AWS Cognito SDK-Token-Ablauf

Question

Ich verwende Amazon Cognito Mobile SDK zur Anmeldung bei meiner App (https://github.com/awslabs/aws-sdk-android-samples/tree/master/AmazonCognitoYourUserPoolsDemo).

Die App ruft ständig Daten von DynamoDB ab (alle 5 Sekunden).

Nach ungefähr einer Stunde, wenn versucht wird, DynamoDB aufzurufen, läuft das Token ab und das SDK scheint das Token nicht zu aktualisieren und ich erhielt die NotAuthorizedException-Ausnahme, wie unten zu sehen.

Wie soll ich mit Tokenablauf umgehen? Vielen Dank!

05-25 15:27:25.282 2540-3428/com.test.example D/AWSRefreshingCognitoIdentityProvider: Refreshing token... 
05-25 15:27:25.282 2540-3428/com.test.example D/CognitoUserPoolsSignInProvider: cognito-idp.eu-west-1.amazonaws.com/eu-west-1_pHznonQVB 
05-25 15:27:26.718 2540-3428/com.test.example E/CognitoCachingCredentialsProvider: Failure to get credentials 
                           com.amazonaws.services.cognitoidentity.model.NotAuthorizedException: Invalid login token. Token expired: 1495725747 >= 1495723433 (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: NotAuthorizedException; Request ID: a91e8404-415e-11e7-8a00-bd0979d3092f) 
                            at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:720) 
                            at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:394) 
                            at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:200) 
                            at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:558) 
                            at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getOpenIdToken(AmazonCognitoIdentityClient.java:503) 
                            at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.getToken(AWSAbstractCognitoIdentityProvider.java:198) 
                            at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.refresh(AWSAbstractCognitoIdentityProvider.java:314) 
                            at com.amazonaws.auth.AWSBasicCognitoIdentityProvider.refresh(AWSBasicCognitoIdentityProvider.java:77) 
                            at com.amazonaws.mobile.user.IdentityManager$AWSRefreshingCognitoIdentityProvider.refresh(IdentityManager.java:142) 
                            at com.amazonaws.auth.CognitoCredentialsProvider.startSession(CognitoCredentialsProvider.java:601) 
                            at com.amazonaws.auth.CognitoCredentialsProvider.getCredentials(CognitoCredentialsProvider.java:388) 
                            at com.amazonaws.auth.CognitoCachingCredentialsProvider.getCredentials(CognitoCachingCredentialsProvider.java:442) 
                            at com.amazonaws.mobile.user.IdentityManager$AWSCredentialsProviderHolder.getCredentials(IdentityManager.java:71) 
                            at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.invoke(AmazonDynamoDBClient.java:4168) 
                            at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.updateItem(AmazonDynamoDBClient.java:1582) 
                            at com.amazonaws.mobileconnectors.dynamodbv2.dynamodbmapper.DynamoDBMapper$SaveObjectHandler.doUpdateItem(DynamoDBMapper.java:1173) 
                            at com.amazonaws.mobileconnectors.dynamodbv2.dynamodbmapper.DynamoDBMapper$2.executeLowLevelRequest(DynamoDBMapper.java:873) 
                            at com.amazonaws.mobileconnectors.dynamodbv2.dynamodbmapper.DynamoDBMapper$SaveObjectHandler.execute(DynamoDBMapper.java:1056) 
                            at com.amazonaws.mobileconnectors.dynamodbv2.dynamodbmapper.DynamoDBMapper.save(DynamoDBMapper.java:904) 
                            at com.amazonaws.mobileconnectors.dynamodbv2.dynamodbmapper.DynamoDBMapper.save(DynamoDBMapper.java:733) 
                            at java.lang.Thread.run(Thread.java:761) 
05-25 15:27:26.718 2540-3428/com.test.example D/CognitoCachingCredentialsProvider: Identity id is changed 
05-25 15:27:26.718 2540-3428/com.test.example D/CognitoCachingCredentialsProvider: Saving identity id to SharedPreferences 
05-25 15:27:26.719 2540-3428/com.test.example D/CognitoCachingCredentialsProvider: Clearing credentials from SharedPreferences 
05-25 15:27:26.720 2540-3428/com.test.example D/AWSRefreshingCognitoIdentityProvider: Refreshing token... 
05-25 15:27:26.720 2540-3428/com.test.example D/CognitoUserPoolsSignInProvider: cognito-idp.eu-west-1.amazonaws.com/eu-west-1_pHznonQVB 
05-25 15:27:27.329 2540-3428/com.test.example W/MainActivity: run cx: com.amazonaws.services.cognitoidentity.model.NotAuthorizedException: Invalid login token. Token expired: 1495725748 >= 1495723433 (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: NotAuthorizedException; Request ID: a97ea5b2-415e-11e7-9bf5-c9c8136baadf) 
05-25 15:27:27.329 2540-3428/com.test.example D/AWSMobileClient: AWS Mobile Client is OK 

Answer 1

Ein möglicher Ansatz wäre, mit RefreshToken neue Identitäts-/Zugriffstoken abzurufen. Ich weiß, dass das Session-Objekt im cognito-javascript SDK das automatisch für Sie erledigt.