Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to validate getOpenIdTokenForDeveloperIdentity cognito token

Tags:

javascript

amazon-web-services

aws-lambda

amazon-cognito

I am building an authentication system using aws lambdas, dynamodb and cognito.

Am stuck at comparing the token provided from the getOpenIdTokenForDeveloperIdentity(); call with one from the server for the specific identity.

Am getting the token and identity with:

function getToken(email, fn) {
    var param = {
        IdentityPoolId: cognitoIdentityPoolId,
        Logins: {} // To have provider name in a variable
    };
    param.Logins[cognitoDeveloperProvidedName] = email;
    cognitoidentity.getOpenIdTokenForDeveloperIdentity(param,
        function(err, data) {
            if (err) return fn(err); // an error occurred
            else fn(null, data.IdentityId, data.Token); // successful response
        });
}

Then as far as I understand it I can get the already generated token from cognito (not create a new one) like this:

function checkToken(IdentityId, email, fn){
    var param = {
        IdentityPoolId: cognitoIdentityPoolId,
        IdentityId: IdentityId,
        Logins: {}
    };
    param.Logins[cognitoDeveloperProvidedName] = email;
    cognitoidentity.getCredentialsForIdentity(param, 
        function(err, data) {
            if (err) return fn(err);
            else fn(null, data);
        });
}

But I can't seem to get it to work

Any ideas?

like image 295
csilk Avatar asked Apr 06 '16 00:04

csilk

People also ask

How do I know if my Cognito token is expired?

You can decode the JWT token and also cache this expiry along with the token. Every time the cache for the tokens is accessed, also check the current time against the cached expiry time. If expired, use the Refresh token to obtain the latest Access and ID token and cache the tokens and expiry again.

How long are Cognito tokens valid?

By default, Amazon Cognito refresh tokens expire 30 days after a user signs in to a user pool. When you create an app, you can set the app's refresh token expiration to any value between 60 minutes and 10 years.

How do I get my Cognito access token authorization code?

Simply, You can request the id/access/refresh tokens using the code and the Cognito clientId+hostname, then use the id and access token to identify the user in your API calls.

Video Answer

1 Answers

Figured it out, the checkToken function needs to look like this:

function checkToken(providedIdentity, token, fn){
    var param = {
        IdentityId: providedIdentity,
        Logins: {}
    };
    param.Logins['cognito-identity.amazonaws.com'] = token;
    cognitoidentity.getCredentialsForIdentity(param, 
        function(err, data) {
            if (err) return fn(err);
            else fn(null, data);
        });
}

I needed to set cognito-identity.amazonaws.com as the login provider

like image 166
csilk Avatar answered Sep 29 '22 19:09

csilk
Sign in to Comment

Related questions

Web audio oscillator is clicking in Firefox only
Interval doesn't clear immediately after repeating for a while
Bootstrap modal showing when clicking individual points in Linechart but not in individual bars in Barchart
Preemptive getBBox calculation
Node.js not closing files created by fs.createReadStream()
Enzyme Throws an error if the React Component requires jQuery
voting arrows like stack overflow with bootstrap, how do I reduce the size of glyph-icon items and bring them tighter
How do I grab the two largest integers from a Javascript Array and return the value to the DOM?
how to automatically record a video response after the video stops playing using flash
React render not working with createElement
Bootstrapping Hybrid Angular 1+2 Application
AngularJS service inheritance issues
How to increase margins around a word except at the edges of a line
Webpack loader equivalent of requirejs plugin load with XMLHttpRequest
Can't capture "document.(...).tagName" in phonegap inside inAppBrowser
What's the value proposition for ESLint's "consistent return" rule?
Call js function defined in a babel script from HTML
Enforcing newlines separating code blocks in eslint
npm overhead - how to handle this?
Redefinition of Promise

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!