(iOS) AWS S3 上传失败且没有错误（使用联合身份验证的用户 - Apple SSO）

Posted 2023-03-27

【中文标题】(iOS) AWS S3 上传失败且没有错误（使用联合身份验证的用户 - Apple SSO）

【英文标题】：(iOS) AWS S3 Upload Fails with No Error (User Authenticated Using Federated Identities - Apple SSO)

【发布时间】：2021-09-11 05:39:42

【问题描述】：

尽管 AWS Cognito 指示设备已登录并且正在获取 IdentityID，但我无法执行 S3 上传。

存储错误描述为“Session expired could not fetch identity id”。这与返回并传递给 s3 上传文件函数的 identityID 无关。

使用 ASAuthorizationAppleIDCredential.identityToken 登录 AWS Cognito 还获得了IdentityID

    func SignIn() 

       awsmobileclient.federatedSignIn(providerName: IdentityProvider.apple.rawValue,
                                            token: identityToken)  (userState, error) in
                    if let error = error 
                        print("Error in federatedSignIn: \(error)")
                        return
                    

                    guard let userState = userState else 
                        print("userState unexpectedly nil")
                        return
                    
                print("federatedSignIn successful: \(userState.rawValue)")
                sleep(5)
                
                // Retrieve your Amazon Cognito ID
                let credentialsProvider = AWSCognitoCredentialsProvider(regionType: .CACentral1, identityPoolId: "ca-central-1:3e8d12d5-9739-4934-8eb0-df6bec232d77")
                let configuration = AWSServiceConfiguration(region: .CACentral1, credentialsProvider: credentialsProvider)
                AWSServiceManager.default().defaultServiceConfiguration = configuration
                
                credentialsProvider.getIdentityId().continueWith(block:  (task) -> AnyObject? in
                    if (task.error != nil) 
                        print("Error: " + task.error!.localizedDescription)
                        
                    
                    else 
                        // the task result will contain the identity id
                        let cognitoId = task.result!
                        print("Cognito id: \(cognitoId)")
                        UserDefaults.standard.set(cognitoId, forKey: "cognitoId")
                    
                    return task;
                )

    

将数据上传到 S3

    func uploadData(key: String, data: Data) 
        
        var progressSink: AnyCancellable?
        var resultSink: AnyCancellable?
        
        

        let options = StorageUploadDataRequest.Options(accessLevel: .private, targetIdentityId: UserDefaults.standard.string(forKey: "cognitoId"), contentType: "image/jpeg")
        let storageOperation = Amplify.Storage.uploadData(key: key, data: data, options: options)
        progressSink = storageOperation.progressPublisher.sink  progress in print("Progress: \(progress)") 
        resultSink = storageOperation.resultPublisher.sink 
            if case let .failure(storageError) = $0 
                print("Failed: \(storageError.errorDescription). \(storageError.recoverySuggestion)")
            
        
        receiveValue:  data in
            print("Completed: \(data)")
        
    

【参考方案1】：

事实证明，这可能是由于 AWS Cognito 设置造成的。 AWS Cognito 配置为，未选中“启用对未经身份验证的用户的访问”，选中允许基本（经典）流程，Apple 服务 ID 应为捆绑 ID，角色选择默认值，属性已禁用。

这是通过 AWSMobileClient.federatedSignIn 使用 AWS Amplify Escape Hatch 到 AWS 移动客户端开发工具包完成的