Add custom refresh handlers for custom federated identities.

[bloveless]

I'd like to request a feature.

What is the current behavior?
I'm using $cognito_client->getOpenIdTokenForDeveloperIdentity([/* custom things here */]) in php to get a developer token which I then pass into AWS Amplify by issuing the following:

    try {
        const currentUser = await Auth.currentAuthenticatedUser();
        // A user is already authenticated and logged in.
        dispatch({ type: SET_API_CONFIGURED, payload: true });
    } catch (currentUserErr) {
        const developerTokenResponse = await axios.get('/api/util/developerToken.json');
        const signInReponse = await Auth.federatedSignIn('admin.youniqueproducts.com', { token: developerTokenResponse.accessToken });

        // User was sucessfully logged in.
        dispatch({ type: SET_API_CONFIGURED, payload: true });
        // Unable to get either an unauthenticated user or authenticated.
        dispatch({ type: SET_API_CONFIGURED, payload: false });
    }

On the first request this works great! I get logged in and all is great. The second request I get

[WARN] 48:15.692 API - ensure credentials error: "no refresh hanlder for provider"

When this message is displayed the credentials are cleared and reloaded on the next page refresh.

I'm wondering if there is a way to provide my own custom refresh handler, or if you'd be interested in a PR where I explore this functionality.

Something along the lines of the following

    Auth.configure({
        // Amazon Cognito Identity Pool ID
        identityPoolId: options.cognitoIdentityPoolId,
        // Amazon Cognito Region
        region: options.cognitoRegion,
        // Allow API to make requests when the user is not logged in.
        mandatorySignIn: false,
        refreshHandlers: {
            'admin.youniqueproducts.com': () => {
                // Refresh the token here
            },
        },
    });

[bloveless]

I feel like I'm doing this wrong anyway :) I'll investigate more and close this if I am doing something wrong.

[bloveless]

Okay now that I have gone through everything I possibly can. I found out that I was indeed performing the federated sign in incorrectly.

This line:

const signInReponse = await Auth.federatedSignIn('admin.youniqueproducts.com', { token: developerTokenResponse.accessToken });

Should be this line:

const signInReponse = await Auth.federatedSignIn('developer', { token: developerTokenResponse.accessToken });

But it brings me right back to the same issue.

AuthClass - no refresh handler for provider:: "developer"

So, I'd like to continue or begin the discussion about allowing developers to provide their own refresh handlers.

Without a refresh handler the local storage gets cleared on every page load, and would likely cease to function after 5 minutes if the page was left open that long.

[bloveless]

Also, see this PR #665 which fixes an issue with providing the identity_id to the developer token.

[NeillGiraldo]

I'd like to request a feature.

What is the current behavior?
I'm using $cognito_client->getOpenIdTokenForDeveloperIdentity([/* custom things here */]) in php to get a developer token which I then pass into AWS Amplify by issuing the following:

    try {
        const currentUser = await Auth.currentAuthenticatedUser();
        // A user is already authenticated and logged in.
        dispatch({ type: SET_API_CONFIGURED, payload: true });
    } catch (currentUserErr) {
        const developerTokenResponse = await axios.get('/api/util/developerToken.json');
        const signInReponse = await Auth.federatedSignIn('admin.youniqueproducts.com', { token: developerTokenResponse.accessToken });

        // User was sucessfully logged in.
        dispatch({ type: SET_API_CONFIGURED, payload: true });
        // Unable to get either an unauthenticated user or authenticated.
        dispatch({ type: SET_API_CONFIGURED, payload: false });
    }

On the first request this works great! I get logged in and all is great. The second request I get

[WARN] 48:15.692 API - ensure credentials error: "no refresh hanlder for provider"

When this message is displayed the credentials are cleared and reloaded on the next page refresh.

I'm wondering if there is a way to provide my own custom refresh handler, or if you'd be interested in a PR where I explore this functionality.

Something along the lines of the following

    Auth.configure({
        // Amazon Cognito Identity Pool ID
        identityPoolId: options.cognitoIdentityPoolId,
        // Amazon Cognito Region
        region: options.cognitoRegion,
        // Allow API to make requests when the user is not logged in.
        mandatorySignIn: false,
        refreshHandlers: {
            'admin.youniqueproducts.com': () => {
                // Refresh the token here
            },
        },
    });

I think this is already provided, (Maybe you forgot to close this one already, but) you have to return a promise like this.

Auth.configure({

refreshHandlers: {
   'developer' : () => {
         // Code to retrieve your data
         return new Promise(function(resolve, reject){
               return resolve({
                      token: data.Token,
                      identity_id: data.IdentityId,
                      expires_at: 0
                 })
           })
      }
}

@nidsharm I think you can close this one.

[bloveless]

Yup, I added the ability to provide custom refresh handlers in the referenced PR. Closing!

[github-actions]

This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels or Discussions for those types of questions.