4

xIn a react app I'm trying to set up federated sign-in with Google using AWS Cognito. When a user signs in with Google, the federated sign-in is successful and I receive a token from Auth.federatedSignIn(). However, a new user is not being created in my Cognito user pool.

I can see that a new identity is being registered in my Cognito Federated Identities pool, but no corresponding user is being added to the user pool. I've checked that I have the correct userPoolId and userPoolWebClientId set up in my Amplify configuration, and that my identity provider is set to "Google". I've also tried setting federationTarget to "Google", but this didn't fix the issue.

Here's a simplified version of my Amplify configuration:

Amplify.configure({
  Auth: {
    region: 'us-east-1',
    userPoolId: ENV.COGNITO_USER_POOL_ID,
    userPoolWebClientId: ENV.COGNITO_CLIENT_ID
  },
  aws_cognito_region: 'us-east-1',
  aws_user_pools_id: ENV.COGNITO_USER_POOL_ID,
  aws_user_pools_web_client_id: ENV.COGNITO_CLIENT_ID,
  federationTarget: 'Google',
  identityProvider: 'Google',
  identityPoolId: 'us-east-1:xxxx-xxx-xxx-xxx-xxx',
  oauth: {
    domain: ENV.COGNITO_DOMAIN,
    scope: ['email', 'openid', 'profile'],
    redirectSignIn: `${window.location.origin}/login`,
    redirectSignOut: `${window.location.origin}/login`,
    responseType: 'code',
    userPoolId: ENV.COGNITO_USER_POOL_ID,
    userPoolWebClientId: ENV.COGNITO_CLIENT_ID,
    identityProvider: 'Google',
    userPoolGroupId: ENV.COGNITO_USER_POOL_ID,
    federationTarget: 'Google'
  }
});

const cognitoResponse = await Auth.federatedSignIn(
  'google',
  { token: googleToken, expires_at: exp },
  {
    name: given_name
  }
);

and also i have tried using authenticateUser using amazon-cognito-identity-js like so:

    const googleToken = response.credential;

    const googleData = parseToken(googleToken);

    const { email, given_name } = googleData;

    const authenticationData = {
      Username: email,
      password: googleToken,
      ValidationData: {
        token: googleToken
      },
      ClientMetadata: {
        token: googleToken
      },
      AuthParameters: {
        'cognito:oauth2:googleclientid':
          'my-client-id',
        'cognito:oauth2:id_token': googleToken
      }
    };

    const authenticationDetails = new AuthenticationDetails(authenticationData);

    const userData = {
      Username: email,
      Pool: UserPool
    };
    const cognitoUser = new CognitoUser(userData);

    cognitoUser.authenticateUser(authenticationDetails, {
      onSuccess: function (result) {
        console.log('Authentication successful:', result);
        // Save the access token and ID token to use for API calls
        const accessToken = result.getAccessToken().getJwtToken();
        const idToken = result.getIdToken().getJwtToken();
      },
      onFailure: function (err) {
        console.log('Authentication failed:', err);
      }
    });

but got "Incorrect username or password". So authenticateUser is not accepting idToken as password or any other parameter and handle it by itself.

I have open hosted-ui from cognito app client settings and click google sign-in. It successfully login to google and add new user to user pool. however I cannot achieve without using hosted-ui in my custom app. I need to register or log in user to cognito using google token and get cognito token in return in a custom way.

irfan önk
  • 41
  • 2
  • Please remember that Stack Overflow is not your favourite (JavaScript?) forum, but rather a question and answer site for all programming related questions. Thus, always include the tag of the language you are programming in, that way other users familiar with that language can more easily find your question. Take the [tour] and read up on [ask] to get more information on how this site works, then [edit] the question with the relevant tags. – Adriaan Mar 13 '23 at 10:25
  • i think i have already added amazon-cognito-identity-js and aplifyjs which impliy the programming language. – irfan önk Mar 13 '23 at 10:38
  • Yes, you did, thank you. However, they have 1 and 35 people following it, respectively. That means that only those 35/36 people will see this question in their feed, whereas JavaScript itself is being followed by 2.5m people, thus increasing visibility of your question, and thus the likelihood of getting an answer, by 100,000. – Adriaan Mar 13 '23 at 10:41

0 Answers0