How to use Amazon Cognito Logout endpoint?

2020-07-08 06:55发布

站内问答 / 后端开发
1100 1 5

I am using AWS Cognito in my application.

While doing logout i am calling the Logout Endpoint.

But after doing logout, I am still able to generate the id-tokens using the old refresh token.

It means my logout endpoint is not working any more. I am saving the tokens in my local storage, And while doing the logout i am clearing the store manually.

My Question is: How to properly use the logout mechanism of AWS Cognito?

1条回答
该账号已被封号
2楼-- · 2020-07-08 07:12

I'm not sure which framework you are using, but I'm using Angular. Unfortunately there are different ways of using AWS Cognito and the documentation is not clear. Here is my implementation of the Authentication Service (using Angular):

- Note 1 - With using this sign in method - once you redirect the user to the logout url - the localhost refreshes automatically and the token gets deleted.

- Note 2 - You can also do it manually by calling: this.userPool.getCurrentUser().signOut()

import { Injectable } from '@angular/core'
import { CognitoUserPool, ICognitoUserPoolData, CognitoUser } from 'amazon-cognito-identity-js'
import { CognitoAuth } from 'amazon-cognito-auth-js'
import { Router } from '@angular/router'

const COGNITO_CONFIGS: ICognitoUserPoolData = {
  UserPoolId: '{INSERT YOUR USER POOL ID}',
  ClientId: '{INSERT YOUR CLIENT ID}',
}

@Injectable()
export class CognitoService {

  userPool: CognitoUserPool
  constructor(
    private router: Router
  ) {
    this.createAuth()
  }

  createAuth(): void {
    // Configuration for Auth instance.
    const  authData = {
      UserPoolId: COGNITO_CONFIGS.UserPoolId,
      ClientId: COGNITO_CONFIGS.ClientId,
      RedirectUriSignIn : '{INSERT YOUR COGNITO REDIRECT URI}',
      RedirectUriSignOut : '{INSERT YOUR COGNITO SIGNOUT URI}',
      AppWebDomain : '{INSERT YOUR AMAZON COGNITO DOMAIN}',
      TokenScopesArray: ['email']
    }

    const  auth: CognitoAuth = new CognitoAuth(authData)
    // Callbacks, you must declare, but can be empty.
    auth.userhandler = {
      onSuccess: function(result) {
      },
      onFailure: function(err) {
      }
    }

    // Provide the url and parseCognitoWebResponse handles parsing it for us.
    const curUrl = window.location.href
    auth.parseCognitoWebResponse(curUrl)
  }

  /**
   * Check's if the user is authenticated - used by the Guard.
   */
  authenticated(): CognitoUser | null {
    this.userPool = new CognitoUserPool(COGNITO_CONFIGS)
    // behind the scene getCurrentUser looks for the user on the local storage.
    return this.userPool.getCurrentUser()
  }

  logout(): void {
    this.router.navigate(['/logout'])
  }

}

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)