Я использую AWS Cognito для аутентификации пользователей моего сайта через Google Federated Identity. Кажется, все работает правильно, возвращаются правильные токены (насколько я могу судить), и пользователь, кажется, аутентифицирован. Однако я не могу понять, как автоматически добавить пользователя Google в мой пул Cognito User, и я не нашел никакой документации, которая дала бы мне ответ. Есть идеи?
Вот мой угловой код:
import { Component, OnInit } from '@angular/core';
import { environment } from "src/environments/environment";
import { Cookie } from 'ng2-cookies/ng2-cookies';
import Auth from '@aws-amplify/auth';
declare const gapi: any;
declare const AWS: any;
const config = Auth.configure({
identityPoolId: environment.AWS_IDENTITY_POOL_ID,
region: environment.AWS_REGION,
userPoolId: environment.AWS_USER_POOL_ID,
userPoolWebClientId: environment.CLIENT_ID
});
@Component({
selector: 'authentication',
templateUrl: './authentication.component.html',
styleUrls: ['./authentication.component.sass']
})
export class AuthenticationComponent implements OnInit {
public auth2: any;
constructor() { }
ngOnInit() {
this.googleInit();
}
// called immediately, preps for the click of the google button
googleInit() {
// google's function to prep user
gapi.load('auth2', () => {
this.auth2 = gapi.auth2.init({
access_type: "offline",
client_id: environment.GOOGLE_ID,
client_secret: environment.CLIENT_SECRET,
cookiepolicy: 'single_host_origin',
scope: 'profile email'
});
// calls this on sign in
this.attachSignin(document.getElementById('googleBtn'));
});
}
// once a user is in the pop up login window
attachSignin(element) {
this.auth2.attachClickHandler(element, {},
// this part is called if they successfully sign in
(googleUser) => {
// stores the user's profile
let profile = googleUser.getBasicProfile();
this.getCreds(googleUser.getAuthResponse(), profile.getEmail(), profile.getName())
// this is called if the sign in does not work or if they close the window or anything of that sort
}, (error) => {
console.log(JSON.stringify(error, undefined, 2));
});
}
getCreds(authResult: any, email: string, name: string) {
Auth.federatedSignIn('google', {
token: authResult.id_token,
expires_at: authResult.expires_at
}, {email, name}
).then(response => {
console.log(response);
return Auth.currentAuthenticatedUser();
}).catch(e => {
console.log(e)
});
this.queryAWS(authResult.id_token);
}
queryAWS(id_token: any) {
AWS.config.region = environment.AWS_REGION;
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId: environment.AWS_IDENTITY_POOL_ID,
Logins: { "accounts.google.com": id_token }
});
AWS.config.credentials.get(err => {
if (!err) {
Cookie.set('awsAuthenticated', 'true', 7);
sessionStorage.setItem('expireTime', AWS.config.credentials['expireTime']);
}
else {
console.log(err);
}
});
}
}