ios - AWSAPIGatewayClient always results in unauthorised -


when using amazon generated code awsapigatewayclient

message = unauthorized;

as response.

what cause of this?

appdelegate

awscognitoidentityuserpool *pool = [awscognitoidentityuserpool cognitoidentityuserpoolforkey:@"userpool"]; awscognitocredentialsprovider *credentialsprovider = [[awscognitocredentialsprovider alloc] initwithregiontype:awsregionuseast1                                                                                                 identitypoolid:cognitopoolid                                                                                        identityprovidermanager:pool];  awsserviceconfiguration *serviceconfiguration = [[awsserviceconfiguration alloc] initwithregion:cognitoidentityuserpoolregion                                                                             credentialsprovider:credentialsprovider]; awsservicemanager.defaultservicemanager.defaultserviceconfiguration = serviceconfiguration;  awscognitoidentityuserpoolconfiguration *configuration = [[awscognitoidentityuserpoolconfiguration alloc] initwithclientid:cognitoidentityuserpoolappclientid                                                                                                               clientsecret:cognitoidentityuserpoolappclientsecret                                                                                                                     poolid:cognitoidentityuserpoolid]; [awscognitoidentityuserpool registercognitoidentityuserpoolwithconfiguration:serviceconfiguration                                                        userpoolconfiguration:configuration                                                                       forkey:@"userpool"];

viewcontroller

[[[awsprjctrtclient defaultclient] suggestionsget] continuewithblock:^id _nullable(awstask * _nonnull task) {          nslog(@"%@", task.error);         return nil; }];

results in

2017-04-07 16:02:24.386 xxxx[38051:1025018] error domain=com.amazonaws.awsapigatewayerrordomain code=1 "(null)" userinfo={httpbody={ message = unauthorized;

the response looks api gateway resource configured use cognito user pools authorization, code uses cognito federated identities. in turn, federated identities requires api gateway use aws_iam authorizers, using iam roles manage access resources.

i suggest go through following steps:

  1. follow this guide. basically, within cognito federated identities, configure identity pool use user pool (one of) authentication provider(s). (you may have done this)

  2. check authorization of api gateway resource(s) under method requests/settings/authorization. set aws_iam. don't forget redeploy newly configured api, , export new sdk.

  3. your identity pool require 2 iam roles, both unauthenticated , authenticated access aws services. have add policy role(s) specify access aws services, in case need grant "execute-api:invoke" access (presumably only) authenticated role. recommend using policy generator this, , make sure set arn policy resource(s) want grant access to, otherwise of api gateway resources may accessed.

  4. as configuration on ios sdk side, make sure use code guide (shown below), seems yours different. have found getting wrong can induce whole range of confusing errors have in sorts of wrong directions solution.

add appdelegate

awsserviceconfiguration *serviceconfiguration = [[awsserviceconfiguration alloc] initwithregion:awsregionuseast1                                                                             credentialsprovider:nil]; awscognitoidentityuserpoolconfiguration *userpoolconfiguration = [[awscognitoidentityuserpoolconfiguration alloc] initwithclientid:@"your_client_id"                                                                                                                       clientsecret:@"your_client_secret"                                                                                                                             poolid:@"your_user_pool_id"]; [awscognitoidentityuserpool registercognitoidentityuserpoolwithconfiguration:serviceconfiguration                                                        userpoolconfiguration:userpoolconfiguration forkey:@"userpool"]; awscognitoidentityuserpool *pool = [awscognitoidentityuserpool cognitoidentityuserpoolforkey:@"userpool"]; awscognitocredentialsprovider *credentialsprovider = [[awscognitocredentialsprovider alloc]                                                       initwithregiontype:awsregionuseast1                                                       identitypoolid:@"your_identity_pool_id"                                                       identityprovidermanager:pool];

one important addition though! i've found particularly confusing @ first, in above code initialize awsserviceconfiguration credentialsprovider set nil in order register awscognitoidentityuserpool. however, need initialize new awsserviceconfiguration references credentialsprovider assign awsservicemanager.defaultservicemanager.defaultserviceconfiguration. so:

awsservicemanager.defaultservicemanager.defaultserviceconfiguration = [[awsserviceconfiguration alloc] initwithregion:cognitouserpoolregion                                                                                                   credentialsprovider:credentialsprovider];

the above described steps led me integrating cognito user pools federated identities allow access api gateway resources. process involved confusion services exactly, , piecing pieces of code different guides. hope helps!

note can without federated identities , leave api authorized using user pool directly. haven't been successful in approach. also, federated identities allow add other authorizers @ later stage if please so.


Comments

Post a Comment

Popular posts from this blog

How to understand 2 main() functions after using uftrace to profile the C++ program? -

i trying uftrace profile following simple c++ program: #include <iostream> class { public: a() {std::cout << "a created" << std::endl;} ~a() {std::cout << "a destroyed" << std::endl;} }; int main() { a; return 0; } the profile result this: # uftrace a.out created destroyed # duration tid function 2.026 [ 4828] | __cxa_atexit(); [ 4828] | main() { [ 4828] | __static_initialization_and_destruction_0() { 89.397 [ 4828] | std::ios_base::init::init(); 0.768 [ 4828] | __cxa_atexit(); 93.029 [ 4828] | } /* __static_initialization_and_destruction_0 */ 94.425 [ 4828] | } /* main */ [ 4828] | main() { [ 4828] | a::a() { 11.104 [ 4828] | std::operator <<(); 10.825 [ 4828] | std::basic_ostream::operator <<(); 24.514 [ 4828] | } /* a::a */ [ 4828] | a::~a() { 0.978 [ 4828] | ...
Read more

c# - Update a combobox from a presenter (MVP) -

i using mvp in project, new in mvp. have 2 comboboxes. when select option in combobox, combobox should filled new data. this action in presenter. view 'view1' in presenter, , introduced combobox1 , combobox2 properties in 'view1', because need 'datasource', 'displaymember', 'valuemember' , 'refresh()' in method below. but, when using pattern, enough send property like public string combobox2 { { return combobox1.selectedvalue.tosstring(); } } into presenter not whole combobox. how can solve problem? public void onselectedindexchangedcombobox1() { if (view1.combobox1.selectedindex == -1) { return; } datatable dt = tools.getdatatable("a path"); var query = (from o in dt.asenumerable() o.field<string>("afield") == farmerview.combobox1.selectedvalue.tostring() orderby o.field<string>("anotherfield") select...
Read more

How to put a lock and transaction on table using spring 4 or above using jdbcTemplate and annotations like @Transactional? -

i trying put lock on table while writing on table , if happened in between roll-back . trying convert below code lock table test_g1 read; lock table test_g write; -- begin; start transaction; insert test_g1 values(143); insert test_g values(145); select * test_g1; select * test_g; rollback; select * test_g; unlock tables; how convert above code @transactional spring jdbctemplate code? @transactional(rollbackfor={dataaccessexception.class}) public void test(){ jdbctemplate.execute("insert test1 (id, nam) values (4, 'a')"); throw new dataaccessexception("error") { }; } here trying throw error, insert statement should rollback it's not happening . thanks edit-1 attaching code , doing in jdbcdaoimpl.java , mentioned problem comment above test() . app.java package com.cgiri.javabrains.spring4; import org.springframework.beans.factory.annotation.autowired; import org.springframework.context.applic...
Read more