Spring-cloud-aws: Feature Request: Spring Security integration with Amazon Cognito

Created on 13 Jan 2016  Â·  10Comments  Â·  Source: spring-cloud/spring-cloud-aws

Amazon Cognito:

Amazon Cognito is a service that makes it easy to save mobile user data, such as app preferences or game state, in the AWS Cloud without writing any backend code or managing any infrastructure. Cognito offers mobile identity management and data synchronization across devices. You can save data locally on users’ devices allowing your applications to work even when the devices are offline. You can also synchronize data across a user’s devices so that their app experience will be consistent regardless of the device they use. With Amazon Cognito, you can focus on creating great app experiences instead of having to worry about building and managing a backend solution to handle user authentication, network state, storage, and sync.

As can be seen, Amazon focuses on not having any backend implementation (typically, your mobile application calls other Amazon services directly after using Cognito), but it would be beneficial to implement your own backend service and yet leveraging on Amazon Cognito for user authentication. Like Spring Social, Cognito offers authentication integration with Facebook, Twitter, OpenId and others, but Amazon Cognito Identity also offers anonymous authentication (that later can be promoted to a real authentication for the same user). In contrast to Spring Social, Cognito Identoty also enables Amazon Cognito Sync service that among other things synchronize the state of your mobile app with the AWS cloud.

In the blog post Use Amazon Cognito in your website for simple AWS authentication the authentication flow is outlined for some programming languages, including Java.

cognito feature

Most helpful comment

All 10 comments

See also the AWSCognitoSampleDeveloperAuthenticationSample sample project that is provided by the Amazon Web Services - Labs GitHub account.

With new ALB security support this feature would be really nice to have.
https://aws.amazon.com/blogs/aws/built-in-authentication-in-alb/

That AWS sample code is a beast... anything using JWT is over-complicated and unnecessary in a server environment (you are using Spring right?). Here's a more minimal implementation of AWS Cognito on server-side Spring Security: https://gist.github.com/alexramos1/329f8a927707c266e06bf41219f66570

i want to notice my new project for ResourceServerConfigurerAdapter compatible with cognito, just updated to spring boot 2.1.1

https://github.com/xanscale/CognitoResourceServer

i don't know if my code is good or not, actually works. any help are wellcome

@andrefaria @matsev

Hi, I wonder what is the blockers with this feature? any news or is there any plan for doing it sometime soon?

@Vostan did you try my implementation? See above.

@alexramos1 No I did not try it, but I will try it out soon. Thanks! but my idea is that That would be awesome if this would be a part of Spring-cloud-aws!

Hi everyone, I have created a draft for this feature. Still pending to add some tests and docs but after reading some docs that should work

Was this page helpful?
0 / 5 - 0 ratings