大家好,我在使用 Flask-Cognito 时遇到问题,出现以下错误:
{ "description": "Public key not found in jwks.json", "error": "Invalid Cognito Authentication Token" }
我正在使用一个用户池,我已经使用 lambda 和其他 cookie 身份验证框架检查了该用户池..
我的 Flask 代码基本上是 github 示例:
# configuration
from flask import Flask
from flask_cognito import cognito_auth_required, current_user, current_cognito_jwt
from flask import jsonify
from flask_cognito import CognitoAuth
app = Flask(__name__)
# initialize extension
# cogauth = CognitoAuth(app)
app.config.update({
'COGNITO_REGION': 'eu-xxxx',
'COGNITO_USERPOOL_ID': 'eu-xxxx_xxxx',
# optional
'COGNITO_APP_CLIENT_ID': 'xxxxx', # client ID you wish to verify user is authenticated against
'COGNITO_CHECK_TOKEN_EXPIRATION': False, # disable token expiration checking for testing purposes
'COGNITO_JWT_HEADER_NAME': 'Authorization',
'COGNITO_JWT_HEADER_PREFIX': 'Bearer',
})
CognitoAuth(app)
@app.route('/api/private')
@cognito_auth_required
def api_private():
# user must have valid cognito access or ID token in header
# (accessToken is recommended - not as much personal information contained inside as with idToken)
return jsonify({
'cognito_username': current_cognito_jwt['username'], # from cognito pool
'user_id': current_user.id, # from your database
})
我调用 API 的方式如下:
curl --location 'http://127.0.0.1:5000/api/private' \
--标题“X-合同-授权:承载者 XXXX”
请帮忙,我在这里做错了什么?
如果未下载JWKS_URI
中的公共信息,则会引发异常。
这可能是由于 JWKS_URI 构造错误造成的。
对于flask_awscognito集成,您应该设置这些属性:
app.config.update({
'AWS_COGNITO_REGION': 'eu-xxxx',
'AWS_COGNITO_USER_POOL_ID': 'eu-xxxx_xxxx',
# optional
'AWS_COGNITO_USER_POOL_CLIENT_ID': 'xxxxx', # client ID you wish to verify user is authenticated against
'COGNITO_CHECK_TOKEN_EXPIRATION': False, # disable token expiration checking for testing purposes
'COGNITO_JWT_HEADER_NAME': 'Authorization',
'COGNITO_JWT_HEADER_PREFIX': 'Bearer',
})