Closed GraDea closed 7 years ago
I made it into an enhancement. Feel free to submit a PR if you already have this functionality.
That would be grateful if you'll try to make it available for Gooogle & Facebook.
Just to confirm we are still talking about Cognito in context of federated login? STS has user id field so we eould need to make sure this is populated properly. I'm after Github personally.
@styk-tv, Yes you got me right. This is about cognito federated login.
That would be very much helpful if we can do this
Thanks for the response
@sanjaychavan1991
I know its possible for Amazon login, Amazon Cognito, Facebook, Google http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_variables.html#principaltable
In theory we could implement any oauth2 provider and replace registration/verification element with population of Cognito user registration based on already verified social login details.
You click a button on UI, login at social, confirm app permissions, get token, use oauth token to verify user (call back social), see if user exists in Cognito, if yes login, if not register, return back. I think it would work if you do all this after token is posed by social in a single gateway/lambda as needs to be done on server without user tampering with details.
Next time either login or use cookie but each time it would result of social acknowledging login and cognito recognizing login behind the scene, with possibility of retrieval of userid with GetIdentity on STS.
Obviously trying to find a way without solutions like SAML. Is this too far fetched? It would be easy then to go after all socials like on this list https://github.com/lepture/flask-oauthlib/tree/master/example (turn them one by one into lambda-gateways)
@styk-tv Yes, this could be the optional way to do the social logins. But @styk-tv, I will be very much thankful to you guys if we can implement the proper use of federated login.
@sanjaychavan1991 you might find this article helpful https://www.npmjs.com/package/serverless-authentication-boilerplate
@GraDea , here's the documentation for social identity federation: http://docs.aws.amazon.com/cognito/latest/developerguide/facebook.html
Basically, you will use whatever authz flow you currently use to authenticate your users with FB, Google, etc, and then federate with Cognito.
The following project is in beta, currently, with "Support for more identity providers is coming soon.": http://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation.html
What about social logins?
Best.