我目前无法授权使用AWS的iOS SDK V2用Facebook和Google+的供应商的用户。

I am currently unable to authorize users using AWS iOS SDK V2 using Facebook and Google+ as the provider.

我不知道，如果在AWS开发了我的设置控制台，还是它在code。

I'm not sure if its my setup on the AWS Developer Console, or whether its the code.

这是身份池的作用策略：

This is the role policy for the identity pools:

{  
"Version": "2012-10-17",  
"Statement": [{  
    "Action": [  
        "mobileanalytics:PutEvents",  
        "cognito-sync:*"  
    ],  
    "Effect": "Allow",  
    "Resource": ["*"]  
}]  

我不接受未经授权的Cognito ID，但是当我尝试使用任何Facebook或Google+的供应商认证，这是行不通的。

I do receive an unauthorized Cognito ID but when I try to use either Facebook or Google+ provider authentication, it does not work.

在Facebook登录的回报，我可以成功地使用用户属性提取资料图片，姓名和电子邮件地址。然后我得到的令牌（是的，它是一个字符一个很长的字符串）从Facebook的会话，并使用它的设备ID类：

Once the Facebook login returns I can successfully use the user properties to extract the profile picture, name and email address. I then get the token (yes it is a very long string of characters) from the Facebook session and use it in the deviceID class:

- (void)loginViewFetchedUserInfo:(FBLoginView *)loginView
                        user:(id<FBGraphUser>)user {

//Populate viewcontoller with Facebook data
self.profilePictureView.profileID = user.id;
NSRange range = [user.name rangeOfString:@" "];
self.firstName.text = [user.name substringToIndex:range.location];
self.lastName.text = [user.name substringFromIndex:range.location+1];
self.emailAddress.text = [user objectForKey:@"email"];

//Get Facebook token, set then get Cognito device ID - in DeviceId class
NSString *token = FBSession.activeSession.accessTokenData.accessToken;
DeviceId *myDeviceId = [DeviceId sharedInstance];

cognitoDeviceId = [myDeviceId setFacebookToken:token];

}

本的DeviceID类实现如下所示：

The DeviceID class implementation is shown below:

#import "DeviceId.h"
#import <AWSiOSSDKv2/AWSCore.h>
#import <AWSCognitoSync/Cognito.h>

@implementation DeviceId

static NSString *cognitoId;
static DeviceId *_sharedInstance;
static AWSCognitoCredentialsProvider *credentialsProvider;
static AWSServiceConfiguration *configuration;

+ (DeviceId *) sharedInstance
{
    if (!_sharedInstance)
    {
        _sharedInstance = [[DeviceId alloc] init];
    }

    return _sharedInstance;
}

- (NSString *) getDeviceId
{
    return cognitoId;
}

- (void) setDeviceId
{
    /*
     * AWS Cognito
     */

        credentialsProvider = [AWSCognitoCredentialsProvider
                            credentialsWithRegionType:AWSRegionUSEast1
                            accountId:@"(accountID"
                            identityPoolId:@"(identityPool)"
                            unauthRoleArn:@"arn:aws:iam::(accountID):role/Cognito_(app)UsersUnauth_DefaultRole"
                            authRoleArn:@"arn:aws:iam::(accountID):role/Cognito_(app)UsersAuth_DefaultRole"];

        configuration = [AWSServiceConfiguration configurationWithRegion:AWSRegionUSEast1
                                                                          credentialsProvider:credentialsProvider];

        [AWSServiceManager defaultServiceManager].defaultServiceConfiguration = configuration;

    // Retrieve the cognito ID.
    cognitoId = credentialsProvider.identityId;

    if (!cognitoId) {
        UIAlertView *alert = [[UIAlertView alloc] initWithTitle:@"Identification Error"
                                                        message:@"Error on User Account."
                                                       delegate:nil
                                              cancelButtonTitle:@"OK"
                                              otherButtonTitles:nil];
        [alert show];
    }
}

-(NSString *)setFacebookToken:(NSString*)token {

    credentialsProvider.logins = @{ @(AWSCognitoLoginProviderKeyFacebook): token };
    [self setDeviceId];
    return cognitoId;
}

-(NSString *)setGooglePlusToken:(NSString*)token {
    credentialsProvider.logins = @{ @(AWSCognitoLoginProviderKeyGoogle): token };
    [self setDeviceId];
    return cognitoId;
}

@end

我没有得到任何错误信息，并在仪表盘上方从来没有显示身份验证的用户。该CognitoID永远不会改变它的值。谁能告诉我在哪里的问题？

I get no error message and the dashboard above never shows an authenticated user. The CognitoID never changes its value. Can someone tell me where the issue is?

编辑：根据意见更新DeviceId.m仍返回零为cognitoId

修改2：更新DeviceId.m更换while循环，如果BFTask加工为螺栓的方法检查waitUntilFinished

#import "DeviceId.h"
#import <AWSiOSSDKv2/AWSCore.h>
#import <AWSCognitoSync/Cognito.h>


@implementation DeviceId
{
    __block NSString *tempCognitoId;
}

static NSString *cognitoId;
static DeviceId *_sharedInstance;
static AWSCognitoCredentialsProvider *credentialsProvider;
static AWSServiceConfiguration *configuration;

+ (DeviceId *) sharedInstance
{
    if (!_sharedInstance)
    {
        _sharedInstance = [[DeviceId alloc] init];
    }

    return _sharedInstance;
}

- (NSString *) getDeviceId
{
    return cognitoId;
}

- (void) setDeviceId
{
    /*
     * AWS Cognito
     */

    credentialsProvider = [AWSCognitoCredentialsProvider
                                                          credentialsWithRegionType:AWSRegionUSEast1
                                                          identityPoolId:@"Identity Pool ID"];

    configuration = [AWSServiceConfiguration
                                              configurationWithRegion:AWSRegionUSEast1
                                              credentialsProvider:credentialsProvider];

    [AWSServiceManager defaultServiceManager].defaultServiceConfiguration = configuration;

    BFTask *taskIdentity = [[credentialsProvider refresh] continueWithBlock:^id(BFTask *task){

        if (task.error == nil)
        {
            tempCognitoId = credentialsProvider.identityId;
            NSLog(@"cognitoId: %@", cognitoId);
        }
        else
        {
            NSLog(@"Error : %@", task.error);
        }

        return nil;
    }];

    [taskIdentity waitUntilFinished];

    cognitoId = tempCognitoId;

}

-(NSString *)setFacebookToken:(NSString*)token {

    credentialsProvider.logins = @{ @(AWSCognitoLoginProviderKeyFacebook): token };
    BFTask *taskIdentity = [[credentialsProvider refresh] continueWithBlock:^id(BFTask *task){

        if (task.error == nil)
        {
            tempCognitoId = credentialsProvider.identityId;
            NSLog(@"cognitoId: %@", tempCognitoId);
        }
        else
        {
            NSLog(@"Error : %@", task.error);
        }

        return nil;
    }];

    [taskIdentity waitUntilFinished];

    cognitoId = tempCognitoId;

    return cognitoId;
}

-(NSString *)setGooglePlusToken:(NSString*)token {
    credentialsProvider.logins = @{ @(AWSCognitoLoginProviderKeyGoogle): token };
    BFTask *taskIdentity = [[credentialsProvider getIdentityId] continueWithBlock:^id(BFTask *task){

        if (task.error == nil)
        {
            tempCognitoId = credentialsProvider.identityId;
            NSLog(@"cognitoId: %@", tempCognitoId);
        }
        else
        {
            NSLog(@"Error : %@", task.error);
        }

        return nil;
    }];

    [taskIdentity waitUntilFinished];

    cognitoId = tempCognitoId;

    return cognitoId;
}

@end

我不明白，有些人可能认为等待完成是不好的做法，但我需要确保测试的cognitoId返回同步的目的。修改后的Facebook应用程序ID，使用这种方法的cognitoID返回。

I do realize that some may consider waiting for completion is bad practice but I need to be sure for testing purposes that cognitoId is returned "synchronously". After modifying the Facebook App ID, using this method the cognitoID is returned.

修改3：但是，谷歌正在达到DEVICEID之前失败

- (void)finishedWithAuth:(GTMOAuth2Authentication *)auth
               error:(NSError *)error {
    if (error) {
        _signInAuthStatus.text =
        [NSString stringWithFormat:@"Status: Authentication error: %@", error];
        NSLog(@"%@", error);
        return;
    }
    NSString *idToken = [auth.parameters objectForKey:@"id_token"];
    DeviceId *myDeviceId = [DeviceId sharedInstance];
    [myDeviceId setGooglePlusToken:idToken];
}

本的NSLog打印错误：该操作无法完成（com.google.HTTPStatus错误400）错误域= com.google.GooglePlusPlatform code = -1的API和放大器;验证产品名称和当前的电子邮件地址似乎是在控制台上正确。

The NSLog error prints: Error Domain=com.google.GooglePlusPlatform Code=-1 "The operation couldn’t be completed. (com.google.HTTPStatus error 400.)" The API & Auth Product Name and Current Email Address appear to be correct on the console.

修改4：Cognito同步中的code另一款现在已停止工作的地方工作过：​​

    AWSCognito *syncClient = [AWSCognito defaultCognito];
    AWSCognitoDataset *dataset = [syncClient openOrCreateDataset:@"myDataSet"];
    NSString *fullName = [dataset stringForKey:@"name"];

失败与错误的第一行：

Fails on the first line with the error:

***终止应用程序由于未捕获的异常NSInvalidArgumentException，理由是：+ AWSEndpoint endpointWithRegion：服务：]：发送到类无法识别的选择

*** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '+[AWSEndpoint endpointWithRegion:service:]: unrecognized selector sent to class

在这些额外的错误任何帮助是AP preciated。

Any help on these additional errors is appreciated.

推荐答案

一个常见的​​原因，你所描述的问题

A common cause for the issue you described with

错误域= com.google.GooglePlusPlatform code = -1的操作无法完成。（com.google.HTTPStatus错误400。）

Error Domain=com.google.GooglePlusPlatform Code=-1 "The operation couldn’t be completed. (com.google.HTTPStatus error 400.)

在this计算器问题。我倒是仔细检查您输入产品名称和电子邮件地址。此外，我相信你有进入这个数据后，重新创建OAuth的凭据，所以如果你还没有做到这一点，它可能是值得一试。

Is described in this stackoverflow question. I'd double check that you have the product name and email address entered. Additionally, I believe you have to re-create the OAuth credentials after entering this data, so if you hadn't yet done that, it may be worth trying.

最后，请检查您正在使用的Web服务器API密钥，没有的iOS的客户端密钥。

Finally, check that you're using the web server API key, not the iOS client key.