Aws-mobile-appsync-sdk-js: Appsync Authentication - AWS Cognito User Pools with AWS Amplify

Created on 6 Jan 2018  路  10Comments  路  Source: awslabs/aws-mobile-appsync-sdk-js

To pass the jwtToken in auth object https://www.youtube.com/watch?v=vAjf3lyjf8c&feature=youtu.be&t=3410 talks about passing it like:

screen shot 2018-01-06 at 1 48 07 pm

but Auth.currentSession returns a promise (not sure if above approach is correct) so I followed this approach:

screen shot 2018-01-06 at 1 49 09 pm

Now jwtToken is successfully generated but client auth object doesn't wait for credentials to get generated.

What is the right way to generate token on the client side for cognito user pools?

Reference Implementation: https://github.com/serverless/serverless-graphql/pull/227

```
Amplify.configure({
Auth: {
region: process.env.REACT_APP_AWS_AUTH_REGION, // REQUIRED - Amazon Cognito Region
userPoolId: process.env.REACT_APP_USER_POOL_ID, //OPTIONAL - Amazon Cognito User Pool ID
userPoolWebClientId: process.env.REACT_APP_CLIENT_APP_ID, //User Pool App Client ID
},
});

const getCreds = async () => {
return await Auth.currentSession()
.then(data => {
return data.idToken.jwtToken;
})
.catch(err => console.log(err));
};

const client = new AWSAppSyncClient({
url: process.env.REACT_APP_GRAPHQL_ENDPOINT,
region: process.env.REACT_APP_AWS_CLIENT_REGION,
auth: {
type: AUTH_TYPE.AMAZON_COGNITO_USER_POOLS,
jwtToken: getCreds(),
},
});```

picture sid88in

Most helpful comment

Hey @sid88in and @lolcoolkat with the latest aws-amplify and aws-appsync you can do something like this:

// AppSync client instantiation
const client = new AWSAppSyncClient({
  url: AppSync.graphqlEndpoint,
  region: AppSync.region,
  auth: {
    // IAM
    // type: AUTH_TYPE.AWS_IAM,
    // credentials: () => Auth.currentCredentials(),

    // COGNITO USER POOLS
    type: AUTH_TYPE.AMAZON_COGNITO_USER_POOLS,
    jwtToken: async () => (await Auth.currentSession()).getAcceessToken().getJwtToken(),
  },
});

Hope that helps

picture manueliglesias on 19 Jan 2018
👍15 🎉5

All 10 comments

Hi, thanks for the feedback Right now you would need to manage the JWT Token externally and refresh it, passing the value into the client constructor. However we're investigating a method that will allow you to pass in a promise to the client constructor which could reference Amplify's Auth category.

undefobj picture undefobj on 8 Jan 2018
👍1

thanks @undefobj for looking into it :)

sid88in picture sid88in on 9 Jan 2018
👍1

Check out vossberg's solution towards the bottom of the link below @sid88in for an example of fixing this!

https://forums.aws.amazon.com/thread.jspa?threadID=270662&tstart=0

dmitryyankowski picture dmitryyankowski on 12 Jan 2018
🎉2

meeoowww @lolcoolkat it worked :D:D thanks a lot. I am going to integrate this solution in https://github.com/serverless/serverless-graphql/pull/227

sid88in picture sid88in on 19 Jan 2018

Hey @sid88in and @lolcoolkat with the latest aws-amplify and aws-appsync you can do something like this:

// AppSync client instantiation
const client = new AWSAppSyncClient({
  url: AppSync.graphqlEndpoint,
  region: AppSync.region,
  auth: {
    // IAM
    // type: AUTH_TYPE.AWS_IAM,
    // credentials: () => Auth.currentCredentials(),

    // COGNITO USER POOLS
    type: AUTH_TYPE.AMAZON_COGNITO_USER_POOLS,
    jwtToken: async () => (await Auth.currentSession()).getAcceessToken().getJwtToken(),
  },
});

Hope that helps

manueliglesias picture manueliglesias on 19 Jan 2018
👍15 🎉5

@manueliglesias I get "Network error: The string did not match the expected pattern."

https://github.com/serverless/serverless-graphql/pull/263/files

sid88in picture sid88in on 19 Jan 2018

nvm worked :) I had to upgrade all amplify/appsync packages

sid88in picture sid88in on 19 Jan 2018
🎉1

@manueliglesias

I might suggest adding promise resolver function in case of error. This will prevent anything from being printed to the console.log.

 jwtToken: async () => (await Auth.currentSession()
        .then(data => {
          return data
        })
        .catch(err => {
          return err
        })).getIdToken().getJwtToken(),
menkveldj picture menkveldj on 5 Mar 2018

@manueliglesias it should probably be getAccessToken() instead of getAcceessToken() just a small typo

yalamber picture yalamber on 13 Aug 2018
👍3

Hey @sid88in and @lolcoolkat with the latest aws-amplify and aws-appsync you can do something like this:

// AppSync client instantiation
const client = new AWSAppSyncClient({
  url: AppSync.graphqlEndpoint,
  region: AppSync.region,
  auth: {
    // IAM
    // type: AUTH_TYPE.AWS_IAM,
    // credentials: () => Auth.currentCredentials(),

    // COGNITO USER POOLS
    type: AUTH_TYPE.AMAZON_COGNITO_USER_POOLS,
    jwtToken: async () => (await Auth.currentSession()).getAcceessToken().getJwtToken(),
  },
});

Hope that helps

Hey guys!
If take error, try bellow.

import {Auth} from "aws-amplify"

const client = new AWSAppSyncClient({
  url: AppSync.graphqlEndpoint,
  region: AppSync.region,
  auth: {
    type: AUTH_TYPE.AMAZON_COGNITO_USER_POOLS,
    jwtToken: (await Auth.currentSession()).accessToken.jwtToken, // adjust 
  },
});
ragate-tatsuyoshi picture ragate-tatsuyoshi on 23 Jul 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

manueliglesias picture manueliglesias  路  3Comments
asadowns picture asadowns  路  3Comments
yarax picture yarax  路  3Comments
mwarger picture mwarger  路  3Comments
peterservisbot picture peterservisbot  路  3Comments