search

vbudilov / ionic-app-with-aws-cognito

Angular 4, Ionic 3, and AWS (Amazon) Cognito User Pools. Authentication out of the box.
https://medium.com/@budilov
Apache License 2.0
65 stars 22 forks source link

Missing credentials in config #2

Closed chris-munn closed 7 years ago

chris-munn commented 7 years ago

Hi @vbudilov,

Thanks again for providing the Ionic2 Library, I believe this is more of a bug that I am doing wrong, however I am trying to setup my user pools within AWS console and I think im doing something wrong which is why im getting "Missing credentials in config", when using your credentials it works fine.

I followed this guide (only for the aws console setup) https://www.hawatel.com/blog/aws-cognito-authentication-in-ionic-framework

Is there something blazingly obvious im doing wrong?

Im using this region if it makes any difference?

export let _REGION = "eu-west-1";

vbudilov commented 7 years ago

Try following these steps in setting your Cognito User Pool and let me know if that doesn't work: http://docs.aws.amazon.com/cognito/latest/developerguide/create-new-user-pool-console-quickstart.html

http://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-integrating-user-pools-with-identity-pools.html

vbudilov commented 7 years ago

The region doesn't matter, as long as you have cognito setup in that particular region (and cognito federated identity)

chris-munn commented 7 years ago

Hi Again @vbudilov,

Thanks for the quick response.

I have gone through the documentation and setup different identity and user pools multiple times but with no luck :(

Here is a step by step process of what im doing can you see what im doing wrong? Am i missing a vital stage out?

User Pools

Pool name

Federated Identities

step 1: create identity pool

Your authenticated identities would like access to Cognito. { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "mobileanalytics:PutEvents", "cognito-sync:", "cognito-identity:" ], "Resource": [ "*" ] } ] }

Your unauthenticated identities would like access to Cognito { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "mobileanalytics:PutEvents", "cognito-sync:" ], "Resource": [ "" ] } ] }

APP Code in properties.service.ts

export let _REGION = "eu-west-1"; export let _IDENTITY_POOL_ID = "eu-west-1:d4711388-8a31-XXXX-XXXX-XXXXXXXXXXXX"; export let _USER_POOL_ID = "eu-west-1_QHYXXXXXX"; export let _CLIENT_ID = "719s43jcbXXXXXXXXXXXXXXXXX";

chris-munn commented 7 years ago

Also when i look at the response in chrome devtools I get this.

{"__type":"NotAuthorizedException","message":"Unauthenticated access is not supported for this identity pool."}

chris-munn commented 7 years ago

Ok so I have done more digging around the "NotAuthorizedException" and it looks like when i created the identity pool within AWS i had not ticket the box "Enable access to unauthenticated identities".

Just curious as to why we would need to enable access for authenticated users for a user to signup and register when we only want to allow autherised users into the app?

Only reason I can think of is that with the aws-javascript sdk we cannot create secrets against the App within the user pool?

vbudilov commented 7 years ago

Sometimes you want to merge your guest with your auth user (once that guest authenticates). http://docs.aws.amazon.com/cognito/latest/developerguide/switching-identities.html "Users can begin their life in an application as unauthenticated guests. Eventually they may decide to log in using one of the supported identity providers. Amazon Cognito will ensure that an old identity retains the same unique identifier as the new one, and the profile data will be merged automatically."