This repository demonstrates how to implement Developer authenticated identities authflow - Enhanced authflow using Amazon Cognito.
- app
- 'Developer Provider' (backend application implemented with Golang)
- client
- Frontend application running on 'Device'
- This application accesses a configuration hosted on AWS AppConfig using credentials obtained through the authflow.
- infra
- Terraform scripts to build Amazon Cognito and AWS AppConfig resources
NOTE:
The following steps are omitted in the application of this repository for simplicity.
1. Login via Developer Provider (code outside of Amazon Cognito)2. Validate the user login (code outside of Amazon Cognito)
The application starts the flow from 3. GetOpenIdTokenForDeveloperIdentity.
You have to install the followings beforehand.
- Terraform
- AWS CLI
- Please make sure that credential information is properly configured.
- Golang
- nodejs
cd infra
cp secret.tfvars_sample secret.tfvarsPlease edit the secret.tfvars like the following:
aws_account_id = "<Input your aws account id>"
cognito_provider_name = "login.myapp.example.com"
terraform init
terraform plan -var-file="secret.tfvars"
terraform apply -var-file="secret.tfvars"
Terraform should output identity pool ID. We use this when starting 'app'.
NOTE:
We have to deploy the configuration hosted on AWS AppConfig. Please see Step 5: Deploying a configuration for detailed information.
cd app
export AWS_IDENTITY_POOL_ID= .... # your identity pool ID Terraform outputs
export AWS_LOGIN_PROVIDER=login.myapp.example.com # == 'cognito_provider_name' in secret.tfvars
export AWS_LOGIN_NAME=test_user
export AWS_TOKEN_DURATION_SECONDS=600go run .cd client
yarn startYou should see a webpage on localhost:3000 and a start button on it.
You can test the authflow by pushing the button!
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent