使用Instagram的作为API网关的“授权” - AWS Cognito

问题描述 投票:0回答:1

我使用Congnito用户群来执行其工作正常API网关授权。现在,我想补充的Instagram作为登录提供商之一,我在联合身份创建自定义身份验证提供者,并使用下面的代码:

var cognitoidentity = new AWS.CognitoIdentity({ apiVersion: '2014-06-30' });

var params = {
    IdentityPoolId: 'us-east-1:7d99e750-.....',
    Logins: {
        'login.instagram': 'Access-Token-Returned-By-Instagram',
    },
    TokenDuration: 60
};

cognitoidentity.getOpenIdTokenForDeveloperIdentity(params, function (err, data) {
    if (err) {
        console.log(err, err.stack);
    } else {
        console.log(data);
        var idParams = {
            IdentityId: data['IdentityId'],
            Logins: {
                'cognito-identity.amazonaws.com': data['Token']
            }
        };

        cognitoidentity.getCredentialsForIdentity(idParams, function (err2, data2) {
            if (err2) console.log(err2, err2.stack); // an error occurred
            else console.log(data2);           // successful response
        });
    }
});

我能够得到的accessToken和sessionToken,但是,我仍然无法找到一种方式来获得idToken和的accessToken这是由API网关需要授权传入的请求。

我试图寻找到SDK以及AWS论坛,但我仍然无法找到一种方法,使用自定义的联合身份提供商授权其使用cognito用户池API网关。

amazon-web-services amazon-cognito aws-cognito aws-sdk-js
1个回答
0
投票

我要带一抡在这个....

  1. 你有cognito用户? 没有
import { CognitoUser, CognitoUserPool, AuthenticationDetails } from "amazon-cognito-identity-js";

let cognitoUser;

const userPool = new CognitoUserPool({
   UserPoolId: config.USER_POOL.pool_Id, //your userpool id
   ClientId: config.appClientId, //your appClient 
});

const userData = {
       Username: 'user name',
       Pool: userPool
 };

cognitoUser = new CognitoUser(userData);
/* Should now have a cognitoUser */
  1. 验证您的cognito用户
const authenticationData = {
    Username : payload.userName,
    Password : payload.password,
};

const authenticationDetails = new AuthenticationDetails(authenticationData);

cognitoUser.authenticateUser(authenticationDetails, {
    onSuccess: function (result) {
        const accessToken = result.getAccessToken().getJwtToken();

        /* Use the idToken for Logins Map when Federating User Pools with identity pools or when passing through an Authorization Header to an API Gateway Authorizer*/
         const idToken = result.idToken.jwtToken;

          /*
            Do something with 
              idToken
              accessToken

           I would write them to a file or encrypt them and store them on the localStorage OR encrypt and save in REDUX store.
          */


    },

    onFailure: function(err) {
         //handle error
   },

});
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.