如何使用ClaimsToAddOrOverride在Cognito中的IdToken的Claims中添加数组值 [英] How to add array values in Claims of IdToken in Cognito using claimsToAddOrOverride
问题描述
我正在使用预生成令牌以更新IdToken的声明.
I am using Pre Token Generation to update the claims of IdToken.
我能够使用单个key:value对成功更新索偿. 下面是示例示例.
I am successfully able to update claim using single key:value pair. Below is the sample example of that.
event["response"] = {"claimsOverrideDetails":{"claimsToAddOrOverride":{"scope": "test.debug"}}}
但是当我尝试在其中添加字符串数组时,它给了我内部服务器错误(AWS Cognito的响应)
But when i am trying to add array of string inside that, it giving me internal server error (Response from AWS Cognito)
例如:
event["response"] = {"claimsOverrideDetails":{"claimsToAddOrOverride":{"scope": ["test1","test2]}}}
使用lambda函数的测试"选项可以正常工作.
It is working fine using 'Test' option of lambda function.
如果我使用的是 groupsToOverride ,那么它将覆盖 cognito:groups 声明.
If i am using groupsToOverride then it is overriding the cognito:groups claim.
有帮助吗?
推荐答案
我认为这肯定是Cognito的一个错误,不幸的是,在解决之前,需要一种解决方法.
I think this must be a bug with Cognito and unfortunately will require a workaround until it's resolved.
我知道这并不理想,但是我已经通过使用定界字符串解决了这个问题,当我收到令牌时,我便将其解析为一个数组.
It's not ideal I know, but I've worked around this issue by using a delimited string which I then parse to an array when I receive the token.
Lambda:
exports.handler = (event, context, callback) => {
event.response = {
"claimsOverrideDetails": {
"claimsToAddOrOverride": {
"scope": "test1|test2"
}
}
};
// Return to Amazon Cognito
callback(null, event);
};
客户:
const token = jwt.decode(id_token);
const scopes = token.scope.split('|');
这篇关于如何使用ClaimsToAddOrOverride在Cognito中的IdToken的Claims中添加数组值的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!