证选项来执行此操作,因为这是我之前与其他提供程序一起完成的。
I am playing around with Amazon Cognito and after reading some of the docs and creating a user pool I am running into some issues. I believe that a cognito user pool can be used with OpenId to redirect the user to a hosted UI for user authentication (without federating out to another provider). I have tried to use the authentication options in DotNetCore 2 to do this as this is something I have done previous with other providers.
我有以下内容:
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(options =>
{
options.ResponseType = "code";
options.MetadataAddress = $"https://cognito-idp.{authOptions.AwsRegion}.amazonaws.com/{authOptions.PoolId}/.well-known/openid-configuration";
options.ClientId = authOptions.ClientId;
options.ClientSecret = authOptions.ClientSecret;
});
但是每次尝试时,它总是返回
but everytime I try it always returns
{"code":"BadRequest","message":"The server did not understand the operation that was requested.","type":"client"}
只是想知道是否有人对此有任何经验?我试图在不同区域中创建用户池,只是为了确保不仅在某些区域中支持该用户池,而且总是得到相同的用户池。
Just wondering if anyone had any experience with this please? I have tried to create the user pool in different regions just to make sure that it is not only supported in certain regions but always get the same.
推荐答案
我曾经遇到过同样的问题。根据此教程。关键部分是
I used to have the same problem. Configured my pool and code according to this tutorial. The crucial part was
另一个可能重要的配置是应用程序集成>域名。它使我们可以配置登录页面和注册页面的域。
Another configuration that may be important is the App integration > Domain name. It allows us to configure what will be the domain of the sign-in and sign-up pages.
在配置了domian名称后,一切工作正常。
After I configured domian name everything worked fine.
这篇关于AWS Cognito用户池和OpenId的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
