Please go to our Blogger site at blog.backspace.academy This site will no longer be updated.
Get CognitoID Credentials
Now it's time to pass our Facebook token over to Cognito. Prior to version v2.0.14 of the AWS Javascript SDK this was a difficult process involving calls to IAM and STS. A new object CognitoIdentityCredentials has greatly simplified the CognitoID credentials process by removing the need to create STS tokens and temporary IAM credentials yourself.
We are going to create a new function to get our CognitoID credentials. Open app.js in your editor and add a call to the new function getCognitoID() in the success callback of our getInfo page.
(function($){
var AWS_ACCOUNT_ID = 'XXXXXXXX';
var AWS_REGION = 'us-east-1';
var COGNITO_IDENTITY_POOL_ID = 'us-east-1:XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXX';
var COGNITO_IDENTITY_ID, COGNITO_SYNC_TOKEN, AWS_TEMP_CREDENTIALS;
var cognitosync;
var IAM_ROLE_ARN = 'arn:aws:iam::XXXXXXXXX:role/Cognito_CognitoBrowserExampleAuth_DefaultRole';
var COGNITO_SYNC_COUNT;
var COGNITO_DATASET_NAME = 'TEST_DATASET';
var FACEBOOK_APP_ID = 'XXXXXXXXXXXXXX';
var FACEBOOK_TOKEN;
var FACEBOOK_USER = {
id: '',
first_name: '',
gender: '',
last_name: '',
link: '',
locale: '',
name: '',
timezone: 0,
updated_time: '',
verified: false
};
var userLoggedIn = false;
var message = 'AWS Cognito Example App Loaded_____';
var errorMessage = '';
function clearConsole(){
message = "";
$('#appConsole').html(message);
errorMessage = "";
$('#errorConsole').html(errorMessage);
}
// Login button
$('#btnLogin').on('click', function (event) {
login();
});
// Login button
$('#btnLogout').on('click', function (event) {
logout();
});
// Revoke permissions button
$('#btnRevoke').on('click', function (event) {
revoke();
});
/* Initialise openFB
Change the init function in openFB.js to:
function init(params) {
if (params.appId) {
fbAppId = params.appId;
runningInCordova = params.cordova;
} else {
throw 'appId parameter not set in init()';
}
if (params.tokenStore) {
tokenStore = params.tokenStore;
}
}
*/
openFB.init({
appId:FACEBOOK_APP_ID,
cordova:true
});
function login() {
clearConsole();
openFB.login(
function(response) {
if(response.status === 'connected') {
FACEBOOK_TOKEN = response.authResponse.token;
message += "Connected to Facebook_____";
$('#appConsole').text(message);
getInfo();
} else {
errorMessage += 'Facebook login failed: ' + response.error + "_____";
$('#errorConsole').text(errorMessage);
}
}, {scope: 'email,read_stream,publish_stream'});
}
function getInfo() {
openFB.api({
path: '/me',
success: function(data) {
message += "Logged in with Facebook as " + data.name+"_____";
$('#appConsole').text(message);
getCognitoID();
},
error: errorHandler});
}
function logout() {
openFB.logout(
function() {
message += "Logged out of Facebook_____";
$('#appConsole').text(message);
},
errorHandler);
}
function revoke() {
openFB.revokePermissions(
function() {
message += "Permissions revoked_____";
$('#appConsole').text(message);
},
errorHandler);
}
function errorHandler(error) {
errorMessage += error.message;
$('#errorConsole').text(errorMessage);
}
function getCognitoID(){
// The parameters required to intialize the Cognito Credentials object.
var params = {
AccountId: AWS_ACCOUNT_ID, // required
RoleArn: IAM_ROLE_ARN, // required
IdentityPoolId: COGNITO_IDENTITY_POOL_ID, // required
Logins: {
'graph.facebook.com': FACEBOOK_TOKEN
}
};
// set the Amazon Cognito region
AWS.config.region = AWS_REGION;
// initialize the Credentials object with our parameters
AWS.config.credentials = new AWS.CognitoIdentityCredentials(params);
// We can set the get method of the Credentials object to retrieve
// the unique identifier for the end user (identityId) once the provider
// has refreshed itself
AWS.config.credentials.get(function(err) {
if (err){ // an error occurred
errorMessage += "credentials.get: " + err, err.stack + "_____";
$('#errorConsole').text(errorMessage);
errorMessage += "AWS.config.credentials: " + JSON.stringify(AWS.config.credentials) + "_____";
$('#errorConsole').text(errorMessage);
}
else{
AWS_TEMP_CREDENTIALS = AWS.config.credentials;
COGNITO_IDENTITY_ID = AWS.config.credentials.identityId;
message += "Cognito Identity Id: " + COGNITO_IDENTITY_ID + "_____";
$('#appConsole').text(message);
getCognitoSynToken();
}
});
}
function getCognitoSynToken(){
// Other AWS SDKs will automatically use the Cognito Credentials provider
// configured in the JavaScript SDK.
cognitosync = new AWS.CognitoSync();
cognitosync.listRecords({
DatasetName: COGNITO_DATASET_NAME, // required
IdentityId: COGNITO_IDENTITY_ID, // required
IdentityPoolId: COGNITO_IDENTITY_POOL_ID // required
}, function(err, data) {
if (err){
errorMessage += "listRecords: " + err, err.stack + "_____";
$('#errorConsole').text(errorMessage); // an error occurred
}
else {
COGNITO_SYNC_TOKEN = data.SyncSessionToken;
COGNITO_SYNC_COUNT = data.DatasetSyncCount;
message += "listRecords: " + JSON.stringify(data) + "_____";
message += "DatasetSyncCount: " + COGNITO_SYNC_COUNT + "_____";
$('#appConsole').text(message); // successful response
addRecord();
}
});
}
function addRecord(){
var params = {
DatasetName: COGNITO_DATASET_NAME, // required
IdentityId: COGNITO_IDENTITY_ID, // required
IdentityPoolId: COGNITO_IDENTITY_POOL_ID, // required
SyncSessionToken: COGNITO_SYNC_TOKEN, // required
RecordPatches: [
{
Key: 'USER_ID', // required
Op: 'replace', // required
SyncCount: COGNITO_SYNC_COUNT, // required
Value: FACEBOOK_USER.id
}
]
};
console.log("UserID: ".cyan + FACEBOOK_USER.id);
cognitosync.updateRecords(params, function(err, data) {
if (err){
errorMessage += "updateRecords: " + err, err.stack + "_____";
$('#errorConsole').text(errorMessage); // an error occurred
}
else{
message += "Value: " + JSON.stringify(data) + "_____";
$('#appConsole').text(message); // successful response
createS3();
}
});
}
function createS3(){
var bucket = new AWS.S3({
params: {
Bucket: 'backspace-cognito-test'
}
});
//Object key will be facebook-USERID#/FILE_NAME
var objKey = COGNITO_IDENTITY_ID+'/test.txt';
var params = {
Key: objKey,
ContentType: 'text/plain',
Body: "Hello!",
ACL: 'public-read'
};
bucket.putObject(params, function (err, data) {
if (err) {
errorMessage += 'COGNITO_IDENTITY_ID: ' + COGNITO_IDENTITY_ID + "_____";
$('#errorConsole').text(errorMessage); // an error occurred
errorMessage += 'putObject: ' + err + "_____";
$('#errorConsole').text(errorMessage); // an error occurred
} else {
message += "Successfully uploaded data to your S3 bucket" + "_____";
$('#appConsole').text(message); // successful response
}
});
}
})(jQuery);
(function($){
var AWS_ACCOUNT_ID = 'XXXXXXXX';
var AWS_REGION = 'us-east-1';
var COGNITO_IDENTITY_POOL_ID = 'us-east-1:XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXX';
var COGNITO_IDENTITY_ID, COGNITO_SYNC_TOKEN, AWS_TEMP_CREDENTIALS;
var cognitosync;
var IAM_ROLE_ARN = 'arn:aws:iam::XXXXXXXXX:role/Cognito_CognitoBrowserExampleAuth_DefaultRole';
var COGNITO_SYNC_COUNT;
var COGNITO_DATASET_NAME = 'TEST_DATASET';
var FACEBOOK_APP_ID = 'XXXXXXXXXXXXXX';
var FACEBOOK_TOKEN;
var FACEBOOK_USER = {
id: '',
first_name: '',
gender: '',
last_name: '',
link: '',
locale: '',
name: '',
timezone: 0,
updated_time: '',
verified: false
};
var userLoggedIn = false;
var message = 'AWS Cognito Example App Loaded_____';
var errorMessage = '';
function clearConsole(){
message = "";
$('#appConsole').html(message);
errorMessage = "";
$('#errorConsole').html(errorMessage);
}
// Login button
$('#btnLogin').on('click', function (event) {
login();
});
// Login button
$('#btnLogout').on('click', function (event) {
logout();
});
// Revoke permissions button
$('#btnRevoke').on('click', function (event) {
revoke();
});
/* Initialise openFB
Change the init function in openFB.js to:
function init(params) {
if (params.appId) {
fbAppId = params.appId;
runningInCordova = params.cordova;
} else {
throw 'appId parameter not set in init()';
}
if (params.tokenStore) {
tokenStore = params.tokenStore;
}
}
*/
openFB.init({
appId:FACEBOOK_APP_ID,
cordova:true
});
function login() {
clearConsole();
openFB.login(
function(response) {
if(response.status === 'connected') {
FACEBOOK_TOKEN = response.authResponse.token;
message += "Connected to Facebook_____";
$('#appConsole').text(message);
getInfo();
} else {
errorMessage += 'Facebook login failed: ' + response.error + "_____";
$('#errorConsole').text(errorMessage);
}
}, {scope: 'email,read_stream,publish_stream'});
}
function getInfo() {
openFB.api({
path: '/me',
success: function(data) {
message += "Logged in with Facebook as " + data.name+"_____";
$('#appConsole').text(message);
getCognitoID();
},
error: errorHandler});
}
function logout() {
openFB.logout(
function() {
message += "Logged out of Facebook_____";
$('#appConsole').text(message);
},
errorHandler);
}
function revoke() {
openFB.revokePermissions(
function() {
message += "Permissions revoked_____";
$('#appConsole').text(message);
},
errorHandler);
}
function errorHandler(error) {
errorMessage += error.message;
$('#errorConsole').text(errorMessage);
}
function getCognitoID(){
// The parameters required to intialize the Cognito Credentials object.
var params = {
AccountId: AWS_ACCOUNT_ID, // required
RoleArn: IAM_ROLE_ARN, // required
IdentityPoolId: COGNITO_IDENTITY_POOL_ID, // required
Logins: {
'graph.facebook.com': FACEBOOK_TOKEN
}
};
// set the Amazon Cognito region
AWS.config.region = AWS_REGION;
// initialize the Credentials object with our parameters
AWS.config.credentials = new AWS.CognitoIdentityCredentials(params);
// We can set the get method of the Credentials object to retrieve
// the unique identifier for the end user (identityId) once the provider
// has refreshed itself
AWS.config.credentials.get(function(err) {
if (err){ // an error occurred
errorMessage += "credentials.get: " + err, err.stack + "_____";
$('#errorConsole').text(errorMessage);
errorMessage += "AWS.config.credentials: " + JSON.stringify(AWS.config.credentials) + "_____";
$('#errorConsole').text(errorMessage);
}
else{
AWS_TEMP_CREDENTIALS = AWS.config.credentials;
COGNITO_IDENTITY_ID = AWS.config.credentials.identityId;
message += "Cognito Identity Id: " + COGNITO_IDENTITY_ID + "_____";
$('#appConsole').text(message);
getCognitoSynToken();
}
});
}
function getCognitoSynToken(){
// Other AWS SDKs will automatically use the Cognito Credentials provider
// configured in the JavaScript SDK.
cognitosync = new AWS.CognitoSync();
cognitosync.listRecords({
DatasetName: COGNITO_DATASET_NAME, // required
IdentityId: COGNITO_IDENTITY_ID, // required
IdentityPoolId: COGNITO_IDENTITY_POOL_ID // required
}, function(err, data) {
if (err){
errorMessage += "listRecords: " + err, err.stack + "_____";
$('#errorConsole').text(errorMessage); // an error occurred
}
else {
COGNITO_SYNC_TOKEN = data.SyncSessionToken;
COGNITO_SYNC_COUNT = data.DatasetSyncCount;
message += "listRecords: " + JSON.stringify(data) + "_____";
message += "DatasetSyncCount: " + COGNITO_SYNC_COUNT + "_____";
$('#appConsole').text(message); // successful response
addRecord();
}
});
}
function addRecord(){
var params = {
DatasetName: COGNITO_DATASET_NAME, // required
IdentityId: COGNITO_IDENTITY_ID, // required
IdentityPoolId: COGNITO_IDENTITY_POOL_ID, // required
SyncSessionToken: COGNITO_SYNC_TOKEN, // required
RecordPatches: [
{
Key: 'USER_ID', // required
Op: 'replace', // required
SyncCount: COGNITO_SYNC_COUNT, // required
Value: FACEBOOK_USER.id
}
]
};
console.log("UserID: ".cyan + FACEBOOK_USER.id);
cognitosync.updateRecords(params, function(err, data) {
if (err){
errorMessage += "updateRecords: " + err, err.stack + "_____";
$('#errorConsole').text(errorMessage); // an error occurred
}
else{
message += "Value: " + JSON.stringify(data) + "_____";
$('#appConsole').text(message); // successful response
createS3();
}
});
}
function createS3(){
var bucket = new AWS.S3({
params: {
Bucket: 'backspace-cognito-test'
}
});
//Object key will be facebook-USERID#/FILE_NAME
var objKey = COGNITO_IDENTITY_ID+'/test.txt';
var params = {
Key: objKey,
ContentType: 'text/plain',
Body: "Hello!",
ACL: 'public-read'
};
bucket.putObject(params, function (err, data) {
if (err) {
errorMessage += 'COGNITO_IDENTITY_ID: ' + COGNITO_IDENTITY_ID + "_____";
$('#errorConsole').text(errorMessage); // an error occurred
errorMessage += 'putObject: ' + err + "_____";
$('#errorConsole').text(errorMessage); // an error occurred
} else {
message += "Successfully uploaded data to your S3 bucket" + "_____";
$('#appConsole').text(message); // successful response
}
});
}
})(jQuery);
Now you can build and run your app. You should be able to login to Facebook and get your user Cognito ID.
Now that we have our Cognito ID credentials we can use this in the next page to get our CognitoSync Session Token.
Next Get CognitoSync Session Token