Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Pre token generation lambda trigger is not working properly in .Net core.

0

Hello Team,

The pre-token generation lambda trigger for Cognito is not working properly for .net core, It is throwing this error: "error_description=Error+in+SAML+response+processing%3A+Invalid+version+in+Lambda+response.+Version+should+be+1+&error=server_error".

Same event is working fine for node js but it is not working in .net core, here is the payload response which I'm returning from Pre-Token generation lambda trigger for .Net core after modifying the claims:

{ "request": { "groupConfiguration": { "groupsToOverride": [ "us-east-1_P139c87yU_Okta" ], "iamRolesToOverride": [], "preferredRole": null }, "clientMetadata": null, "userAttributes": { "sub": "fb010969-9c01-4533-b12b-c09d454ee10f", "identities": "[{\"userId\":\"piyush.joshi@gartner.com\",\"providerName\":\"Okta\",\"providerType\":\"SAML\",\"issuer\":\"https://urldefense.com/v3/__http://www.okta.com/exk3uaojhs7McUi195d75C5C22,5C5C22primary5C5C22:true,5C5C22dateCreated5C5C22:1644401968942*7D**A22__;JSUlJSUlJSUlJSUlJSUlJV0l!!NmrTbz2Y!j8OBTzi57qqJa6c8x7egkmYdRuvuglBU0LwQm17-u2m-pf-EOQrrffVrzMnxkxiy0pE$ , "cognito:user_status": "EXTERNAL_PROVIDER", "email_verified": "false", "email": "piyush.joshi@gartner.com" } }, "response": { "claimsOverrideDetails": { "claimsToAddOrOverride": null, "claimsToSuppress": null, "groupOverrideDetails": { "groupsToOverride": [ "User", "us-east-1_P139c87yU_Okta" ], "iamRolesToOverride": [], "preferredRole": null } } }, "version": "1", "triggerSource": "TokenGeneration_HostedAuth", "region": "us-east-1", "userPoolId": "us-east-1_P139c87yU", "userName": "Okta_piyush.joshi@gartner.com", "callerContext": { "awsSdkVersion": "aws-sdk-unknown-unknown", "clientId": "nbkmuarn0v3pph35s4cnsr7li" } } *

Tópicos
Sem servidorComputação
Tags
AWS LambdaAmazon Cognito Sync
Idioma
English
AWS-User-7824937
feita há 2 anos1393 visualizações
1 Resposta
0

Hi,

May I ask if this event is somehow truncated? It does not seem to be a valid JSON. I've used our internal JSON lint tool and there seems to be an issue with the formatting under "userAttributes"

        "userAttributes": {
            "sub": "fb010969-9c01-4533-b12b-c09d454ee10f",
            "identities": "[{\"userId\":\"piyush.joshi@gartner.com\",\"providerName\":\"Okta\",\"providerType\":\"SAML\",\"issuer\":\"https://urldefense.com/v3/__http://www.okta.com/exk3uaojhs7McUi195d75C5C22,5C5C22primary5C5C22:true,5C5C22dateCreated5C5C22:16444019689427D**A22__;JSUlJSUlJSUlJSUlJSUlJV0l!!NmrTbz2Y!j8OBTzi57qqJa6c8x7egkmYdRuvuglBU0LwQm17-u2m-pf-EOQrrffVrzMnxkxiy0pE$ , "
            cognito: user_status ": "

Two things to note is that there is an opening brace in 'identities' but there is no closing. Also, the "issuer" key does not seem to have an escaped \". I just want to clarify this first if perhaps you have truncated this. If so, can you please provide the full event?

If the object is working Node but not in .NET then this seems to imply that there is actually some sort of difference with the way the Node Lambda returns the response as opposed to the .NET Lambda. I would suggest checking how exactly you are returning this response in the .NET Lambda as it may be returning it differently than expected.

I would also suggest doing an additional test by invoking both Lambda's via API Gateway. This is to confirm if the Lambda's are indeed returning the expected format back to the requester.

AWS
ENGENHEIRO DE SUPORTE
Ryan_A
respondido há 2 anos

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante