Menu
I am trying to authenticate my user using Cognito and developer authenticated Identities. My question is how do I set the identityId to the correct one returned from my developer backend in iOS using objective-c?
If I make the calls manually in the code or using postman the correct id is returned by my server and Cognito recognizes it and correctly swaps the tokens.
The iOS framework seems to be self assigning an identityId that is not correct. I am really struggling to understand the documentation as much of it is outdated and vague.
Here is my code below:
NSLog(@"Complete login");
NSMutableDictionary *merge = [NSMutableDictionary dictionaryWithDictionary:self.credentialsProvider.logins];
[merge addEntriesFromDictionary:logins];
self.credentialsProvider.logins = merge;
// Force a refresh of credentials to see if we need to merge
task = [self.credentialsProvider refresh];
NSLog(@"Complete login 2-- %@", self.credentialsProvider.identityId); //The identityId assigned is incorrect...
NSLog(@"Complete login 2-- %@", self.credentialsProvider.identityPoolId); //The identityPoolId is correct
SOME CLARITY BELOW: This is how it works so far: 1 - When the app runs its automatically assigns a random identityId from amazon (So the user is initially unauthenticated). 2 -The user enters their credentials then my code does a URL request to my backend which returns a valid token and the correct identityId for the username and password. 3 -Now this new identityId needs to be initialized in the code somehow to override the old unauthenticated identityId. 4 -The new idendityId and token which returned from my server need to be sent to Cognito for final authentication and Cognito returns more authentication. When I say manually I am send the request via postman.
In short: 1: How do I change/set my identityId? 2: How do I send the updated credentials received from my back end in my client to Cognito?
799
Cognito User Pool is where you manage your users, and Federated Identities is where you give access to external users AWS credentials. Said that, you have to make sure you have your Identity Pool (from Federated Identities) configured to give access to the users from your User Pool.
Grant type. Must be authorization_code or refresh_token or client_credentials . You can request an access token for a custom scope from the token endpoint when, in the app client, the requested scope is enabled, you have configured a client secret, and you have allowed client_credentials grants. Required.
Amazon Cognito provides authentication, authorization, and user management for your web and mobile apps. Your users can sign in directly with a user name and password, or through a third party such as Facebook, Amazon, Google or Apple. The two main components of Amazon Cognito are user pools and identity pools.
identityId field in AWSCognitoCredentialsProvider instance has readonly attribute so it cannot be changed once it initialized. The only way to set it is in its initialization.
id<AWSCognitoCredentialsProvider> credentialsProvider =
[[AWSCognitoCredentialsProvider alloc]
initWithRegionType:<Region>
identityProvider:identityProvider
unauthRoleArn:nil
authRoleArn:nil];
After the user is authenticated make sure to update the logins map as follow:
credentialsProvider.logins = @{DeveloperProviderName: userIdentifier}
[credentialsProvider refresh];
source: http://docs.aws.amazon.com/cognito/latest/developerguide/developer-authenticated-identities.html
p.s.: make sure you implement the identity provider correctly and in the refresh method you should set the identityId
- (AWSTask *)refresh {
/*
* Get the identityId and token by making a call to your backend
*/
// Call to your backend
// Set the identity id and token
self.identityId = response.identityId;
self.token = response.token;
return [AWSTask taskWithResult:self.identityId];
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
