Nathan
Reputation: 7709
Do I need amazon-cognito-identity-js if I already have the aws-sdk (javascript)?
I have a javascript project where I use the aws-sdk. No I want to use amazon-cognito-identity-js. On the page it says:
Note that the Amazon Cognito AWS SDK for JavaScript is just a slimmed down version of the AWS Javascript SDK namespaced as AWSCognito instead of AWS. It references only the Amazon Cognito Identity service.
and indeed, I can for example create CognitoIdentityServiceProvider with:
CognitoIdentityServiceProvider = new AWS.CognitoIdentityServiceProvider();
But how do I do thinks like authenticate a user? According to the amazon-cognito-identity-js documentation:
authenticationDetails = new CognitoIdentityServiceProvider.AuthenticationDetails({Userame: ..., Password: ...});
cognitoUser.authenticateUser(authenticationDetails, ...)
But the CognitoIdentityServiceProvider object does not have a AuthenticationDetails property.
Do I have to do something different when I use the aws-sdk instead of amazon-cognito-identity-js?
Or is my assumption wrong, and I need both, the aws-sdk and amazon-cognito-identity-js?
Upvotes: 3
Views: 4443
Answers (3)
tricksSpecialist
Reputation: 156
for any coming in the future
the following is what i did for register and login using
private cognito = new AWS.CognitoIdentityServiceProvider();
register:
public async register(event) { try { if(!this.validator.isObjectNotEmpty(event.body)){ throw new Error("you have to include body to insert into DB !!"); } const usermodel = event.body; if (this.validator.isEmailNotValid(usermodel)) { throw new Error("Not Valid username or password"); } const email = usermodel.email.toLowerCase(); const password = usermodel.password; const createUserParams = { UserPoolId: Cognito_User_Pool, // From Cognito dashboard 'Pool Id' Username: email, MessageAction: "SUPPRESS", // Do not send welcome email TemporaryPassword: password, }; const user = await this.cognito.adminCreateUser(createUserParams).promise(); this.logger.info("created user: ",user); const initiateAuthParams = { AuthFlow: "ADMIN_USER_PASSWORD_AUTH", ClientId: Cognito_User_Pool_Client, UserPoolId: Cognito_User_Pool, AuthParameters: { USERNAME: email, PASSWORD: password } }; const challengesResponse = await this.cognito.adminInitiateAuth(initiateAuthParams).promise(); this.logger.info("challengesResponse: ",challengesResponse); const userPasswordParams = { Password: password, UserPoolId: Cognito_User_Pool, Username: email, Permanent: true }; return this.cognito.adminSetUserPassword(userPasswordParams).promise(); } catch (error) { console.log("error: ", error); throw error; } }
login
public async login(event) { try { this.logger.info("login - event: ",JSON.stringify(event)); this.logger.info("register - Cognito_User_Pool: ",Cognito_User_Pool); this.logger.info("register - Cognito_User_Pool_Client: ",Cognito_User_Pool_Client); if(!this.validator.isObjectNotEmpty(event.body)){ throw new Error("you have to include body to insert into DB !!"); } const usermodel = event.body; if (this.validator.isEmailNotValid(usermodel)) { throw new Error("Not Valid username or password"); } const email = usermodel.email.toLowerCase(); const password = usermodel.password; const initiateAuthParams = { AuthFlow: "ADMIN_USER_PASSWORD_AUTH", ClientId: Cognito_User_Pool_Client, UserPoolId: Cognito_User_Pool, AuthParameters: { USERNAME: email, PASSWORD: password } }; return await this.cognito.adminInitiateAuth(initiateAuthParams).promise(); } catch (error) { console.log("error: ", error); throw error; } }
the login function return response like this:
"tokenObj": {
"ChallengeParameters": {},
"AuthenticationResult": {
"AccessToken": "eyJraWQiOiI1ZFN5R0tEUFE2WnhTbzJ4N01QTXpxaVRPNXZoK3p5NkJaOFZhRzV1M0Z3PSIsImFsZyI6IlJTMjU2In0.eyJvcmlnaW5fanRpIjoiMGYzY2RmZTItZTM3Zi00NGRiLWJiMWQtMDIzYjFiZTdlZGVjIiwic3ViIjoiZWJjN2M4YzctZjllYS00MTMxLTgxNDQtNjdkM2ZmYzg1ZTdlIiwiZXZlbnRfaWQiOiJhYWJhNzgyZi1iZTVhLTQxMjItYjljYS0yNjg5NTY2ZDVkMTgiLCJ0b2tlbl91c2UiOiJhY2Nlc3MiLCJzY29wZSI6ImF3cy5jb2duaXRvLnNpZ25pbi51c2VyLmFkbWluIiwiYXV0aF90aW1lIjoxNjM4MTI0NTY3LCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtd2VzdC0yLmFtYXpvbmF3cy5jb21cL3VzLXdlc3QtMl9vVmFnb3hFd0wiLCJleHAiOjE2MzgxMjgxNjcsImlhdCI6MTYzODEyNDU2NywianRpIjoiZjE0MTBjMGEtOWM4ZS00YjMzLWJkMjEtNmQ1ZDIwYzJiNDU5IiwiY2xpZW50X2lkIjoiNnVvc2dxNzNtYjFlYmk5c3BnbDV0N282Z2QiLCJ1c2VybmFtZSI6ImViYzdjOGM3LWY5ZWEtNDEzMS04MTQ0LTY3ZDNmZmM4NWU3ZSJ9.4vswc6-ei6SFlbN0k_C8PAtmEK294oFfylYZW3hhmHqMT49d_JWdDPR8XgA7n5cLqtLJsiG4PVh9SyxdirpUTmC0yra2GZejNWP8eVHG9-JUq_xXQ81a8AYEb1KZJBAv0j2F1ZLuCFaiFvbOBFEGSlJXp4e2bLz-NWlSbEAUbxZV5BKrRmZEeXJUxw_DO5R30SG1D2qcOn_1mnbdfTH-W0ZMuuMJsHWQBsO7QEtyMI62XG35WRDijzzMr6ekbLyIQ7J77dYcsmTdR6S5nTNWE1yrGYtkdxk2x35nYob06PAWdnWL5OK2G1aiJ97BMvM65VtjX8VQZbAoalIII-PbCA",
"ExpiresIn": 3600,
"TokenType": "Bearer",
"RefreshToken": "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.FKN-KM415xH-TioTkKjmoy_NV1AssBq9GlkweHAK7TuYzMeI_qMfeL00Qv6MiOPFMJ6UG7cLKfJjkdyI1vK09p9lk5_wor3FoCX1Dvt3DK3SKzeyqW6ULQL1IQmNunPhpC3sARom0q74YxSaQKdF_6PgDjNnf0-aI1XGkZYZUw69BZGQDVobTx8nR_Lf6srF622s0JuhaClDfvIgqjZun7AIFlxgNUKL6uuMgmSrRJm7GvAqAnTQpmQD2sdz6D3fWeoVja8LRpc_QMbZPhjZmOoRrQJ3VA-m0M0TsNMvQSw6px-WS-hMUH4RFeFasrbmoiUKIU8-MXltyPVltoy0qg.dHBgjs1NAOAROzD6.vi7DzrqzLkuHGuuGY1vNZaYmdDp0-EliwxTtEOaMboVlMCm9KZv0tU06ovQ9Z2CbplqJdEaAu-YZSG3Oeagqj5JJ2-739C0yvA0J_qE2Ehn5gCUMuiPPOjakIczOcI8wcRItsTGqt1GFmyq4DSnX-pjc9GG2QWpgmcsoDyxodIv1wTu7YN15cGK0YN_xSKolcCn04gCzqXCDkQyUqX-Sr7QqD2o-aQC1ynmKz1tJGxRM3I6rzbcRZkNvUK02wSIUMeY05hJNAdKBItIE0t45Sk5_EV3mzLgebC39Q6z-kRKNQwhyQKrcXg71aRJGjD3HH61VEoops4wcgRCmNnI7u-9JjJic_SDU_Fw-9W1L8BxZZKPsJrjOvJroDFc1xX2njgeivo6ZpRWTg3nQphMTqJFSYHnWcEmw3EW1uUhN7e1J2bdGuebW40Opf5zMXo2V4-OBI3UMxTOVZEPit4g3yLDHQDAfPZllPPRf5H8Kf1Qe54fEq77sKb32I5PH7t-7xQ79iE5KX6BZjsLjwHMAlGNtS7WSE-U0yAsjUFFH8pA7eYR5ysz3o9L7jJsNCyNb06YU_QX5mozGlspLMNs4qpUcWkFGhSNG6qTRMREpzRfELU82Dc-LirJ1425zPQNsQV1CGGtlDoXVA-RCIgnMG1hslfpIllKm_IH-5yyPMfH2UFdr7jdRjt9crFyFu9ktGkHjnAqH_ZUcueL0q_vrIqmkGcBcrQQRY9jCSC4VNeGhKe9ecJciAHUCktkZuut5yI0De0hXANoaoxeIucJlox57nxHnQTD0Q0LEuXvfqG9M9sNdB4GGrt1rYR58ZWa8zc5udoKDMxvrb6GEeDI1co2mLEt3XghjcJBJqB8nqwofXZDxiDSXQ53R9L5U8wDlxhxZxPMDKFL6wu4gqDjw4m60R8mOvfOI2Gz_yelqfk5CxD6Ts_HVbv9TRbsV0adQ4S8n5Cktf5miWUtFCOktruS2_fKfB6TF1yzisgxQpJFD7B1qdTcBu0N82KgHrljoBlVKiwGdalL52H-cJkNkagZIBQYXvlvkBrbsSNAp1CeUiqXbddHku47RNjXSPUMN1aoHdEL14_7zbaPYBMxgEsmqjP67B45QKmTyDDsOkf8aSdAWYFKvj3c_4Cn_LczLU-YcuzE4UZvd6BQK70MiKBIsd3DU4rdKTDjAsN73mJ_U-_8r34jocny4rzbO_NostPjgqUugoO2bGhfr_PUgXb7sm_wrKlvjFnUcOLpQSBxlZL_z25e8vZokRn4QiNa83_VG6xyp77-c_DQqLC3RdwXOyRmCEXkM2D10cBNQpkAzCBMyP9FO3mJZcQ.aAJlWM76hqlRprKY8P_Qmw",
"IdToken": "eyJraWQiOiJoWmpBMXl1d2JjT1lyNks5dnhQc2ZKVDhXSHRrYm51WmZlTURlK0dBbWR3PSIsImFsZyI6IlJTMjU2In0.eyJvcmlnaW5fanRpIjoiMGYzY2RmZTItZTM3Zi00NGRiLWJiMWQtMDIzYjFiZTdlZGVjIiwic3ViIjoiZWJjN2M4YzctZjllYS00MTMxLTgxNDQtNjdkM2ZmYzg1ZTdlIiwiYXVkIjoiNnVvc2dxNzNtYjFlYmk5c3BnbDV0N282Z2QiLCJldmVudF9pZCI6ImFhYmE3ODJmLWJlNWEtNDEyMi1iOWNhLTI2ODk1NjZkNWQxOCIsInRva2VuX3VzZSI6ImlkIiwiYXV0aF90aW1lIjoxNjM4MTI0NTY3LCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtd2VzdC0yLmFtYXpvbmF3cy5jb21cL3VzLXdlc3QtMl9vVmFnb3hFd0wiLCJjb2duaXRvOnVzZXJuYW1lIjoiZWJjN2M4YzctZjllYS00MTMxLTgxNDQtNjdkM2ZmYzg1ZTdlIiwiZXhwIjoxNjM4MTI0ODY3LCJpYXQiOjE2MzgxMjQ1NjcsImp0aSI6ImRmMzVlZWQ1LWZjNGItNDBlZS1hYWEwLTYxNTViZWNiNjIyNyIsImVtYWlsIjoidGVzdDJAdGVzdC5jb20ifQ.L9nNSlcQakRfVpAo-bf9jnXFrhov8iD9j3R2UI7x5eUT42OBrvSdEk3Y2JtFKQt1FpxBFLqtWCRyY0Wxlcq3MzZE04zIFBC02WmV24vF1QS9TxpBYAm8NkyNoW-7Lqe7CIWhK_DHMxSRpzo87txmwpID6xwd9JOlZG04L76hkXr0_2JgM2KuvB0lKL0v4heHK8e2ht_VuKBPNpVvMIbIA2xN22LRhivfG8EMeHmF3jhhQYggi1Pczb2WEviPUqebmLhdvjJpHC9OMVhvN4GMcr0JVv-GepxSCrNSFoXPDNZaznJbDJW0Zt3xY9bWek_l62v1Wm0a1h7V7nxw8a0Csw"
}
}
}
Upvotes: 0
Rohit Kumar
Reputation: 1341
For userName password authentication, it needs to have ADMIN_NO_SRP_AUTH. I also added function to handle err and success. For more details about response and token sent in data, you can check was reference.
const cognito = new AWS.CognitoIdentityServiceProvider();
cognito.adminInitiateAuth({
AuthFlow: 'ADMIN_NO_SRP_AUTH',
ClientId: 'clientId',
UserPoolId: 'poolId'
AuthParameters: {
USERNAME: 'userName',
PASSWORD: 'password',
},
}, function(err, data) {
if (err) {
console.log(err, err.stack);
}
else {
console.log(data);
}
});
Upvotes: 1
JakubM
Reputation: 2725
No, you don't. You can login using aws-sdk like this:
const cognito = new aws.CognitoIdentityServiceProvider({ region });
cognito.adminInitiateAuth({
AuthFlow: 'ADMIN_NO_SRP_AUTH',
ClientId: clientId,
UserPoolId: poolId,
AuthParameters: {
USERNAME: email,
PASSWORD: password,
},
});
Upvotes: 5
Related Questions
- AWS Node JS MFA Cognito
- Problem with SDK amazon-cognito-identity-js
- AWS Cognito Developer Authenticated Identities using JavaScript SDK
- How do I get credentials on AWS? Must I use AWS Cognito SDK or AWS SDK?
- Cognito Developer Authenticated Identities with Node
- AWS Cognito: Do I need other AWS service to write a full functioning signup/signin system?
- Using Cognito JavaScript SDK without AWS-SDK
- Which AWS JS SDK package(s) to use for Cognito?
- How to integrate AWS Cognito Identity Pool and API Gateway in the Javascript sdk
- AWS Cognito SDK Node.JS Implementation