AWS Cognito + google signup

2020-04-05 07:51发布

I have try this below code and it's working fine. However I need to store these signup details within user pool (additionally I want add some custom attributes as well). But I didn't find a proper method to do this.

function signinCallback(authResult) {
			AWS.config.region = 'us-XXXXXXX-1';
            // Add the Google access token to the Cognito credentials login map.
            AWS.config.credentials = new AWS.CognitoIdentityCredentials({
                IdentityPoolId: 'us-XXXX-1:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
                RoleArn: 'arn:aws:iam::XXXXXXXX:role/Cognito_XXXXXXXXXUnauth_Role',
                Logins: {
                    'accounts.google.com': authResult['id_token']
                }
            });

            // Obtain AWS credentials
            AWS.config.credentials.get(function (err) {
                alert(err);
                if (err) {
                    console.log(err);
                } else {
                    //client = new AWS.CognitoSyncManager();
                    console.log(AWS.config.credentials);
                    console.log("Cognito Identity Id: " + AWS.config.credentials.identityId);
					}});
					
					}
<span class="g-signin" data-callback="signinCallback" data-clientid="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-XXXXXXX.apps.googleusercontent.com"
   data-cookiepolicy="single_host_origin" data-requestvisibleactions="http://schemas.google.com/AddActivity"
    data-scope="https://www.googleapis.com/auth/plus.login">
</span>

I want to save it here.

enter image description here

1条回答
爷的心禁止访问
2楼-- · 2020-04-05 08:22

As per your code snippet, you are using Cognito Federated Identities (i.e. Identity Pools) and adding your Google token to the login map. This won't add the Google user to your Cognito Userpool because in Federated Identities, Cognito Userpool is just another Identity Provider(IdP) like Google. Just like signing up a new user in your userpool does not create a new Google or Facebook account, similarly adding a Google token won't create a new Userpool user. In short, Cognito Userpool is separate from IdentityPool and activities in IdentityPool (like adding Google token in login map) do not affect it.

If you want to add google user to your userpool automatically, there is a way to do so. You need to add Google as an Identity Provider to your Userpool directly & use the Cognito's built-in (i.e hosted) UI for login. After this, all Google logins will automatically, create a new user in Userpool. Now, just add your userpool to your Identity pool i.e remove Google from your Identity Pool. In your login map, you will always use a Cognito token. Even when you login using Google (via the hosted UI), the Google token is sent directly to userpool and it vends a Cognito token. Also, make sure you specify correct attribute mappings in your userpool.

查看更多
登录 后发表回答