我有一个使用 javascript v3 sdk 与 AWS 交互的 React 应用程序。我还使用
"aws-amplify": "^6.0.6"
进行身份验证。我已经设置了 amplify 并且运行良好,但问题是我似乎无法使用以下方法从 Amplify/Auth 获取凭证传递到其他 AWS 资源(例如 DynamoDB):
const ddb = new DynamoDBClient({
region: import.meta.env.VITE_AWS_REGION,
credentials, // THIS IS WHAT I NEED
});
到目前为止,我有一个更高阶的组件包装了我的整个应用程序:
import { withAuthenticator } from '@aws-amplify/ui-react';
...
export default withAuthenticator(APP);
const session = await fetchAuthSession();
获取凭证
但是我的凭据未定义...
我的会话如下所示:
{
"credentials": undefined,
"identityId": undefined,
"tokens": {
"accessToken": {
"payload": {
"sub": "xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"iss": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_xxxxxxxxx",
"client_id": "xxxxxxxxxxxxxxxxxxxxx",
"origin_jti": "xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"event_id": "xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"token_use": "access",
"scope": "aws.cognito.signin.user.role",
"auth_time": 1702010502,
"exp": 1702014102,
"iat": 1702010502,
"jti": "xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"username": "xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
},
"idToken": {
"payload": {
"sub": "xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"email_verified": true,
"iss": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_xxxxxxxxx",
"cognito:username": "xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"origin_jti": "xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"aud": "xxxxxxxxxxxxxxxxxxxxxx",
"event_id": "xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"token_use": "id",
"auth_time": 1702010502,
"exp": 1702014102,
"iat": 1702010502,
"jti": "xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"email": "[email protected]"
}
},
"signInDetails": {
"loginId": "[email protected]",
"authFlowType": "USER_SRP_AUTH"
}
},
"userSub": "xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
我还需要做些什么才能获取凭证对象吗?
您是否在使用 Cognito 身份池?如果没有,您应该使用它们以获得
credentials
。