Reputation: 21
AWS Amplify Auth.federatedSignIn can't use received authorization code
So I want add a federated sign in feature for my website app, instead of using the hosted UI I want to create my own UI for the sign in process. So I used Auth.federatedSignIn({provider: 'Facebook'}).
Weird thing is I can get the tokens from the TOKEN endpoint ('POST https://mydomain.auth.us-east-1.amazoncognito.com/oauth2/token') using the authorization code I received after federation by hosted UI. But I kept getting invalid_request from the endpoint when I used the authorization code I received from Auth.federatedSignIn({provider: 'Facebook'}). And the POST requests from both methods are exactly the same.
axios.post(`https://mydomainnnnnauth.us-east-2.amazoncognito.com/oauth2/token`, qs.stringify({
grant_type: "authorization_code",
code: myauthorizationcode,
client_id: "myclientid",
redirect_uri: "https://mydomainnnnn/callback/"
}), {
headers: {
"content-type": 'application/x-www-form-urlencoded'
}
})
I have been at it for many days, I don't know what's wrong. Please help.
Upvotes: 1
Views: 1767
Answers (1)
Reputation: 93
If you are using "aws-amplify" its automatically sends post request to "https://mydomainnnnnauth.us-east-2.amazoncognito.com/oauth2/token" endpoint once you land the callback page.
check the network tab. You will see an additional post request.
Once the authorization code is used it cannot reuse. then the response is invalid because the token is already used.
Follow this steps
- To prevent automatically sending post request comment redirectSignIn, property in amplify auth configuration object as follows
const cognitoConfigs={
region: process.env.REACT_APP_AWS_REGION,
userPoolId: process.env.REACT_APP_AWS_USER_POOL_ID,
userPoolWebClientId: process.env.REACT_APP_AWS_WEB_CLIENT_ID,
mandatorySignIn: false,
oauth: {
domain: 'domain',
scope: ['email', 'profile', 'openid'],
//**redirectSignIn: 'https://example.com/cb/'**, **COMMENT THIS**
redirectSignOut: 'http://localhost:3000',
responseType: 'code'
}
}- Then send the post requet
Upvotes: 0
Related Questions
- AWS Amplify Auth is not configured correctly
- Aws amplify signIn method returns Incorrect username and password while federatedSignIn (Hosted UI) works
- aws-amplify Authentication...how to access tokens on successful Auth.signIn?
- How to use federated Auth using aws-amplify API without hosted UI?
- Federated with Auth0 not working in Amplify React
- AWS Amplify federatedSignIn for multiple SAML providers
- User is not created in AWS Amplify User Pool using federated sign in
- Amplify Auth SignUp auto send another request and throw Error: No credentials, applicationId or region
- Amplify: 'No Cognito Federated Identity pool provided' with federation login
- Amplify React Federated sign in asks for verify email every sign in