search

aws-amplify / amplify-cli

The AWS Amplify CLI is a toolchain for simplifying serverless web and mobile development.
Apache License 2.0
2.81k stars 819 forks source link

update custom domain for cognito #8126

Open hackrx opened 3 years ago

hackrx commented 3 years ago

Describe the bug Amplify provides a domain like https://xxxxx.auth.us-east-2.amazoncognito.com as Cognito domain, I am able to add my own domain. I want to update this custom domain as the default domain used by amplify. Every time I push or pull the changes my amplifyconfiguration.dart file updates with the WebDomain provided by Cognito, and I need to manually update it, to use my own custom domain.

link to the issue comment

any updates on this? It is almost 1 year earlier request and still pending. I am facing this issue in flutter. For flutter, it generates a amplifyconfiguration.dart file, which is a string export. And every time I make a amplify push, it automatically changes the WebDomain value in this file. so I need to manually go to this file after each push and update the domain with my custom domain. This should be fixed soon, or at least please anyone tell me a workaround for this.

amplifyconfiguration.dart [File which I need to update after each push]

const amplifyconfig = ''' {
    "UserAgent": "aws-amplify-cli/2.0",
    "Version": "1.0",
    "api": {
        "plugins": {
            "awsAPIPlugin": {
                "appnamebackend": {
                    "endpointType": "GraphQL",
                    "endpoint": "https://nxxxxxxxxxxxxxe.appsync-api.us-east-2.amazonaws.com/graphql",
                    "region": "us-east-2",
                    "authorizationType": "API_KEY",
                    "apiKey": "dx2-xxxxxxxxxxxxxxxa"
                }
            }
        }
    },
    "auth": {
        "plugins": {
            "awsCognitoAuthPlugin": {
                "UserAgent": "aws-amplify-cli/0.1.0",
                "Version": "0.1.0",
                "IdentityManager": {
                    "Default": {}
                },
                "AppSync": {
                    "Default": {
                        "ApiUrl": "https://xxxxxxxxxxxxxxxxe.appsync-api.us-east-2.amazonaws.com/graphql",
                        "Region": "us-east-2",
                        "AuthMode": "API_KEY",
                        "ApiKey": "dx2-zxxxxxxxxxxxxxaa",
                        "ClientDatabasePrefix": "appname_API_KEY"
                    },
                    "appnamebackend_AWS_IAM": {
                        "ApiUrl": "https://appname.appsync-api.us-east-2.amazonaws.com/graphql",
                        "Region": "us-east-2",
                        "AuthMode": "AWS_IAM",
                        "ClientDatabasePrefix": "appname_AWS_IAM"
                    },
                    "appname_AMAZON_COGNITO_USER_POOLS": {
                        "ApiUrl": "https://nxxxxxxxxxxxxxxcde.appsync-api.us-east-2.amazonaws.com/graphql",
                        "Region": "us-east-2",
                        "AuthMode": "AMAZON_COGNITO_USER_POOLS",
                        "ClientDatabasePrefix": "appname_AMAZON_COGNITO_USER_POOLS"
                    }
                },
                "CredentialsProvider": {
                    "CognitoIdentity": {
                        "Default": {
                            "PoolId": "us-east-2:e1xxxxxxxxxxxxxxx155",
                            "Region": "us-east-2"
                        }
                    }
                },
                "CognitoUserPool": {
                    "Default": {
                        "PoolId": "us-east-2_hYSWWnA6x",
                        "AppClientId": "98cxxxxxxxxxx0lk64k",
                        "Region": "us-east-2"
                    }
                },
                "Auth": {
                    "Default": {
                        "OAuth": {
                            "WebDomain": "auth.appname.in",    // <-------------------------it chages to https://appname- 
                                                                                                                  staging/auth.us.-east-2.amazoncognito.com
                            "AppClientId": "98cxxxxxxxxxx0lk64k",
                            "SignInRedirectURI": "appname://",
                            "SignOutRedirectURI": "appname://",
                            "Scopes": [
                                "phone",
                                "email",
                                "openid",
                                "profile",
                                "aws.cognito.signin.user.admin"
                            ]
                        },
                        "authenticationFlowType": "USER_SRP_AUTH",
                        "loginMechanism": [],
                        "signupAttributes": [
                            "EMAIL"
                        ],
                        "passwordProtectionSettings": {
                            "passwordPolicyMinLength": 8,
                            "passwordPolicyCharacters": [
                                "REQUIRES_LOWERCASE",
                                "REQUIRES_NUMBERS",
                                "REQUIRES_SYMBOLS",
                                "REQUIRES_UPPERCASE"
                            ]
                        },
                        "mfaConfiguration": "OFF",
                        "mfaTypes": [
                            "SMS"
                        ]
                    }
                },
                "S3TransferUtility": {
                    "Default": {
                        "Bucket": "appname-staging",
                        "Region": "us-east-2"
                    }
                }
            }
        }
    },
    "storage": {
        "plugins": {
            "awsS3StoragePlugin": {
                "bucket": "appname-staging",
                "region": "us-east-2",
                "defaultAccessLevel": "guest"
            }
        }
    }
}''';
HuiSF commented 3 years ago

Please take a look at this comment https://github.com/aws-amplify/amplify-flutter/issues/822#issuecomment-902853498 The tip for bug 0 may help to resolve this (Not 100% sure).

hackrx commented 3 years ago

@HuiSF can you please elaborate more on the solution? cli.json doesn't have anything related to auth. if possible please give a descriptive solution.

HuiSF commented 3 years ago

I meant you may need to make a schema change so when you do push the cli will actually push a new configuration archive to the cloud including the new endpoint information.

hackrx commented 3 years ago

can you please tell me if there is any way to update the "WebDomain": under Auth -> Default -> OAuth in amplifyconfiguration.dart file?

I have my own custom domain added in cognito, and it works if I change the "WebDomain" manually in the amplifyconfiguration.dart file. But every time if I am making a push or pull, it just reset its value and assigns the auth.us.-east-2.amazoncognito.com domain to it.

dnys1 commented 3 years ago

@hackrx I did some digging and this is currently a limitation in the CLI. As you can see here, where the CLI generates the amplify config, the value for WebDomain cannot be a custom value outside of the amazoncognito.com subdomains.

I hope this helps and sorry for the inconvenience!

OskarD commented 2 years ago

Here is my workaround, please let me know if it sucks: awsExports.oauth.domain.replace(/\.auth\..*\.amazoncognito.com/, '')

Hope it doesn't, and that it helps someone out there

YuantongL commented 2 years ago

I'm an iOS engineer, I will do in my fastlane file run shell script to replace the string sed -i '' 's/want_to_replace.auth.us-east-1.amazoncognito.com/your_custom_domain/g' ../awsconfiguration.json but anyways... this is still not quite convenient