search

aws-amplify / aws-sdk-android

AWS SDK for Android. For more information, see our web site:
https://docs.amplify.aws
Other
1.03k stars 549 forks source link

Google login is success, but users are not saved into User Pools #685

Open anggrayudi opened 5 years ago

anggrayudi commented 5 years ago

Describe the bug When sign in or login using Cognito's User Pools, there's no problem. Here's the screenshot. Users are registered correctly.

Email login

When I use Google Identity Provider, I open Google login group. But no users on it, even though the login is success.

screenshot 13

This is my code:

try {
    val task = GoogleSignIn.getSignedInAccountFromIntent(data)
    val account = task.getResult(ApiException::class.java)!!
    AWSMobileClient.getInstance().federatedSignIn(IdentityProvider.GOOGLE.toString(), account.idToken, object : Callback<UserStateDetails> {
        override fun onResult(details: UserStateDetails) {
             // success, but no user saved to AWS server.
        }

        override fun onError(e: Exception) {
            Log.e(TAG, "sign-in error", e)
        }
    })
} catch (e: ApiException) {
    Log.w(TAG, "signInResult:failed code=" + e.statusCode)
}

I also read my awsconfiguration.json carefully, and I did nothing wrong. I have set Google web app ID, Android Client ID, and App secret as well.

So, where did all users signed in with Google go?

Environment

anggrayudi commented 5 years ago

@sunchunqiang Try to use empty or random string as the JWT token, and AWSMobileClient.getInstance().federatedSignIn() will accept it as valid login token. Then onResult() will be called and showing success state. I have browsed federatedSignIn() source code, and found that this method only save login information into SharedPreferences, instead of saving it to the cloud.

Using federatedSignIn() should handle sign in flow easily. If we need to combine it with API Gateway, Lambda, IAM, etc in order to make a simple login flow, then it will make login feature harder to learn. federatedSignIn() should be used to sign up if users do not have any account yet, and it handle sign in method as well. When users choose Google login, they don't need to sign up again when they want to change login method to default user pools through username and password. All users information must be updated into Cognito User Pools too.

We have to minimize learning curve when using AWS SDK APIs.

minbi commented 5 years ago

Hi @anggrayudi ,

The federatedSignIn() method only supports federation into Cognito Identity Pool which is why you saw the code store it locally (the actual federation code reads it from the store). Federation into Cognito User Pools is only supported through the HostedUI feature. This is currently achieved using the aws-android-sdk-cognitoauth library which launches a web-based UI. This is currently a service limitation and we are working with the service team to find a resolution.

Shusshu commented 5 years ago

Response migrated to https://github.com/aws-amplify/aws-sdk-android/issues/693

Shusshu commented 5 years ago

Response migrated to https://github.com/aws-amplify/aws-sdk-android/issues/693

Shusshu commented 5 years ago

@anggrayudi #693 might help you as this works for User pool and google login