Using an external identity provider with server-side authentication

Run Run Shaw IV:

I'm using AWS SDK Go to use Cognito for server side authentication. I'm registered and logged in and working with username and password. I've configured all three external identity providers according to the documentation , as well as redirect URLs and everything else the documentation needs.

I know how to get the URLs of the built-in "Sign Up/Sign In" pages that Cognito will build for you and that have Google/Facebook/Amazon login buttons, but I need to be able to put those buttons on my website. I do not know what to do.

Edit: See comments on @Stu's post for a detailed explanation of why the JS SDK answer was marked as the correct answer. This may change, but not for now. (tldr; aws go sdk and cognito don't support this at all)

Ryan Breece:

Your requirements for the application have exceeded the point of using the cookie cutter Cognito login flow.

I recommend that you just handle all authentication to identify yourself like this : https://docs.aws.amazon.com/cognito/latest/developerguide/using-amazon-cognito-user-identity-pools-javascript-examples .html

This way you can put a Facebook login button on your website like this : https://docs.aws.amazon.com/cognito/latest/developerguide/facebook.html

FB.login(function (response) {

  // Check if the user logged in successfully.
  if (response.authResponse) {

    console.log('You are now logged in.');

    // Add the Facebook access token to the Cognito credentials login map.
    AWS.config.credentials = new AWS.CognitoIdentityCredentials({
      IdentityPoolId: 'IDENTITY_POOL_ID',
      Logins: {
        'graph.facebook.com': response.authResponse.accessToken
      }
    });

    // Obtain AWS credentials
    AWS.config.credentials.get(function(){
        // Access AWS resources here.
    });

  } else {
    console.log('There was a problem logging you in.');
  }

});

Then have the user like this:

    var data = { UserPoolId : 'us-east-1_Iqc12345',
        ClientId : '12345du353sm7khjj1q'
    };
    var userPool = new AmazonCognitoIdentity.CognitoUserPool(data);
    var cognitoUser = userPool.getCurrentUser();

    if (cognitoUser != null) {
        cognitoUser.getSession(function(err, session) {
            if (err) {
                alert(err);
                return;
            }
            console.log('session validity: ' + session.isValid());
        });
    }

Additional Facebook SDK info : https://developers.facebook.com/docs/facebook-login/web

Since you're going to do the action of setting up the Cognito stream in your application. Also, I strongly recommend that you continue to use lambda triggers to set custom messages. https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-custom-message.html

Update: come back to this one again.

https://docs.aws.amazon.com/sdk-for-go/api/service/cognitoidentityprovider/#CognitoIdentityProvider.AdminInitiateAuth

Here you can see a function called AdminInitiateAuth. There are also functions for attaching users to identity providers. So while using the JS SDK is probably the easiest way, I think this is the solution to integrate a web app with cognito. You can handle all authentication flow, token management, create api for login, logout etc. clearly. Server side using GO SDK

Related

ASP.NET Identity external authentication provider custom icon

the cat that wears shoes Using SimpleMembership, you can add icons to external authentication provider buttons like this: SimpleMembership: Dictionary<string, object> FacebooksocialData = new Dictionary<string, object>(); FacebooksocialData.Add("Icon", "/conte