Aws-sdk-android: Developer authenticated federated logins
Amplify Auth for Cognito Identity logins using Developer Authentication
With AWS Mobile you used to be able to login to AWS using developer authenticated credentials.
I looked up the enum for federated login and found this:
package com.amazonaws.mobile.client;
public enum IdentityProvider {
AMAZON("www.amazon.com"),
FACEBOOK("graph.facebook.com"),
GOOGLE("accounts.google.com"),
TWITTER("api.twitter.com");
I noticed in the javascript repository, there is support for developer logins:
https://github.com/aws-amplify/amplify-js/pull/425/files
Is there any reason why developer logins were not included in amplify? I need to use it before I can migrate existing users over to Cognito User Pools.
The previous guides to get this done, including the CognitoSyncDemo and the links on other documentation were deprecated and removed. Why would they be deprecated when there is no replacement feature in the new library?
andymartinwork
All 7 comments
Hi @andymartinwork ,
The enum is provided for convenience. The federatedSignIn(String, String) api accepts a String, so you may pass in the required value.
minbi
on 17 Nov 2018
It turns out federatedSignIn wasn't what I wanted in the end, since that would mean storing the secret in the app.
I managed to dig up the Cognito Sync Sample Demo from an old commit and create a DeveloperAuthenticationProvider.
In the end, I had to remove any reference to Amplify, since there is no existing way to do this in the amplify framework, and use the lower-level libraries.
andymartinwork
on 28 Nov 2018
Hi @andymartinwork,
Can you elaborate why you think that using federatedSignIn requires storing the secret? Also, can you describe your specific use case? Could User Pools work for your use case, and if not why so?
Thanks,
Frank
frankmuellr
on 29 Nov 2018
I want to do this:
My company has an existing user database which we may move into user pools eventually, but are not doing that right now. I want our app to access amazon services (specifically IoT) using our developer authentication.
To authenticate with our backend login system, our backend needs to authenticate with Cognito and pass back open id credentials. I then use these open id credentials to authenticate the client app with amazon, so I can access the services directly.
I tried to pass in the open id token and cognito-identity.amazonaws.com as the parameters in the federated login but got the reply:
"com.amazonaws.services.cognitoidentity.model.NotAuthorizedException: Invalid login token. Can鈥檛 pass in a Cognito token. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: NotAuthorizedException;"
The only way I have found to solve the problem is by creating a CognitoCachingCredentialsProvider with the open id details to set up an AmazonCognitoIdentityClient and call getCredentialsForIdentity.
andymartinwork
on 29 Nov 2018
@andymartinwork Thank you for your detailed response. We are tracking this issue as part of the effort in https://github.com/aws-amplify/aws-sdk-android/issues/634.
kvasukib
on 14 Feb 2019
One more comment - do you know if this was done on iOS as well?
andymartinwork
on 15 Mar 2019
Hi @andymartinwork ,
This feature was also released on the iOS side.
minbi
on 15 Mar 2019
Related issues
shabana0508
路
3Comments
osugikoji
路
4Comments
mockturtl
路
4Comments
logo17
路
4Comments
yoshka88
路
3Comments
Most helpful comment
Hi @andymartinwork ,
This feature was also released on the iOS side.