Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

AWS Cognito + google signup

I have try this below code and it's working fine. However I need to store these signup details within user pool (additionally I want add some custom attributes as well). But I didn't find a proper method to do this.

function signinCallback(authResult) {
			AWS.config.region = 'us-XXXXXXX-1';
            // Add the Google access token to the Cognito credentials login map.
            AWS.config.credentials = new AWS.CognitoIdentityCredentials({
                IdentityPoolId: 'us-XXXX-1:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
                RoleArn: 'arn:aws:iam::XXXXXXXX:role/Cognito_XXXXXXXXXUnauth_Role',
                Logins: {
                    'accounts.google.com': authResult['id_token']
                }
            });

            // Obtain AWS credentials
            AWS.config.credentials.get(function (err) {
                alert(err);
                if (err) {
                    console.log(err);
                } else {
                    //client = new AWS.CognitoSyncManager();
                    console.log(AWS.config.credentials);
                    console.log("Cognito Identity Id: " + AWS.config.credentials.identityId);
					}});
					
					}
<span class="g-signin" data-callback="signinCallback" data-clientid="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-XXXXXXX.apps.googleusercontent.com"
   data-cookiepolicy="single_host_origin" data-requestvisibleactions="http://schemas.google.com/AddActivity"
    data-scope="https://www.googleapis.com/auth/plus.login">
</span>

I want to save it here.

enter image description here

like image 646
mugzi Avatar asked Jan 29 '18 14:01

mugzi


People also ask

How do I add Google to Cognito?

In the Amazon Cognito console, choose Manage user pools, and then choose your user pool. In the left navigation pane, under Federation, choose Identity providers. Choose Google.

Can AWS Cognito be used for SSO?

Your user pool acts as a service provider (SP) on behalf of your application. Amazon Cognito supports SP-initiated single sign-on (SSO) as described in section 5.1.


1 Answers

As per your code snippet, you are using Cognito Federated Identities (i.e. Identity Pools) and adding your Google token to the login map. This won't add the Google user to your Cognito Userpool because in Federated Identities, Cognito Userpool is just another Identity Provider(IdP) like Google. Just like signing up a new user in your userpool does not create a new Google or Facebook account, similarly adding a Google token won't create a new Userpool user. In short, Cognito Userpool is separate from IdentityPool and activities in IdentityPool (like adding Google token in login map) do not affect it.

If you want to add google user to your userpool automatically, there is a way to do so. You need to add Google as an Identity Provider to your Userpool directly & use the Cognito's built-in (i.e hosted) UI for login. After this, all Google logins will automatically, create a new user in Userpool. Now, just add your userpool to your Identity pool i.e remove Google from your Identity Pool. In your login map, you will always use a Cognito token. Even when you login using Google (via the hosted UI), the Google token is sent directly to userpool and it vends a Cognito token. Also, make sure you specify correct attribute mappings in your userpool.

like image 99
agent420 Avatar answered Sep 18 '22 21:09

agent420