问题描述

我们正在努力在我们的Andr​​oid和iOS应用程序，以实现AWS安全令牌服务。在后端，我们使用的是低于code，生成令牌：

We are trying to implement AWS Security Token Service in our android and iOS app. At backend we are using below code to generate token:

public class CloudManagementImpl implements CloudManagement{

    private static final Logger Log = LoggerFactory.getLogger(CloudManagementImpl.class);

    @Override
    public CloudConfiguration getCloudProperties() {

        CloudConfiguration CloudConfiguration = new CloudConfiguration();

        AssumeRoleRequest assumeRoleRequest = new AssumeRoleRequest();
        assumeRoleRequest.setRoleArn(JiveGlobals.getProperty(XYZConstant.AWS_ARN_EC2_ROLE_MAP));
        assumeRoleRequest.setRoleSessionName(XYZConstant.AWS_ROLE_SESSIONNAME);
        assumeRoleRequest.setDurationSeconds(JiveGlobals.getIntProperty(XYZConstant.AWS_CREDENTIALS_LIFETIME, 1800));

        AWSSecurityTokenServiceClient stsClient = new AWSSecurityTokenServiceClient();
        AssumeRoleResult assumeRoleResult = stsClient.assumeRole(assumeRoleRequest);
        if (assumeRoleResult != null) {
            Credentials sessionCredentials = assumeRoleResult.getCredentials();
            CloudConfiguration.setAwsAccessId(sessionCredentials.getAccessKeyId());
            CloudConfiguration.setAwsAccessKey(sessionCredentials.getSecretAccessKey());
            CloudConfiguration.setToken(sessionCredentials.getSessionToken());
            CloudConfiguration.setAwsMainBucket(JiveGlobals.getProperty(XYZConstant.AWS_MAIN_BUCKET));
        } else {
            Log.error("Cloud Management :: Propery values not configured ");
        }

        return CloudConfiguration;
    }

}

生成的令牌在iOS和Android应用程序，通过一个单独的Web服务调用，然后得到的。

Generated token is then obtained in iOS and android app through a separate web-service call.

在安卓我们使用以下code消耗获取令牌：

In android we are using below code to consume retrieved token:

public S3Client(String accessKey, String secretKey, String token, String bucketName) {
        super();
        this.accessKey = accessKey;
        this.secretKey = secretKey;
        this.bucketName = bucketName;
        BasicSessionCredentials basicSessionCredentials = new BasicSessionCredentials(accessKey, secretKey, token);
        amazonS3Client = new AmazonS3Client(basicSessionCredentials);

    }

但问题是 -

Problem is -

我们没有像Android的API中的AWS移动SDK版本2的iOS，  利用它我们可以消费检索到的道理，也许是最好的办法  实现这个东西的iOS是通过AWSCognitoCredentialsProvider，  但我们不能确定。

请建议 - 什么是iOS中整合AWS安全令牌服务的最佳途径。

Please suggest - what is the best way to integrate AWS Security Token Service in iOS.

推荐答案

您需要通过符合 AWSCredentialsProvider 来实现自己的凭据提供。听起来像是你已经拥有了获取临时凭据从服务器code段。这种逻辑应该进入你的自定义凭据提供。您可以在执行看看 AWSWebIdentityCredentialsProvider 和 AWSCognitoCredentialsProvider 如何实现自己的凭据提供。

You need to implement your own credentials provider by conforming to AWSCredentialsProvider. Sounds like you already have a code snippet that retrieves the temporary credentials from your server. That logic should go into your custom credentials provider. You can take a look at the implementation of AWSWebIdentityCredentialsProvider and AWSCognitoCredentialsProvider for how to implement your own credentials provider.

这篇关于STS集成与AWSS3TransferManagerUploadRequest和AWSS3TransferManagerDownloadRequest的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！