Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow the developer to provide an identity id #665

Merged
merged 10 commits into from
May 4, 2018
Merged

Allow the developer to provide an identity id #665

merged 10 commits into from
May 4, 2018

Conversation

bloveless
Copy link
Contributor

@bloveless bloveless commented Apr 16, 2018
edited
Loading

When performing a federated sign in using GetOpenIdTokenForDeveloperIdentity I receive an IdentityID and a Token from that call.

When I perform the following function call

Auth.federatedSignIn('developer', {
  token: developerTokenResponse.data.result.token,
  expires_at: developerTokenResponse.data.result.expires_at,
}

I received the following error message. Invalid login token. Can't pass in a Cognito token.

I found out through my research that this happens because a call to GetId happens when there is no identity id provided and the developer token that I get from GetOpenIdTokenForDeveloperIdentity is not allowed to call that method.

With my patch I can execute the following sign in.

Auth.federatedSignIn('developer', {
  token: developerTokenResponse.data.result.token, 
  identity_id: developerTokenResponse.data.result.identity_id,
  expires_at: developerTokenResponse.data.result.expires_at,
});

Which bypasses the call to GetID and allows me to authenticate using GetOpenIdTokenForDeveloperIdentity

This PR allows a flow as follows.

Auth.configure({
    identityPoolId: 'us-west-2:*****',
    // REQUIRED - Amazon Cognito Region
    region: 'us-west-2',
    // OPTIONAL - Enforce user authentication prior to accessing AWS resources or not
    mandatorySignIn: false,
    refreshHandlers: {
        developer: async () => {
            const developerToken = await axios.get('/api/util/developerToken.json');
            return {
                token: developerToken.data.result.token,
                identity_id: developerToken.data.result.identity_id,
                expires_at: developerToken.data.result.expires_at * 1000, // Need to convert the expired time from seconds into milliseconds.
            };
        },
    },
});

API.configure({
    endpoints: [
        {
            name: 'Looks',
            endpoint: 'https://***.execute-api.us-west-2.amazonaws.com/latest',
            region: 'us-west-2',
        },
    ],
});

Auth.currentUserCredentials().then((creds) => {
    if (!creds.authenticated) {
        axios.get('/api/util/developerToken.json').then((developerToken) => {
            Auth.federatedSignIn('developer', {
                token: developerToken.data.result.token,
                identity_id: developerToken.data.result.identity_id,
                expires_at: developerToken.data.result.expires_at * 1000, // Need to convert the expired time from seconds into milliseconds.
            }).then((user) => {
                executeApiRequest(null, user);
            }).catch((err) => {
                executeApiRequest(err);
            });
        }).catch(() => {
            executeApiRequest(null, creds);
        });
    } else {
        executeApiRequest(null, creds);
    }
}).catch((err) => {
    executeApiRequest(err);
});

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@codecov-io
Copy link

codecov-io commented Apr 16, 2018
edited
Loading

Codecov Report

Merging #665 into master will decrease coverage by 0.01%.
The diff coverage is 90.9%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #665      +/-   ##
==========================================
- Coverage   87.48%   87.47%   -0.02%     
==========================================
  Files          74       74              
  Lines        3549     3553       +4     
  Branches      677      678       +1     
==========================================
+ Hits         3105     3108       +3     
- Misses        422      423       +1     
  Partials       22       22
Impacted Files Coverage Δ
packages/aws-amplify/src/Auth/Auth.ts 88.44% <90.9%> (-0.09%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6af73ba...9b8cb0b. Read the comment docs.

@bloveless bloveless mentioned this pull request Apr 16, 2018
Closed
@bloveless
Copy link
Contributor Author

Initially I thought I could split the refresh handlers (#624) and the identity id issue (referenced in this PR) into two different PR's but as I got to developing this I realized that they are both needed in order to do developer federatedSignIn's, so I've merged the two requests into one.

@bloveless bloveless mentioned this pull request Apr 16, 2018
Closed
@mlabieniec mlabieniec mentioned this pull request Apr 20, 2018
Merged
@arelaxend arelaxend mentioned this pull request Apr 27, 2018
Closed
powerful23
powerful23 reviewed May 1, 2018
View reviewed changes
packages/aws-amplify/src/Auth/Auth.ts Outdated
// If the developer has provided an object of refresh handlers,
// then we can overwrite the default blank _refreshHandlers object.
if (refreshHandlers) {
this._refreshHandlers = refreshHandlers;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The _refreshHandlers is not blank by default. Can you append the refreshHanders to that instead of overwritting it?

@bloveless
Copy link
Contributor Author

@powerful23 Alright, I've merged the refreshHandlers rather than overwriting them.

powerful23
powerful23 approved these changes May 4, 2018
View reviewed changes
Copy link
Contributor

@powerful23 powerful23 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@powerful23 powerful23 merged commit fc3499f into aws-amplify:master May 4, 2018
@dannymcpherson dannymcpherson mentioned this pull request May 8, 2018
Closed
This was referenced Mar 14, 2021
Merged
Merged
Closed
@github-actions
Copy link

This pull request has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels or Discussions for those types of questions.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 12, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@powerful23 powerful23 powerful23 approved these changes

@richardzcode richardzcode Awaiting requested review from richardzcode

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@bloveless @codecov-io @powerful23 @mlabieniec