Timmy T
Reputation: 15
Users show up on Auth0 but not in AWS Cognito Identity Pool
Ok so I am building an iOS app that uses Auth0 as an authentication manager and AWS that hosts all of my apps other features.
However I can create and authenticate users with Auth0 but I can not get users to register in my AWS Identity Pool.
Here below is my code:
// MARK: - IBAction Login
// This button brings up the Auth0 View Controller.
@IBAction func tryLogIn(_ sender: Any) {
let controller = A0Lock.shared().newLockViewController()
controller?.closable = true
controller?.onAuthenticationBlock = { maybeProfile, maybeToken in
// Do something to with token profile. e.g: save time. e.g: save them.
// Lock will not save the for you.
// Now it is set up to save the information.
guard
let token = maybeToken,
let refreshToken = token.refreshToken
else {
return
}
let keychain = A0SimpleKeychain(service: "Auth0")
keychain.setString(token.idToken, forKey: "id_token")
keychain.setString(refreshToken, forKey: "refresh_token")
// The idToken does't exist, therefore the user has to enter their credentials to gain access.
// Present the A0Lock login View Controller here.
A0Lock.shared().present(controller, from: self)
return
}
// MARK: - idToken exists
// An idToken exists.
// It needs to pass the validation test before access is granted.
let keychain = A0SimpleKeychain(service: "Auth0")
guard let idToken = keychain.string(forKey: "id_token") else {
// Present the A0Lock login view controller here.
A0Lock.shared().present(controller, from: self)
return
}
// MARK: - idToken validation test.
// To be useful the idToken has to pass the validation test!
// Initialize the validation test!
let client = A0Lock.shared().apiClient()
client.fetchUserProfile(withIdToken: idToken,
success: { profile in
// The idToken is valid so it is safe to continue.
// The fetched user profile is stored.
keychain.setData(NSKeyedArchiver.archivedData(withRootObject: profile), forKey: "profile")
// At this point, the user can log into the app by seguing to the next user interface.
A0Lock.shared().present(controller, from: self)
self.performSegue(withIdentifier: "CurrentlyLoggedIn", sender: nil)
},
failure: { error in
// The idToken has expired or is no longer valid anymore.
let keychain = A0SimpleKeychain(service: "Auth0")
guard keychain.string(forKey: "refresh_token") != nil
else
{
keychain.clearAll()
return
}
let client = A0Lock.shared().apiClient()
client.fetchNewIdToken(withRefreshToken: "refresh_token", parameters: nil, success: { (newToken) in
// Congratulations, the user has now a new idToken!
keychain.setString(newToken.idToken, forKey: "id_token")
},
failure: { (error) in
// refreshToken is no longer required.
// Cleaning stored values since they are no longer required.
keychain.clearAll()
})
})
// MARK: - Amazon AWS Cognito.
// This should link the authentication methods together.
// Initialize the Amazon Cognito credentials provider
let credentialsProvider = AWSCognitoCredentialsProvider(regionType:.apNortheast1,
identityPoolId:"ap-northeast-1:697ca223-9b17-4701-bb37-6ef201abde74")
let configuration = AWSServiceConfiguration(region:.apNortheast1, credentialsProvider:credentialsProvider)
AWSServiceManager.default().defaultServiceConfiguration = configuration
// Declaring developer identity here.
credentialsProvider.logins?["marcardian.au.auth0.com"]
// Initialize the Cognito Sync client
let syncClient = AWSCognito.default()
// Create a record in a dataset and synchronize with the server
let dataset = syncClient?.openOrCreateDataset("myDataset")
dataset?.setString("myValue", forKey:"myKey")
dataset?.synchronize().continue ({ (task: AWSTask!) -> AnyObject! in
// Your handler code here
return nil
})
}
When it runs it looks like this:
2016-11-24 18:33:18.654 FireStick[37559:520593] AWSiOSSDK v2.4.11 [Debug] AWSURLSessionManager.m line:553 | -[AWSURLSessionManager printHTTPHeadersForResponse:] | Responseheaders:
{
Connection = "keep-alive";
"Content-Length" = 111;
"Content-Type" = "application/x-amz-json-1.1";
Date = "Thu, 24 Nov 2016 07:33:17 GMT";
"x-amzn-ErrorMessage" = "Unauthenticated access is not supported for this identity pool.";
"x-amzn-ErrorType" = "NotAuthorizedException:";
"x-amzn-RequestId" = "44d2980b-b218-11e6-ae61-839aac944b5a";
}
2016-11-24 18:33:18.654 FireStick[37559:520593] AWSiOSSDK v2.4.11 [Debug] AWSURLResponseSerialization.m line:63 | -[AWSJSONResponseSerializer responseObjectForResponse:originalRequest:currentRequest:data:error:] | Response body:
{"__type":"NotAuthorizedException","message":"Unauthenticated access is not supported for this identity pool."}
Upvotes: 1
Views: 545
Answers (1)
patanjal
Reputation: 665
The error indicates that you have not setup your Identity Pool for unauthenticated identities and you are not correctly setting up Auth0 IdToken on your credentials provider.
This blog might be of some help https://aws.amazon.com/blogs/mobile/using-amazon-cognito-with-swift-sample-app-developer-guide-and-more/
Upvotes: 1
Related Questions
- AWS Cognito User Pool - "Value null at 'userName' failed to satisfy constraint: Member must not be null" - iOS
- AWS Cognito User Pools in iOS (Swift) app
- iOS Swift, AWS Cognito User Pool, Unable to Refresh Access Token
- Amazon Cognito Identity Pool can not be found
- AWS Cognito Authenticated Credentials IOS Swift 2.3 - 3 (Integrating User Pool & Identity Pool)
- Logged in cognito users don't show up in identity pool
- AWS: How to properly authenticate a user against Cognito Pool and use it for Cognito Federated Identity?
- Using Amazon Cognito Identity User Pools
- Integrating Congnito User Pools with Amazon Cognito Identity
- Unauthenticated user to authenticated user on AWS Cognito