AWS中有2种配置,第一种支持电子邮件/密码登录,第二种支持Google SSO。如果我在 Amplify 配置上添加使用 Google SSO 的 OAuth 信息,它可以工作,但是当尝试返回时,会话消失了。
我需要能够配置 2 个用户池,现在我的配置 json 如下所示:
final _amplifyConfigSSO = '''
{
"UserAgent": "aws-amplify-cli/2.0",
"Version": "1.0",
"auth": {
"plugins": {
"awsCognitoAuthPlugin": {
"UserAgent": "aws-amplify-cli/0.1.0",
"Version": "0.1.0",
"IdentityManager": {
"Default": {}
},
"CognitoUserPool": {
"Default": {
"PoolId": "${Environment.ssoCognitoPoolId}",
"AppClientId": "${Environment.ssoCognitoAppClientId}",
"Region": "${Environment.ssoCognitoRegion}"
},
},
"Auth": {
"Default": {
"OAuth": {
"WebDomain": "${Environment.ssoCognitoWebDomain}",
"AppClientId": "${Environment.ssoCognitoAppClientId}",
"SignInRedirectURI": "${Environment.ssoCognitoOAuth}",
"SignOutRedirectURI": "${Environment.ssoCognitoOAuth}",
"ResponseType": "code",
"Scopes": [
"email",
"openid",
"profile"
]
},
"authenticationFlowType": "USER_SRP_AUTH",
"socialProviders": [
"GOOGLE"
],
"usernameAttributes": [
"EMAIL"
],
"signupAttributes": [
"EMAIL"
],
"passwordProtectionSettings": {
"passwordPolicyMinLength": 8,
"passwordPolicyCharacters": [
"REQUIRES_LOWERCASE",
"REQUIRES_UPPERCASE",
"REQUIRES_NUMBERS",
"REQUIRES_SYMBOLS"
]
},
"mfaConfiguration": "OFF",
"mfaTypes": [],
"verificationMechanisms": [
"EMAIL"
]
}
}
}
}
}
}''';
为了登录,我使用此代码:
Amplify.Auth.getPlugin(AmplifyAuthCognito.pluginKey).signIn(
username: username,
password: password,
);
...
Amplify.Auth.getPlugin(AmplifyAuthCognito.pluginKey).signInWithWebUI(
provider: AuthProvider.google,
);
...
到目前为止,我已尝试在配置中添加
OAuth
部分,以允许应用程序进行 Google 登录,但是当应用程序重新启动时,用户不再存在。
最后,我通过使用
flutter_secure_storage
在本地存储令牌、id 和刷新令牌解决了这个问题,然后使用 Cognito 的 OAuth Web 服务来验证令牌。