Closed hussainamir closed 3 years ago
Hi @hussainamir,
The problem where RefreshToken was lost when using the REFRESH_TOKEN auth flow was fixed in 2.0.3 of Amazon.Extensions.CognitoAuthentication
. I think the other issue you mentioned about access token time expiration is the known issue and I saw some workaround in some old GitHub issue. Let me try to find more details for this issue and get back to you.
Thanks, Ashish
@ashishdhingra
Thanks for your fast response.
Refresh token is working fine when I use this method to initialize this class object
`Client=new AmazonIotDataClient(string serviceUrl, AWSCredentials credentials)'
But when I want to initialize same class object with other method
Client = new AmazonIotDataClient(string awsAccessKeyId, string awsSecretAccessKey, string awsSessionToken, string serviceUrl);
Then token expire after one hour.
Here i am.facing two problems 1) refresh token problem 2) Although I have set 1000 mint for token expiration time but it expiry after one hour .
Thanks: Hussain
Hi @hussainamir,
I got it. The correct way to use Cognito credentials to access AWS services is listed in the example in section Use AWS Resources after Authentication
at Amazon CognitoAuthentication Extension Library Examples. You need to use CognitoAWSCredentials
object in the service client constructor.
The constructor you are trying to use is different one which uses temporary session credentials (e.g. credentials from EC2 instance metadata service). For more details about session credentials, please refer Requesting temporary security credentials. Hope this provides some guidance.
Thanks, Ashish
@ashishdhingra How I can increase the time of temporary token?
Because I am using these credential for third party Mqtt API to subscribe data from aws iot core.
Or can I update temporary credential after one hour? This will work?
var AccessKey=credentials.GetCredentials().AccessKey,
var SecretKey=credentials.GetCredentials().SecretKey,
var Token= credentials.GetCredentials().Token
.
I am using third party Mqtt library because amazon didn't have any c# API to subscribe mqtt topics.
If amazon develop Mqtt API to subscribe mqtt topic then it will be best for us. Amazon have same mqtt API in python where user can subscribe data from aws iot core. I already have created this feature request on aws .net sdk repository but no one reply me.
@ashishdhingra How I can increase the time of temporary token?
Because I am using these credential for third party Mqtt API to subscribe data from aws iot core.
Or can I update temporary credential after one hour? This will work?
var AccessKey=credentials.GetCredentials().AccessKey,
var SecretKey=credentials.GetCredentials().SecretKey,
var Token= credentials.GetCredentials().Token
.I am using third party Mqtt library because amazon didn't have any c# API to subscribe mqtt topics.
If amazon develop Mqtt API to subscribe mqtt topic then it will be best for us. Amazon have same mqtt API in python where user can subscribe data from aws iot core. I already have created this feature request on aws .net sdk repository but no one reply me.
Temporary session token has limited timespan. After expiration, you need to re-fetch the temporary credentials.
As pointed out by you, you need to have refresh/retry logic in place to request temporary session credentials after expiration.
Hope this helps. If this provides necessary guidance, please confirm if we could close this issue.
Thanks, Ashish
Dear @ashishdhingra Thanks for your guidance.
you can close this issue, If I get any problem regarding aws cognito in future then I will let you know.
Thanks Hussain
Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.
Dear @ashishdhingra , I am using latest version of Amazon.Extensions.CognitoAuthentication" version="2.0.3" targetFramework="net472" I still I am facing same problem cognito token expire after one hour (also after refresh). I am using
Get coginto user information by using user name and password
Refresh cognito token
Get cognito user credentials by using this method
var credentials=user.GetCognitoAWSCredentials(FED_POOL_ID, new AppConfigAWSRegion().Region);
Get AccessKey, SecretKey,Token from "credentials" variable in step 3, by using
var AccessKey= credentials.GetCredentials().AccessKey
,var SecretKey= credentials.GetCredentials().SecretKey
,var Token= credentials.GetCredentials().Token
.use these credentials information and intialize
Client = new AmazonIotDataClient(string awsAccessKeyId, string awsSecretAccessKey, string awsSessionToken, string serviceUrl)
;By using these step my credentials expire after one hour.
if I use
Client =new AmazonIotDataClient(string serviceUrl, AWSCredentials credentials)
;then it's working fine. but in my case i want to use accesskey, secretKey, and token for third party API
Here I also want to share a another problem. Although I have set access token expiration time 1000 min or 5mint but my token will expire after one hour. I am sending some screen shots Please check it where I doing mistake.