CODEWITHSUNDEEP
amazon-s3amazon-cloudfrontamp-access
S.W.
S.W.

Reputation: 11

Why is Cloudfront denying access?

I am trying to replicate an AMP website to gain knowledge.

Technical Stack: AWS S3 static hosted website, AWS Cloudfront, AWS EC2, AWS Elastic Beanstalk, Google Accelerated Mobile Pages, Flask, jwt, CORS mongodb

The following urls are specified in the application/json listed below:

"/sign-in?rid=READER_ID&url=CANONICAL_URL&ref=DOCUMENT_REFERRER&_=RANDOM"

"/sign-up?rid=READER_ID&url=CANONICAL_URL&ref=DOCUMENT_REFERRER&_=RANDOM"

<script id="amp-access" type="application/json">
  {
      "authorization": "https://exampleapi.com/auth?rid=READER_ID&url=CANONICAL_URL&clientId=CLIENT_ID(cart)&ref=DOCUMENT_REFERRER&_=RANDOM",
      "pingback": "https://exampleapi.com/auth?rid=READER_ID&url=CANONICAL_URL&clientId=CLIENT_ID(cart)&ref=DOCUMENT_REFERRER&_=RANDOM",
      "login": {
        "sign-in": "/sign-in?rid=READER_ID&url=CANONICAL_URL&ref=DOCUMENT_REFERRER&_=RANDOM",
        "sign-up": "/sign-up?rid=READER_ID&url=CANONICAL_URL&ref=DOCUMENT_REFERRER&_=RANDOM"
      },
      "authorizationFallbackResponse": {
          "error": true,
          "auth": true,           
          "loggedIn": false
      }
  }
</script>     


<button on="tap:amp-access.login-sign-in">sign in</button>
<button on="tap:amp-access.login-sign-up">create account</button>

Clicking the sign-in and sign-up buttons SHOULD result in a popup with the login.html page loaded.

When the sign-in button is clicked, the popup should display login fields.

When the sign-up button is clicked, the popup should display with account creation fields.

When clicking the buttons, why do I receive the following access error:

<?xml version="1.0" encoding="ISO-8859-1"?>
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>F4D7BE84F13543C6</RequestId>
<HostId>this is a long host id</HostId>
</Error>

Also, how do "/sign-in?" and "/sign-up?" resolve to the login.html page? Where is that defined?

The login.html page is in an S3 static hosted website served by cloudfront. The flask endpoints are on a different domain. I am using CORS. How does the api redirect to the S3 login.html page? Yes, I have read the amp-access documentation. I do not understand the full picture here.

Thank you for your assistance in clarifying my confusion!

Upvotes: 1

Views: 189

Answers (0)

Related Questions