3

I am trying to migrate my V2 application to the V3 SDK and I can't seem to figure out how to refresh the credentials after the following call throws a NotAuthorizedException with "Invalid login token. Token expired: 1615301743 >= 1615108625".

      credentials = await cognitoIdentity.send(
        new GetIdCommand({
          Storage: config,
          IdentityPoolId: config.get("IdentityPoolId"),
          Logins: {
            [`cognito-idp.${awsRegion}.amazonaws.com/${upid}`]: idToken,
          },
        }),
      );

In V2 there was a method called refresh() on the Credentials object which I could call and by doing so refresh the credentials. How to do the same thing with the new API?

comonadd
  • 1,822
  • 1
  • 13
  • 23

1 Answers1

0

The following code sample (Check Use case 4) I've found in the following link: https://www.npmjs.com/package/amazon-cognito-identity-js

  //refreshes credentials using AWS.CognitoIdentity.getCredentialsForIdentity()
        AWS.config.credentials.refresh(error => {
            if (error) {
                console.error(error);
            } else {
                // Instantiate aws sdk service objects now that the credentials have been updated.
                // example: var s3 = new AWS.S3();
                console.log('Successfully logged!');
            }
        });

It works for me when implemented in AWS Lambda. Hope this is what you are looking for.

Regards,

Edit:

I've just tested the following code, it works in my react-js app:

return new Promise((resolve, reject) =>
            cognitoUser.authenticateUser(authenticationDetails, {
                // If the provided credentials are correct.
                onSuccess: function(result) {
                    var accessToken = result.getAccessToken().getJwtToken();
            
                    //POTENTIAL: Region needs to be set if not already set previously elsewhere.
                    AWS.config.region = 'us-east-1';
            
                    AWS.config.credentials = new AWS.CognitoIdentityCredentials({
                        IdentityPoolId: IdentityPoolId,           // Your identity pool id here.
                        Logins: {
                            // Change the key below according to the specific Region your User Pool is in.
                            `cognito-idp.${awsRegion}.amazonaws.com/${upid}`: result
                                .getIdToken()
                                .getJwtToken(),
                        },
                    });
                    
            
                    //refreshes credentials using AWS.CognitoIdentity.getCredentialsForIdentity()
                    AWS.config.credentials.refresh(error => {
                        if (error) {
                            console.error(error);

                        } else {                    
                            resolve(AWS.config.credentials)
                        }
                    });
                },
            
                // If the provided credentials are incorrect.
                onFailure: function(err) {
                    console.log(err);
                    reject(
                        err.message || JSON.stringify(err)
                    );
                },
            })
    );
Moinul Hossain
  • 56
  • 3