Shulou(Shulou.com)05/31 Report--

This article mainly introduces the relevant knowledge of "how to use Authing and AWS JWT Authorizer to replace Cognito". The editor shows you the operation process through an actual case. The operation method is simple, fast and practical. I hope this article "how to use Authing and AWS JWT Authorizer to replace Cognito" can help you solve the problem.

Use Authing's OIDC Provider as the AWS API Gateway authenticator to protect the Lambda function. You don't need to write any authentication code, you just need to configure it on both sides. It also demonstrates the OIDC IdToken ability of Authing to sign custom fields according to different contexts.

Authing console configuration

Sign up for an Authing account

Visit https://console.authing.cn and sign up for an account

Log in to the Authing console

Create a user pool

Create an application

Find the application you just created in the application list and click configure. Select RS256 at the signature algorithm below.

Create a user

Go to the user Management > user list, click the New button in the upper right corner, create two users, and finally click Save.

Set Token Custom Field

Enter the scalability > pipeline Pipeline, at the far right "before OIDC issues Token" location, click the plus sign below.

Select add Custom IdToken.

In the pop-up drawer, enter the following custom code to customize the Token field. Finally, click upload.

Async function pipe (user, context, callback) {if (user.email = 'sample@sample.com') {user.addIdToken ("companyCode", "sample")} if (user.email =' sample2@sample.com') {user.addIdToken ("companyCode", "sample2")} callback (null, user, context)}

AWS console configuration

Create API Gateway

Go to the AWS API Gateway console and click "create API".

Select HTTP API, and then click build.

Fill in the API name and click "next".

Click "next".

Click "next"

Click create.

Create a Lambda function

Go to the AWS Lambda console and click "create function".

Create the Lambda function as shown below, and the function name can be entered arbitrarily.

Add triggers to the Lambda function

Select API Gateway.

Select the API Gateway you just created and click "add".

Click the Lambda function and scroll down the browser window to enter the editing interface.

Enter the following code to return the information in Token, including companyCode.

Exports.handler = async (event) = > {/ / TODO implement const token = event.headers.authorization.replace ('Bearer',''); const claims = event.requestContext.authorizer.claims; const response = {statusCode: 200, body: JSON.stringify ({token, claims, companyCode: claims.companyCode})}; return response;}

Finally, click "Deploy".

Set API Gateway routing Authorizer

Go to the AWS API Gateway console and find the API you just created.

Locate the trigger route you just set for the Lambda function and click "additional Authorization".

Click create and attach licensor.

Select the type of JWT licensor

The licensor is set up as follows.

The above information can be found on the Authing console:

In the Apps > Apps list, find your app and click "configure".

The publisher URL fills in the Issuer here, and the audience fills in the application ID.

Finally, click "create and attach".

At this point, all the configurations are complete.

Login exampl

Install NodeJS

Http://nodejs.cn/download/

Clone project

Git clone https://git.authing.co/yezuwei/sample-poc

Installation dependency

Cd sample-pocnpm install

Running

Node bin/www

Then access https://kone.authing.cn in the browser

Enter your account number and password on the login page

Received a response from Lambda:

Click to log out, and then log in with your account and password

Received a response from Lambda:

Notice that companyCode has logically determined based on the user's information field and returned another one.

That's all for "how to replace Cognito with Authing and AWS JWT Authorizer". Thank you for reading. If you want to know more about the industry, you can follow the industry information channel. The editor will update different knowledge points for you every day.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.