If a user logs in, I'm checking if the user has the required policies for IoT, if not, i'm attaching it.
This works fine, if i'm logging in for the first time.
Now when I'm logging out, and try to login with a different user, for some reason the credentials are missing, and when i'm refreshing the page, its working again....
window.login = function() {
var shadowsRegistered = false;
AWSCognito.config.region = AWSConfiguration.region;
AWSCognito.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId: AWSConfiguration.IdPoolId
});
var authenticationData = {
Username : document.getElementById("benutzername").value,
Password : document.getElementById("passwort").value
};
var authenticationDetails = new AmazonCognitoIdentity.AuthenticationDetails(authenticationData);
var poolData = {
UserPoolId : AWSConfiguration.UserPoolId,
ClientId : AWSConfiguration.ClientAppId
};
var userPool = new AmazonCognitoIdentity.CognitoUserPool(poolData);
var userData = {
Username : document.getElementById("benutzername").value,
Pool : userPool
};
var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);
cognitoUser.authenticateUser(authenticationDetails, {
onSuccess: function (result) {
AWS.config.region = AWSConfiguration.region;
var auth_params = {
IdentityPoolId: AWSConfiguration.IdPoolId,
Logins : {
'cognito-idp.eu-central-1.amazonaws.com/eu-central-XXXX' : result.getIdToken().getJwtToken()
}
};
AWS.config.credentials = new AWS.CognitoIdentityCredentials(auth_params);
var cognitoIdentity = new AWS.CognitoIdentity();
cognitoIdentity.getId(auth_params, function(err, data) {
if (err) {
cognitoId = AWS.config.credentials.identityId;
}
else{
cognitoId = data.IdentityId;
}
var iot = new AWS.Iot();
iot.listPrincipalPolicies({principal: cognitoId}, function(err, data) {
if (err) {
console.log(err, err.stack); //ERROR on 2nd login
}
else{
// not related, works on the first login..
The Error I'm receiving:
CredentialsError: Missing credentials in config
I fixed it by myself. You need to clear the cached credentials.
$('#logout').click(function() {
currentUser = userPool.getCurrentUser();
currentUser.signOut();
AWS.config.credentials.clearCachedId();
AWS.config.credentials = new AWS.CognitoIdentityCredentials({});
location.reload();
});
Related
I have a node.js app that has a few files that I am working with, but the main two javascript files are a RestController and AuthController. The RestController is supposed to call the AuthController to pull a new access token from Salesforce, the server that I am attempting to hit.
I currently set up my AuthController.js to work with promises so that I can wait to get my access token. The problem is I have no idea how to get my RestController.js file to wait for the access token from the AuthController.js file.
I am also very very new to Javascript and Promises, so I am not sure if I even set up my functions correctly. Basically, I want my AuthController to handle getting the access token and the RestController to handle the Rest request to our server.
AuthController.js
var fs = require('fs');
var jwt = require('jsonwebtoken');
var request = require('request');
var querystring = require('querystring');
var config = require('../../configs/config.json');
var filename = __dirname + '/../../' + config.key_path;
var access_token;
var readFilePromise = function(file) {
return new Promise(function(ok, notOk) {
fs.readFile(file, function(err,data) {
if (err) {
notOk(err);
} else {
ok(data);
}
});
});
}
var getAccessToken = function(key) {
return new Promise(function(ok,notOk) {
var jwtparams = {
iss : config.client_id,
sub: config.username,
aud: 'https://' + config.host,
exp : Date.now() + 300
};
var token = jwt.sign(jwtparams, key, {algorithm: 'RS256'});
var data = querystring.stringify({
grant_type : 'urn:ietf:params:oauth:grant-type:jwt-bearer',
assertion : token
});
request.post({
headers: {
'Content-Type' : 'application/x-www-form-urlencoded',
'Content-Length' : data.length
},
url: 'https://' + config.host + '/services/oauth2/token',
body: data
}, function(error, response, body) {
if (error) {
return notOk(error);
}
try {
ok(JSON.parse(body).access_token);
} catch (e) {
notOk(e);
}
});
});
}
function main() {
readFilePromise(filename).then(function(data) {
getAccessToken(data.toString()).then(function(data) {
access_token = data.toString();
});
});
}
module.exports = {main};
RestController.js
var https = require('https');
var request = require('request');
var auth = require('./authController.js');
class SystemController {
doProcessPostStatus (req,res) {
if (!req.body.systemId) {
return res.status(400).send([
{
'errorCode' : 'INVALID_REQUEST_BODY',
'message' : 'System Id "systemId" variable is required.'
}
]);
} else if (typeof req.body.success === 'undefined') {
return res.status(400).send([
{
'errorCode' : 'INVALID_REQUEST_BODY',
'message' : 'Success "success" variable is required'
}
]);
} else if (!req.body.message) {
return res.status(400).send([
{
'errorCode' : 'INVALID_REQUEST_BODY',
'message' : 'Message "message" variable is required'
}
]);
}
var access_token = auth.main();
console.log(access_token);
}
}
var systemControllerVar = new SystemController();
module.exports = systemControllerVar;
Any help is greatly appreciated as I am currently stuck, thanks!
Given the code below, how will I output the response back on the webpage when the response is either success or fail?
loginUser(data) {
var authenticationData = {
Username : data.email,
Password : data.password
};
var authenticationDetails = new AmazonCognitoIdentity.AuthenticationDetails(authenticationData);
var userPool = new AmazonCognitoIdentity.CognitoUserPool(config.cognito);
var userData = {
Username : data.email,
Pool : userPool
};
var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);
var output = null;
cognitoUser.authenticateUser(authenticationDetails, {
onSuccess: function (result) {
output = result;
return output;
},
onFailure: function(err) {
console.log(err);
},
});
}
<div id="test_mg"></div>
You can use an async function and Promise in order to get the result from the async call.
function loginUser(data) {
var authenticationData = {};
var authenticationDetails = new AmazonCognitoIdentity.AuthenticationDetails(authenticationData);
var userPool = new AmazonCognitoIdentity.CognitoUserPool(config.cognito);
var userData = {};
var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);
var output = null;
return new Promise(function(resolve, reject) {
cognitoUser.authenticateUser(authenticationDetails, {
onSuccess: resolve,
onFailure: reject,
});
});
}
async function main() {
try {
var output = await loginUser(data);
} catch(e) {
console.log(e);
}
}
I'm doing an user management with the AmazonWebService cognito and I having some difficulties to authenticate me to my user pool.
Do am I logged in if I just do:
login: function(username, password, _poolData) {
var deferred = $q.defer();
var authenticationData = {
Username : username,
Password : password,
};
var userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(_poolData);
var userData = {
Username : username,
Pool : userPool
};
cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);
var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
cognitoUser.authenticateUser(authenticationDetails, {
onSuccess: function (result) {
console.log('access token + ' + result.getAccessToken().getJwtToken());
console.log('idToken + ' + result.idToken.jwtToken)
deferred.resolve('successfully logged in.');
},
onFailure: function(err) {
console.log(error);
alert(err);
deferred.reject('login failled.');
},
});
return deferred.promise;
},
Because I can not get my user attributes after using this login method.
Like this:
getCognitoUserAttr: function(username, _poolData) {
var userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(_poolData);
var userData = {
Username : username,
Pool : userPool
};
cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);
cognitoUser.getUserAttributes(function(err, result) {
if (err) {
alert(err);
return;
}
for (var i = 0; i < result.length; i++) {
console.log('attribute ' + result[i].getName() + ' has value ' + result[i].getValue());
}
});
}
I always have the error message:
Error: User is not authenticated
Note that the login method is from :https://docs.aws.amazon.com/fr_fr/cognito/latest/developerguide/using-amazon-cognito-user-identity-pools-javascript-examples.html
What I have to do?
Here you go. I made a function called getUserAttributes() then used the same code as seen in isAuthenticated.
getUserAttributes(){
let cognitoUser = this.getCurrentUser();
if (cognitoUser != null) {
cognitoUser.getSession(function (err, session) {
cognitoUser.getUserAttributes(function(err, result) {
if (err) {
console.log(err);
return;
}
for (let i = 0; i < result.length; i++) {
console.log('attribute ' + result[i].getName() + ' has value ' + result[i].getValue());
}
});
});
}
}
this is the login function i use
authenticate(username: string, password: string, callback: CognitoCallback) {
let authenticationData = {
Username : username,
Password : password,
};
let authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
let poolData = {
UserPoolId : CognitoUtil._USER_POOL_ID,
ClientId : CognitoUtil._CLIENT_ID
};
let userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(poolData);
let userData = {
Username : username,
Pool : userPool
};
let cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);
cognitoUser.authenticateUser(authenticationDetails, {
onSuccess: function (result) {
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId : CognitoUtil._IDENTITY_POOL_ID,
Logins : {
'cognito-idp.REGION.amazonaws.com/POOLID':result.getIdToken().getJwtToken()
}
});
callback.cognitoCallback('loginSuccess', null);
},
onFailure: function (err) {
callback.cognitoCallback(err.message, null);
}
});
}
I am trying to create events using the google calendar api however, I am having trouble with the authorization. I created a google login, a different way so I am not sure the best way to go about connecting to the google calendar, this is my hwapi file:
var Homework = require('../models/homework');
var mongoose = require('mongoose');
var google = require('googleapis');
var jwt = require('jsonwebtoken');
var secret = 'check123';
var googleAuth = require('google-auth-library');
var GoogleStrategy = require('passport-google-oauth').OAuth2Strategy;
var googleAuth = require('google-auth-library');
// function authorize(credentials, callback) {
// var clientSecret = credentials.installed.client_secret;
// var clientId = credentials.installed.client_id;
// var redirectUrl = credentials.installed.redirect_uris[0];
// var oauth2Client = new auth.OAuth2(clientId, clientSecret, redirectUrl);
// // Check if we have previously stored a token.
// fs.readFile(TOKEN_PATH, function(err, token) {
// if (err) {
// getNewToken(oauth2Client, callback);
// } else {
// oauth2Client.credentials = JSON.parse(token);
// callback(oauth2Client);
// }
// });
// }
//mongoose.connect('mongodb://localhost:27017/test');
var auth = new googleAuth();
var clientSecret = '4etHKG0Hhj84bKCBPr2YmaC-';
var clientId = '655984940226-dqfpncns14b1uih73i7fpmot9hd16m2l.apps.googleusercontent.com';
var redirectUrl = 'http://localhost:8000/auth/google/callback';
var auth = new googleAuth();
var oauth2Client = new auth.OAuth2(clientId, clientSecret, redirectUrl);
//console.log(auth);
module.exports = function(hwRouter,passport){
hwRouter.post('/homeworks', function(req, res){
var homework = new Homework();
homework.summary = req.body.summary;
homework.description = req.body.description;
homework.startDate = req.body.startDate;
homework.endDate = req.body.endDate;
if(req.body.summary == null || req.body.summary == '' || req.body.description == null || req.body.description == '' || req.body.startDate == null || req.body.startDate == '' || req.body.endDate == null || req.body.endDate == ''){
res.send("Ensure all fields were provided!");
}
else{
homework.save(function(err){
if(err){
res.send('Homework already exists!');
}
else{
res.send('Homework created successfully!');
}
});
}
})
var calendar = google.calendar('v3');
hwRouter.get('/retrieveHW/:summary', function(req,res){
Homework.find({},function(err,hwData){
console.log(hwData);
var event = {
'summary': 'Google I/O 2015',
'location': '800 Howard St., San Francisco, CA 94103',
'description': 'A chance to hear more about Google\'s developer products.',
'start': {
'dateTime': '2015-05-28T09:00:00-07:00',
'timeZone': 'America/Los_Angeles',
},
'end': {
'dateTime': '2015-05-28T17:00:00-07:00',
'timeZone': 'America/Los_Angeles',
},
'recurrence': [
'RRULE:FREQ=DAILY;COUNT=2'
],
'attendees': [
{'email': 'lpage#example.com'},
{'email': 'sbrin#example.com'},
],
'reminders': {
'useDefault': false,
'overrides': [
{'method': 'email', 'minutes': 24 * 60},
{'method': 'popup', 'minutes': 10},
],
},
};
console.log(auth)
calendar.events.insert({
auth: auth,
calendarId: 'primary',
resource: event,
}, function(err, event) {
if (err) {
console.log('There was an error contacting the Calendar service: ' + err);
return;
}
console.log('Event created: %s', event.htmlLink);
});
res.json({success: true, message: "successfull retrieved the homework!"});
});
})
return hwRouter;
}
As you can see Ive tried using some of the code that the goog api has provided just to make sure I can connect to it. The part my code gets stuck is I believe when I pass it the auth: auth in the calendar.event.create portion. it gives me the error: authClient.request is not a function. any advice would help thanks!
Try following the JavaScript sample:
/**
* Initializes the API client library and sets up sign-in state
* listeners.
*/
function initClient() {
gapi.client.init({
discoveryDocs: DISCOVERY_DOCS,
clientId: CLIENT_ID,
scope: SCOPES
}).then(function () {
// Listen for sign-in state changes.
gapi.auth2.getAuthInstance().isSignedIn.listen(updateSigninStatus);
// Handle the initial sign-in state.
updateSigninStatus(gapi.auth2.getAuthInstance().isSignedIn.get());
authorizeButton.onclick = handleAuthClick;
signoutButton.onclick = handleSignoutClick;
});
}
/**
* Called when the signed in status changes, to update the UI
* appropriately. After a sign-in, the API is called.
*/
function updateSigninStatus(isSignedIn) {
if (isSignedIn) {
authorizeButton.style.display = 'none';
signoutButton.style.display = 'block';
listUpcomingEvents();
} else {
authorizeButton.style.display = 'block';
signoutButton.style.display = 'none';
}
}
In this code, after the initClient() runs, the gapi.auth2.getAuthInstance().isSignedIn.listen(updateSigninStatus); listens for any state changes. updateSigninStatus function handles if initClient() successfully logged in or not. If yes, it call the listUpcomingEvents() function, in your case you will call the create event function.
Here is a related SO post that can help you with a JS client library code implementation.
Hope this helps.
Writing a Parse Cloud Function (which uses Parse Javascript SDK) and I am having trouble checking to see if the current user has role "Admin". I'm looking at the web view of the Role class and a role with the name "Admin" exists, if I click "View Relations" for users, it shows the current user. I doubt it should matter, but "Admin" is the only role and the current user is the only user with a role. Lastly, the "Admin" role has an ACL of Public Read, so that shouldn't be causing any issues either.
Code is as follows:
...
var queryRole = new Parse.Query(Parse.Role);
queryRole.equalTo('name', 'Admin');
queryRole.equalTo("users", Parse.User.current());
queryRole.first({
success: function(result) { // Role Object
var role = result;
role ? authorized = true : console.log('Shiet, user not Admin');
},
error: function(error) {
console.log("Bruh, queryRole error");
}
})
console.log('After test: Auth = ' + authorized);
if (!authorized) {
response.error("You ain't no admin, measly user");
return;
}
...
This results in the following in the log:
Before test: Auth = false
After test: Auth = false
Give this a shot:
var authorized = false;
console.log('Before test: Auth = ' + authorized);
var queryRole = new Parse.Query(Parse.Role);
queryRole.equalTo('name', 'Admin');
queryRole.first({
success: function(result) { // Role Object
console.log("Okay, that's a start... in success 1 with results: " + result);
var role = result;
var adminRelation = new Parse.Relation(role, 'users');
var queryAdmins = adminRelation.query();
queryAdmins.equalTo('objectId', Parse.User.current().id);
queryAdmins.first({
success: function(result) { // User Object
var user = result;
user ? authorized = true : console.log('Shiet, user not Admin');
}
});
},
error: function(error) {
console.log("Bruh, can't find the Admin role");
}
}).then(function() {
console.log('After test: Auth = ' + authorized);
});
I got a simpler solution, give this a try:
var adminRoleQuery = new Parse.Query(Parse.Role);
adminRoleQuery.equalTo('name', 'admin');
adminRoleQuery.equalTo('users', req.user);
return adminRoleQuery.first().then(function(adminRole) {
if (!adminRole) {
throw new Error('Not an admin');
}
});
For those of you looking for a Parse Server (2018) answer, see below:
Parse.Cloud.define('authorizedUserTest', function(request, response) {
if(!request.params.username){
//response.error('no username');
response.error(request.params);
}
var queryRole = new Parse.Query(Parse.Role);
queryRole.equalTo('name','Admin');
queryRole.first({ useMasterKey: true }).then(function(promise){
var role = promise;
var relation = new Parse.Relation(role, 'users');
var admins = relation.query();
admins.equalTo('username', request.user.get('username'));
admins.first({ useMasterKey: true }).then(function(user){
if(user){
response.success(true)
}
else {
response.success(false)
}
}, function(err){
response.error('User is not an admin')
})
}, function(err){
response.error(err)
})
});
request.params is equal to a dictionary {"username":inputUsernameHere}.
Feel free to comment if you have questions.