Aws-mobile-appsync-sdk-js: Appsync Authentication - AWS Cognito User Pools with AWS Amplify

Created on 6 Jan 2018  路  10Comments  路  Source: awslabs/aws-mobile-appsync-sdk-js

To pass the jwtToken in auth object https://www.youtube.com/watch?v=vAjf3lyjf8c&feature=youtu.be&t=3410 talks about passing it like:

screen shot 2018-01-06 at 1 48 07 pm

but Auth.currentSession returns a promise (not sure if above approach is correct) so I followed this approach:

screen shot 2018-01-06 at 1 49 09 pm

Now jwtToken is successfully generated but client auth object doesn't wait for credentials to get generated.

What is the right way to generate token on the client side for cognito user pools?

Reference Implementation: https://github.com/serverless/serverless-graphql/pull/227

```
Amplify.configure({
Auth: {
region: process.env.REACT_APP_AWS_AUTH_REGION, // REQUIRED - Amazon Cognito Region
userPoolId: process.env.REACT_APP_USER_POOL_ID, //OPTIONAL - Amazon Cognito User Pool ID
userPoolWebClientId: process.env.REACT_APP_CLIENT_APP_ID, //User Pool App Client ID
},
});

const getCreds = async () => {
return await Auth.currentSession()
.then(data => {
return data.idToken.jwtToken;
})
.catch(err => console.log(err));
};

const client = new AWSAppSyncClient({
url: process.env.REACT_APP_GRAPHQL_ENDPOINT,
region: process.env.REACT_APP_AWS_CLIENT_REGION,
auth: {
type: AUTH_TYPE.AMAZON_COGNITO_USER_POOLS,
jwtToken: getCreds(),
},
});```

Most helpful comment

Hey @sid88in and @lolcoolkat with the latest aws-amplify and aws-appsync you can do something like this:

// AppSync client instantiation
const client = new AWSAppSyncClient({
  url: AppSync.graphqlEndpoint,
  region: AppSync.region,
  auth: {
    // IAM
    // type: AUTH_TYPE.AWS_IAM,
    // credentials: () => Auth.currentCredentials(),

    // COGNITO USER POOLS
    type: AUTH_TYPE.AMAZON_COGNITO_USER_POOLS,
    jwtToken: async () => (await Auth.currentSession()).getAcceessToken().getJwtToken(),
  },
});

Hope that helps

All 10 comments

Hi, thanks for the feedback Right now you would need to manage the JWT Token externally and refresh it, passing the value into the client constructor. However we're investigating a method that will allow you to pass in a promise to the client constructor which could reference Amplify's Auth category.

thanks @undefobj for looking into it :)

Check out vossberg's solution towards the bottom of the link below @sid88in for an example of fixing this!

https://forums.aws.amazon.com/thread.jspa?threadID=270662&tstart=0

meeoowww @lolcoolkat it worked :D:D thanks a lot. I am going to integrate this solution in https://github.com/serverless/serverless-graphql/pull/227

Hey @sid88in and @lolcoolkat with the latest aws-amplify and aws-appsync you can do something like this:

// AppSync client instantiation
const client = new AWSAppSyncClient({
  url: AppSync.graphqlEndpoint,
  region: AppSync.region,
  auth: {
    // IAM
    // type: AUTH_TYPE.AWS_IAM,
    // credentials: () => Auth.currentCredentials(),

    // COGNITO USER POOLS
    type: AUTH_TYPE.AMAZON_COGNITO_USER_POOLS,
    jwtToken: async () => (await Auth.currentSession()).getAcceessToken().getJwtToken(),
  },
});

Hope that helps

@manueliglesias I get "Network error: The string did not match the expected pattern."

https://github.com/serverless/serverless-graphql/pull/263/files

nvm worked :) I had to upgrade all amplify/appsync packages

@manueliglesias

I might suggest adding promise resolver function in case of error. This will prevent anything from being printed to the console.log.

 jwtToken: async () => (await Auth.currentSession()
        .then(data => {
          return data
        })
        .catch(err => {
          return err
        })).getIdToken().getJwtToken(),

@manueliglesias it should probably be getAccessToken() instead of getAcceessToken() just a small typo

Hey @sid88in and @lolcoolkat with the latest aws-amplify and aws-appsync you can do something like this:

// AppSync client instantiation
const client = new AWSAppSyncClient({
  url: AppSync.graphqlEndpoint,
  region: AppSync.region,
  auth: {
    // IAM
    // type: AUTH_TYPE.AWS_IAM,
    // credentials: () => Auth.currentCredentials(),

    // COGNITO USER POOLS
    type: AUTH_TYPE.AMAZON_COGNITO_USER_POOLS,
    jwtToken: async () => (await Auth.currentSession()).getAcceessToken().getJwtToken(),
  },
});

Hope that helps

Hey guys!
If take error, try bellow.

import {Auth} from "aws-amplify"

const client = new AWSAppSyncClient({
  url: AppSync.graphqlEndpoint,
  region: AppSync.region,
  auth: {
    type: AUTH_TYPE.AMAZON_COGNITO_USER_POOLS,
    jwtToken: (await Auth.currentSession()).accessToken.jwtToken, // adjust 
  },
});
Was this page helpful?
0 / 5 - 0 ratings

Related issues

manueliglesias picture manueliglesias  路  3Comments

asadowns picture asadowns  路  3Comments

yarax picture yarax  路  3Comments

mwarger picture mwarger  路  3Comments

peterservisbot picture peterservisbot  路  3Comments