Aws-sdk-js: CognitoIdentityCredentials params Logins key for sign In with Apple ID?

Created on 8 Jan 2020  路  11Comments  路  Source: aws/aws-sdk-js

Confirm by changing [ ] to [x] below:

Describe the question

What value should be used for the Logins property of the parameters required to intialize the Cognito Credentials object (CognitoIdentityCredentials) if I need to support social login for Apple ID.

AWS documentation only lists the below keys

See https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_CreateIdentityPool.html#API_CreateIdentityPool and https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/CognitoIdentity.html

I can't find what should be used for Apple ID anywhere in the AWS documentation and the aws-sdk typescript does not list it as well - see below

    /**
     * A set of optional name-value pairs that map provider names to provider tokens. The available provider names for Logins are as follows:   Facebook: graph.facebook.com    Amazon Cognito user pool: cognito-idp.<region>.amazonaws.com/<YOUR_USER_POOL_ID>, for example, cognito-idp.us-east-1.amazonaws.com/us-east-1_123456789.    Google: accounts.google.com    Amazon: www.amazon.com    Twitter: api.twitter.com    Digits: www.digits.com   
     */
    Logins?: LoginsMap;

My code as below (see WHAT SHOULD BE INSERTED HERE TO SUPPORT APPLE ID SOCIAL LOGIN placeholder)

        // The parameters required to intialize the Cognito Credentials object.
        const params = {
          AccountId: awsConfig.AWS_ACCOUNT_ID,
          RoleArn: awsConfig.IAM_ROLE_ARN,
          IdentityPoolId: awsConfig.COGNITO_IDENTITY_POOL_ID,
          Logins: { }
        };

        params.Logins[<WHAT SHOULD BE INSERTED HERE TO SUPPORT APPLE ID SOCIAL LOGIN>] = accessToken;
        // set the Amazon Cognito region
        AWS.config.region = awsConfig.AWS_REGION;
        // initialize the Credentials object with our parameters
        AWS.config.credentials = new AWS.CognitoIdentityCredentials(params);

        (AWS.config.credentials as AWS.CognitoIdentityCredentials).get((err: AWSError) => {
          if (err) {
            reject(err);
          }
          else {
            const COGNITO_IDENTITY_ID = (AWS.config.credentials as AWS.CognitoIdentityCredentials).identityId;
            awsConfig.COGNITO_IDENTITY_ID = COGNITO_IDENTITY_ID;
            this.share.cognitoIdentityId = COGNITO_IDENTITY_ID;
            resolve();
          }
        });
feature-request service-api
Source
picture ryaa

Most helpful comment

I am facing the same issue, any chance this could be implemented since Sign in Apple is available on Cognito ? Thanks 馃檹馃檹馃檹

picture bgrynblat on 22 Jan 2020
👍2

All 11 comments

Hey @ryaa, thank-you for reaching out to us with your issue.

As you mentioned that Apple is not mentioned for logins here LoginProviders that is because it is not a supported key for LoginProvider yet.

I am gonna mark this as a feature request for the service team. Will reach out to them internally with the request to implement the feature as well.

ajredniwja picture ajredniwja on 9 Jan 2020

@ajredniwja Thank you very much for a quick feedback

What is interesting is that when I picked some guessed value 'www.apple.com' just to try I鈥檓 getting _Invalid login token. Issuer doesn't match providerName_ error which looks like this is not wrong and not supported.
But when I tried 'appleid.apple.com' as suggested at SO (https://stackoverflow.com/questions/59649484/cognitoidentitycredentials-params-logins-key-for-sign-in-with-apple-id) I got _Token is not from a supported provider of this identity pool_ which looks like this is supported but AWS Cognito is not properly configured yet.

ryaa picture ryaa on 9 Jan 2020

@ryaa I believe that is still because it still has only a set number of accepted values. I read about a third party library which you can use on SO but since it is not from AWS I wont be able to comment on how to use that.

ajredniwja picture ajredniwja on 10 Jan 2020

@ajredniwja Any estimate when the appropriate key will be supported for Login Provider?

ryaa picture ryaa on 15 Jan 2020
👍2

I am facing the same issue, any chance this could be implemented since Sign in Apple is available on Cognito ? Thanks 馃檹馃檹馃檹

bgrynblat picture bgrynblat on 22 Jan 2020
👍2

Having same issue as @bgrynblat

christopherib picture christopherib on 23 Jan 2020

@ajredniwja Any updates on this? I'm running into the same problem.

Sign in with Apple is required for iOS apps (Supporting other login methods like Facebook and Google sign-ins) by April 30, 2020, else you won't be able to submit new builds for review. ( https://developer.apple.com/news/?id=09122019b / https://developer.apple.com/news/?id=03042020d )

falcon4ever picture falcon4ever on 25 Mar 2020
👀1

@falcon4ever I've just managed to solve this problem by trying one thing: just typed app identifier instead of services id in Apple tab on Authentication providers of Identity Pool. After that Apple id Token has been accepted by AWS.

YuliyaKarima picture YuliyaKarima on 8 Apr 2020
👍1

@ryaa @falcon4ever were you able to use the workaround provided by @YuliyaKarima?

ajredniwja picture ajredniwja on 7 Nov 2020

were you able to use the workaround provided by @YuliyaKarima?

yes. It worked.

ryaa picture ryaa on 7 Nov 2020

Will close this issue now, please reach out if you have any other questions.

ajredniwja picture ajredniwja on 9 Nov 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

moltar picture moltar  路  3Comments
jaggu07 picture jaggu07  路  3Comments
sebsto picture sebsto  路  3Comments
Usamaliaquat123 picture Usamaliaquat123  路  3Comments
michaelwittig picture michaelwittig  路  3Comments