Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
429 views
in Technique[技术] by (71.8m points)

javascript - AWS Cognito + google signup

I have try this below code and it's working fine. However I need to store these signup details within user pool (additionally I want add some custom attributes as well). But I didn't find a proper method to do this.

function signinCallback(authResult) {
AWS.config.region = 'us-XXXXXXX-1';
            // Add the Google access token to the Cognito credentials login map.
            AWS.config.credentials = new AWS.CognitoIdentityCredentials({
                IdentityPoolId: 'us-XXXX-1:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
                RoleArn: 'arn:aws:iam::XXXXXXXX:role/Cognito_XXXXXXXXXUnauth_Role',
                Logins: {
                    'accounts.google.com': authResult['id_token']
                }
            });

            // Obtain AWS credentials
            AWS.config.credentials.get(function (err) {
                alert(err);
                if (err) {
                    console.log(err);
                } else {
                    //client = new AWS.CognitoSyncManager();
                    console.log(AWS.config.credentials);
                    console.log("Cognito Identity Id: " + AWS.config.credentials.identityId);
}});

}
<span class="g-signin" data-callback="signinCallback" data-clientid="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-XXXXXXX.apps.googleusercontent.com"
   data-cookiepolicy="single_host_origin" data-requestvisibleactions="http://schemas.google.com/AddActivity"
    data-scope="https://www.googleapis.com/auth/plus.login">
</span>
See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

As per your code snippet, you are using Cognito Federated Identities (i.e. Identity Pools) and adding your Google token to the login map. This won't add the Google user to your Cognito Userpool because in Federated Identities, Cognito Userpool is just another Identity Provider(IdP) like Google. Just like signing up a new user in your userpool does not create a new Google or Facebook account, similarly adding a Google token won't create a new Userpool user. In short, Cognito Userpool is separate from IdentityPool and activities in IdentityPool (like adding Google token in login map) do not affect it.

If you want to add google user to your userpool automatically, there is a way to do so. You need to add Google as an Identity Provider to your Userpool directly & use the Cognito's built-in (i.e hosted) UI for login. After this, all Google logins will automatically, create a new user in Userpool. Now, just add your userpool to your Identity pool i.e remove Google from your Identity Pool. In your login map, you will always use a Cognito token. Even when you login using Google (via the hosted UI), the Google token is sent directly to userpool and it vends a Cognito token. Also, make sure you specify correct attribute mappings in your userpool.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...