AWS AnonymousAWSCredentials 不支持此操作

问题描述 投票:0回答:3

我尝试连接到 Amazon S3 存储桶并列出内容,但当我调用 ListBucketsAsync 方法时,我收到消息“AWS AnonymousAWSCredentials 不支持此操作”。我很困惑,因为我已经成功验证了用户身份。

  public static async void GetS3BucketsAsync()
    {
        var provider = new AmazonCognitoIdentityProviderClient(new AnonymousAWSCredentials(), RegionEndpoint.EUWest2);
        CognitoUserPool userPool = new CognitoUserPool(poolID, clientID, provider);
        CognitoUser user = new CognitoUser(user1.Username, clientID, userPool, provider);

        string password = user1.Password;

        AuthFlowResponse context = await user.StartWithSrpAuthAsync(new InitiateSrpAuthRequest()
        {
            Password = password
        }).ConfigureAwait(false);


        CognitoAWSCredentials credentials =
        user.GetCognitoAWSCredentials(identityPoolID, RegionEndpoint.EUWest2);

        using (var client = new AmazonS3Client(credentials, RegionEndpoint.EUWest2))
        {
            ListBucketsResponse response =
                await client.ListBucketsAsync(new ListBucketsRequest()).ConfigureAwait(false);

            foreach (S3Bucket bucket in response.Buckets)
            {
                Console.WriteLine(bucket.BucketName);
            }
        }
    }
c# .net amazon-web-services amazon-s3 amazon-cognito
3个回答
1
投票

您需要添加以下内容:

credentials = user.GetCognitoAWSCredentials(identityPoolId, Amazon.RegionEndpoint.XXXX);

                string provider = "cognito-idp.ap-XXXX-X.amazonaws.com/" + poolId;
               
                credentials.AddLogin(provider, mfaResponse.AuthenticationResult.IdToken);
1
投票

虽然之前的答案完全有效,但我遇到了一个不同的、非常令人沮丧且耗时的场景,这种情况开始发生,所以为了节省其他人的时间,这里是。

我的 Cognito 设置一直正常工作,直到发生变化。我开始收到标题中提到的消息。但对我来说,原因是“访问控制的身份提供者属性”发生了变化。我开始使用身份提供商 aws 控制台页面上的自定义映射将一些 Cognito 用户的属性复制到令牌中的claims。问题是有些声明的名称中带有冒号。更进一步,并非所有冒号都会造成这个问题。有些是身份提供者完全可以接受的,但有一个却不能。有问题的索赔名称是custom:allowedOrgIds,我不知道为什么。

总之,长话短说,当使用自定义属性映射进行访问控制时,在命名声明时尽量不要使用特殊字符,以免浪费一天的调试时间。

    





      

      
      
      

      

        

          

            

              
0
投票

              
            

          

        

        


        InitiateAdminNoSrpAuthRequest authRequest = new InitiateAdminNoSrpAuthRequest() { Password = password };

    var authResponse = user.StartWithAdminNoSrpAuthAsync(authRequest);
        Task.WaitAll(authResponse);

        //CognitoAWSCredentials credentials = user.GetCognitoAWSCredentials(identityPoolID, Amazon.RegionEndpoint.APSouth1);

        CognitoAWSCredentials credentials = new CognitoAWSCredentials(identityPoolID, Amazon.RegionEndpoint.APSouth1);

        using (var client = new AmazonS3Client(credentials, Amazon.RegionEndpoint.APSouth1))
        {
            var response = client.ListBucketsAsync(new ListBucketsRequest());
            Task.WaitAll(response);
            foreach (S3Bucket bucket in response.Result.Buckets)
            {
                Console.WriteLine(bucket.BucketName);
            }
        }

        Console.WriteLine("pres and key to quiet");
        Console.ReadKey();



我正在实现相同的代码,但出现错误**(AnonymousAWSCredentials不支持此操作)**
请帮助我

    



      

      
    

  

  

    
最新问题


  





  

    © www.soinside.com 2019 - 2024. All rights reserved.