|
10 | 10 | + [GET /login-with-apple-id](#get-login-with-apple-id) |
11 | 11 | + [GET /login-with-google-play](#get-login-with-google-play) |
12 | 12 | + [GET /login-with-facebook](#get-login-with-facebook) |
| 13 | + + [GET /login-with-cognito](#get-login-with-cognito) |
13 | 14 |
|
14 | 15 | The custom identity component is a serverless solution that manages a JSON Web Key Set (JWKS) with key rotation and publicly available configuration and public keys through an Amazon CloudFront endpoint. It supports integration with Steam, Sign in with Apple, Google Play, and Facebook, and can be extended with custom code to more providers such as console platforms. |
15 | 16 |
|
@@ -37,6 +38,8 @@ Optionally, you can add integrations to identity providers by modifying `CustomI |
37 | 38 | * Set `const googlePlayClientSecretArn` to the Arn of a Secrets Manager secret containing your Client Secret for the Web application client (see [Google Play developer docs](https://developers.google.com/games/services/console/enabling) for details). You can create a secret with the AWS CLI: `aws secretsmanager create-secret --name MyGooglePlayClientSecret --description "Google Play client secret" --secret-string "YOURCLIENTSECRET"` |
38 | 39 | * __Facebook__ |
39 | 40 | * Set `const facebookAppId` to the App ID of your Facebook application in developer.facebook.com. You can find this under "Basic Settings" for the app. |
| 41 | +* __Cognito__ |
| 42 | + * Set `const cognito = "true"` |
40 | 43 |
|
41 | 44 | When you set a non empty value for one of these App ID:s, the CDK stack will automatically deploy required endpoints and resources for that platform. |
42 | 45 |
|
@@ -214,4 +217,75 @@ The API integrations are built into the SDK:s provided for Unreal, Unity, and Go |
214 | 217 | > | `200` | `{'facebook_id': facebook_id,'user_id': user_id,'auth_token': auth_token,'refresh_token': refresh_token, 'auth_token_expires_in' :auth_token_expires_in,'refresh_token_expires_in' : refresh_token_expires_in}` | |
215 | 218 | > | `401` | Multiple errors: could not create a validate user | |
216 | 219 |
|
| 220 | +### GET /login-with-cognito |
217 | 221 |
|
| 222 | +`GET /login-with-cognito` |
| 223 | + |
| 224 | +**Parameters** |
| 225 | + |
| 226 | +> | name | required | description | |
| 227 | +> |-----------|-----------|--------------------------------------------------------------------------------| |
| 228 | +> | `link_to_existing_user` | No | Set this to `Yes` for linking the Cognito identity to existing user. Requires also the `auth_token` field to be set. | |
| 229 | +> | `access_token` | No | Provide an existing access_token for a logged in user when linking Cognito identity to existing user. Requires also the `link_to_existing_user` to be set. | |
| 230 | +> | `auth_code` | No | The auth code returned to the clien after the guest auth flow complete. | |
| 231 | +
|
| 232 | + |
| 233 | +**Body** |
| 234 | +> | name | required | description | |
| 235 | +> |-----------|-----------|--------------------------------------------------------------------------------| |
| 236 | +> | `username` | No | When logging in with Cognito, you always need to provide a valid username | |
| 237 | +> | `password` | No | When logging in with Cognito, you always need to provide a valid password | |
| 238 | +> | `email` | No | When signing up, you always need to provide a valid email address | |
| 239 | +> | `signin` | No | Set this to `True` for signing in with Cognito | |
| 240 | +> | `signup` | No | Set this to `True` for signing up with Cognito | |
| 241 | +> | `signup_confirmation_code` | No | Set this to the signup confirmation code that will be emailed to a user after they sign up with Cognito for first time. | |
| 242 | +> | `signout` | No | Set this to `True` when signing out | |
| 243 | +> | `forgot_password` | No | Set this to `True` when initiating forgot password flow | |
| 244 | +> | `reset_password` | No | Set this to `True` for requesting a code to reset password that will be emailed to user | |
| 245 | +> | `reset_password_code` | No | Set this to the reset password code that will be emailed to the user when once they have initiated the forgot password flow. | |
| 246 | +
|
| 247 | +**Responses** |
| 248 | + |
| 249 | +> | http code | response | |
| 250 | +> |---------------|---------------------------------------------------------------------| |
| 251 | +> | `200` | `{'cognito__id': cognito_user_id,'user_id': user_id,'auth_token': auth_token,'refresh_token': refresh_token, 'auth_token_expires_in' :auth_token_expires_in,'refresh_token_expires_in' : refresh_token_expires_in}` | |
| 252 | +> | `401` | Multiple errors: could not create a validate user | |
| 253 | +
|
| 254 | +**Example POST requests with curl** |
| 255 | + |
| 256 | +**Sign up as a new user** |
| 257 | + |
| 258 | +```bash |
| 259 | +curl -XPOST -d '{ |
| 260 | + "body": { |
| 261 | + "username": "Username", |
| 262 | + "password": "Password12345#", |
| 263 | + "email": "email@domain.com", |
| 264 | + "signup": "True" |
| 265 | + } |
| 266 | +}' 'https://abcdefg.execute-api.us-west-2.amazonaws.com/prod/login-with-cognito' |
| 267 | +```` |
| 268 | + |
| 269 | +**Confirm sign up with a confirmation code** |
| 270 | + |
| 271 | +```bash |
| 272 | +curl -XPOST -d '{ |
| 273 | + "body": { |
| 274 | + "username": "Username", |
| 275 | + "confirmation_code": "1234567", |
| 276 | + "signup_confirmation_code": "True" |
| 277 | + } |
| 278 | +}' 'https://abcdefg.execute-api.us-west-2.amazonaws.com/prod/login-with-cognito' |
| 279 | +``` |
| 280 | + |
| 281 | +**Sign in with a confirmed user** |
| 282 | + |
| 283 | +```bash |
| 284 | +curl -XPOST -d '{ |
| 285 | + "body": { |
| 286 | + "username": "Username", |
| 287 | + "password": "Password12345#", |
| 288 | + "signin": "True" |
| 289 | + } |
| 290 | +}' 'https://abcdefg.execute-api.us-west-2.amazonaws.com/prod/login-with-cognito' |
| 291 | +``` |
0 commit comments