Cognito User Pool and Wordpress Users (signing in to wordpress with AWS)

Question

There are applications that uses Amazon Web Services and AWS User Pool for the user registry. I would like to be able to signed-in to the Wordpress cms site using the AWS app's users / AWS User Pool login info.

Has anyone done something like this?

Any thoughts?

Answer 1

You can manage such an integration by using the AWS SDK for PHP and writing a wordpress plugin that hooks into the authenticate call as described in the tutorial below:

https://ben.lobaugh.net/blog/7175/wordpress-replace-built-in-user-authentication

Instructions for installing the AWS SDK for PHP into your plugin can be found here (I followed the composer instructions to get it working):

https://docs.aws.amazon.com/aws-sdk-php/v3/guide/getting-started/installation.html

After that, a piece of code that deals just with User Pools authentication would be:

    require 'vendor/autoload.php';
    use Aws\CognitoIdentityProvider\CognitoIdentityProviderClient;
    $cognitoIdentityProviderClient = new CognitoIdentityProviderClient(['version' => '2016-04-18',
        'region'      => 'us-east-1',
        'credentials' => array(
            'key'    => get_option('aws_access_key_id'),
            'secret' => get_option('aws_secret_access_key')
        )]
    );

    $authResult = $cognitoIdentityProviderClient->adminInitiateAuth([
        'AuthFlow' => 'ADMIN_NO_SRP_AUTH',
        'UserPoolId' => get_option('cognito_userpoolid'),
        'ClientId' => get_option('cognito_clientid'),
        'AuthParameters' => ['USERNAME' => $username, 'PASSWORD' => $password],
    ]);

This is an authenticated call so it requires AWS credentials as you can see in my code above for the placeholders aws_access_key_id and aws_secret_access_key. Here is a link to AWS documentation for managing credentials in PHP:

http://docs.aws.amazon.com/aws-sdk-php/v3/guide/guide/credentials.html