amazon-archives / amazon-cognito-identity-js Goto Github PK

Hi ,

I am trying to login the user after successful sign up. However I am getting below error -

TypeError: undefined is not an object (evaluating 'sjcl.codec.bytes.toBits')

var signin = {}; 

signin.login = function(){

signin.userName                 =       $("#loginUserName").val();
signin.userPassword             =       $("#loginPassword").val();

AWSCognito.config.region = 'us-east-1';
AWSCognito.config.credentials = new AWS.CognitoIdentityCredentials({
    IdentityPoolId: '...' // your identity pool id here
}); 

// Need to provide placeholder keys unless unauthorised user access is enabled for user pool
AWSCognito.config.update({accessKeyId: 'anything', secretAccessKey: 'anything'})

var authenticationData = { 
    Username : signin.userName,
    Password : signin.userPassword,
};  
var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
var poolData = { 
    UserPoolId : APP_CONSTANT.USER_POOL_ID,
    ClientId :   APP_CONSTANT.CLIENT_ID
};  
var userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(poolData);
var userData = { 
    Username : signin.userName,
    Pool : userPool
};  
var cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);
cognitoUser.authenticateUser(authenticationDetails, {
    onSuccess: function (result) {
        console.log('access token + ' + result.getAccessToken().getJwtToken());
    },  

    onFailure: function(err) {
        alert(err);
    },  
  });

};

`

Here is my repository for the code, Really appreciate any help in this regard.

Thanks & Regards
Jeetendra

The code samples, while being extremely helpful, were not complete enough for me to use and required a few hours wading through documentation/source code to figure out how to get everything working.

Some of the personal frustrations I went through included

1. Not knowing how/when to update the AWS credentials. I assumed incorrectly that this library automatically updated them, which, one could argue, should be done here.
2. Not knowing I needed to re-instantiate the AWS service objects after credentials were updated.
3. Not knowing how to format the Logins parameter key for the CognitoIdentityCredentials.

For these reasons, I think we could save a lot of this repeated frustration by modifying code samples 4 and 15 with the necessary AWS glue to make it all work. Submitting PR.

Use case 4. Authenticating a user and establishing a user session with the Amazon Cognito Identity service.

There's no documentation on where/how the cognitoUser variable gets instantiated.

Hi
I got all examples working now, but cannot figure out how to access an API Gateway Endpoint that is protected with AWS_IAM authorisation.

Is that even possible?

And in case it is possible, is there also a way to access with the unauthorized role?

This is all a bit confusing and I can't find a good documentation with typical use cases and flows for UserPools and API access.

My code is basically your examples from the README. and I can create a user but the authentication step always returns Incorrect username or password. I'm convinced the user name and pass word are identical in each step ('fred' and 'password')

Any help you can offer would be greatly appreciate as I'm going mad. My code is here

If I try to authenticate before creating the user I get an error that the user/password can't be found. SO the basic access is working.

I can't find a way to list the user pool settings the AWS so here's the pool details from the web site

    Pool Id us-east-1_A2HeABQfl
    Pool ARN arn:aws:cognito-idp:us-east-1:063024541135:userpool/us-east-1_A2HeABQfl
    Number of users 1
    Required attributes none
    Alias attributes none
    Custom attributes Choose custom attributes... None
    Minimum password length 6
    Password policy no requirements
    MFA Enable MFA...
    Verifications none
    Apps Brian
    Triggers Add triggers... None

My Identity Pool region is in Ireland and I notice contains no identities, I assume that happens later? I've certainly seen no code to create them after creating the pool user.

A wild stab in the dark is it is perhaps something to do with the fact I have disabled all Verifications? This is a requirement as the users will be elderly people in a care home settings and will not have email or SMS.

Are there plans to publish this module to npm? We are trying to integrate this into a build process and having it on npm would be ideal

Hello.

I made an example with browser and is working (cordova, webpage).
I made an example with nodejs and is working, from fork #43.
The same code was loaded to aws lambda and gave a error:
message: 'Incorrect username or password.', code: 'NotAuthorizedException'.
I think that date is the problem, because in other machine with date wrong is not working too.

Best regards.

getUserAttributes does not return custom attributes. Is there another method?

This user pool is awesome and I really eager to use it.

I'm living in Japan and our customers are almost Japanese.
I'm thinking about latency from Japan to us-east-1 and if I could I wanna bring EXISTING user data from us-east-1 to ap-northeast-1 in the future.

Please let me know if you think about it or not?

thanks

Hi,
I've completed the authentication flow and I can successfully login, get the tokens, set AWS credentials via Cognito Identity etc...
All the methods in this library works correctly, for example i can change a password, but getUserAttributes always returns an error: User is not authenticated, the code is:

const cognitoUser = userPool.getCurrentUser();
cognitoUser.getUsername(); // 'simone'
cognitoUser.changePassword('asdASD123!', 'newPassword000$$$', function(err, result) {
  // ok!
});
cognitoUser.deleteAttributes(['custom:xxx'], function(err, result) {
  // ok!
});
cognitoUser.getUserAttributes((err, result) => {
  // error: User is not authenticated
});

I've tried to wrap the call in a setTimeout etc... but no luck.

This is the full code I use for authenticating etc...: https://github.com/plasticpanda/cognito-idp-demo/blob/master/lib/idp.js

Thank you,
Simone

I got all examples working by hard coding my AWS credentials into the web page code.

Now I want to remove my AWS credentials and change to federated identity login.
I've created an federated identity pool and selected Cognito as the authentication provider.
I've used my user pool id and app client id to configure the authentication provider settings.

When omitting the
AWSCognito.config.update({accessKeyId: '....', secretAccessKey: '...'});
and using
AWSCognito.config.credentials = new AWS.CognitoIdentityCredentials({ IdentityPoolId: '....'});
instead, then I am getting a failure stating
"NotAuthorizedException: Missing credentials in config"

How do I need to configure the CognitoIdentityCredentials to be able to login with my Cognito provider?

I'm new to AWS and specifically cognito. I eventually discovered the JS SDK, though it is rather hidden in your copious docs. It's not really well signposted form other places like mobile.

I stumbled across pools pages in the copious docs and they are just what I need. But then got stuck on the page that says download the SDK but provides no details. None of the functions are in the JS SDK.

• Is this where we should download from? It seems to be. IS this kept more up to date than the docs?
• 'Create an app for your user pool' - how? what? where?
• I'm more than a little concerned about the size of all this for my mobile app. I removed moment from my code as it was > 200K for a couple of lines of code. With all the other stuff this is getting pretty big.
• The docs say it is beta and here it is a 'preview'

Can we have Triggers for things like Pre Forgot Password?

I'd like to add the ability to integrate reCaptcha into a forgotten password request. the pre-trigger would allow me to integrate the server-side aspect of the service easily.

Hi, just wondering why this wasn't included in the mainline aws-sdk. Is this how you plan on supporting User Pools going forward?

The sample code for use case 1 (included below for reference) produces an alert CredentialsError: Missing credentials in config when using a ClientId for which no secret is required.

AWSCognito.config.region = 'us-east-1';
    var poolData = { UserPoolId : 'us-east-1_TcoKGbf7n',
                ClientId : '4pe2usejqcdmhi0a25jp4b5sh3'
    };
    var userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(poolData);

    var attributeList = [];

    var dataEmail = {
        Name : 'email',
        Value : '[email protected]'
    };
    var dataPhoneNumber = {
        Name : 'phone_number',
        Value : '+15555555555'
    };
    var attributeEmail = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserAttribute(dataEmail);
    var attributePhoneNumber = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserAttribute(dataPhoneNumber);

    attributeList.push(attributeEmail);
    attributeList.push(attributePhoneNumber);

    userPool.signUp('username', 'password', attributeList, null, function(err, result){
        if (err) {
            alert(err);
            return;
        }
        cognitoUser = result.user;
        console.log('user name is ' + cognitoUser.getUsername());
    });

I keep getting this err on the following file: amazon-cognito-identity.min.js
amazon-cognito-identity.min.js:19 Uncaught TypeError: Cannot read property 'fromBits' of undefined

step (use case) 1 and 2 work fine for me on the following link, but not step 4.
Doing step 4 here: https://github.com/aws/amazon-cognito-identity-js/
I have copied and pasted all the proper values into the fake variables u see below. Not sure what's happening. The user is in the pool and currently User Status Enabled / Confirmed

var authenticationData = {
Username : 'username',
Password : 'password',
};
var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
var poolData = {
UserPoolId : 'us-east-1_TcoKGbf7n',
ClientId : '4pe2usejqcdmhi0a25jp4b5sh3'
};
var userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(poolData);
var userData = {
Username : 'username',
Pool : userPool
};
var cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);
cognitoUser.authenticateUser(authenticationDetails, {
onSuccess: function (result) {
console.log('access token + ' + result.getAccessToken().getJwtToken());
},

onFailure: function(err) {
alert(err);
},

});

Hi There,
Struggling to find much documentation about this new service. Perhaps someome can help. So after authenticating a user I have a cognitoUser object on the scope with their JWT tokens. I can also see this info is stored in the Local Storage.

If I loose the user object (say the user closes the tab or reloads their page) how do I recreate the authenticated object without making the user sign in again, as I can see the JWT tokens still exist in local storage so they are not lost.

I'm very new to AWS and I've been struggling with authentication. I used the code from this git for authenticating a user and it worked, but when I try to initialize dynamodb, I receive this error:
"NotAuthorizedException: Missing credentials in config" with the message "Invalid login token. Issuer doesn't match providerName".

This is the code I used to update my credentials after it has been authenticated.

AWS.config.credentials = new AWS.CognitoIdentityCredentials({ IdentityPoolId: 'us-east-1:...', Logins: { 'cognito-idp.us-east-1.amazonaws.com/us-east-1:...': result.getIdToken().getJwtToken() } }); //CONNECT TO DB var db = new AWS.DynamoDB({region: 'us-east-1'});

Any help would be appreciated. Thanks!

Hi, I am following the steps on the guide and I have succesfully SignedUp users via js client, however when I try to authenticate my signed and confirmed users I get: Error: Incorrect username or password. I have created new users and verified that username and password is correct. Is there any other event that could trigger this error?

Thanks for your help.

Code:
Note: userPool is already created with app data and works for registration, username and password are retrieved from a form and were verified with console.log
var authenticationData = {
Username : username,
Password : password,
};
var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
var userData = {
Username : username,
Pool : userPool
};
var cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);
cognitoUser.authenticateUser(authenticationDetails, {
onSuccess: function (result) {
console.log('access token + ' + result);
// console.log('access token + ' + result.getAccessToken().getJwtToken());
},

    onFailure: function(err) {
        console.log(err);
        alert(err);
    }

});  

Is there a way to check if the user is confirmed at login? The response from userPool.signUp() includes a userConfirmed property, but I can't figure out how to determine whether the user needs to submit the verification code after an unsuccessful login attempt. The error response is just "Incorrect username or password." for unconfirmed users.

As far as I can see only the user and password props of AuthenticationDetails are used so why not just use the plain JS object used to construct AuthenticationDetails?

Hi,

I managed to make a successful authentication and I am trying to access my Lambda function. The function is allowed to get by specific role I gave to my authenticated users.
When I tried just to access it I got a message that my role for unauthenticated users cannot invoke that function, so I figured I'm just not using the token I just got for the user.
When I'm trying to apply the user's credentials in the config, I get the following message:
"Invalid login token. Missing a required claim: aud".

This is what I do:

AWS.config.credentials = new AWS.CognitoIdentityCredentials({
            IdentityPoolId: 'us-east-1:XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX',
                        Logins: {
                'cognito-idp.us-east-1.amazonaws.com/us-east-1_XXXXXXXXX': result.getAccessToken().getJwtToken(),
            }
        });

                AWS.config.credentials.get(function(err){
            // Here I get the error message.
        });

Any help would be appreciated,

Thank you!
Guy.

Hey guys,

I configured everything according to the README.md (also the sjcl stuff), but I still don't get Example 4 to work. I receive the following error in line 70 of CognitoUser.js:

TypeError: this.pool.getUserPoolId is not a function

I'm not sure if I did anything wrong or if this is a bug but I did everything according to the examples.
I am going to look into this bug but maybe you already have an idea of what might went wrong.

Well you probably could with cygwin but I use MinSys/MinGW these days and specifically the version that comes with Git for WIndows. For some reason they do not supply make and I gave up trying to get a single exe
So set up a VM with Ubuntu on

You might like to add a note

Or have I just not found the right options?

I want to script my config. rather than error prone manual UI.

I've implemented the registration, confirmation, and login samples. Unfortunately after successfully registering and confirming a user in the pool, I'm unable to get the login sample working.

Am I missing something?

I receive this in the console: Object doesn't support property or method 'fromRadix

SCRIPT438: Object doesn't support property or method 'fromRadix'
File: jsbn.js, Line: 137, Column: 10

jsbn.js line 137:

else { this.fromRadix(s,b); return; }

Hello,

I'm sure you guys will be coming up with a node implementation for this. (and probably with a lot less crypto graphic functions because it will be server side)

Please consider using Big Number of Big Integer. Big Integer has terrible performance in node 👎

I experienced the problem that the first authenticateUser call after a page refresh fails with an "missing credentials error" (that often masks the real error returned by the API).

Under the hood authenticateUser seems to call GetCredentialsForIdentity with some IdentityId that gets rejected by the API with an NotAuthorizedException. If I fire authenticateUser a second time - without changing anything in between - it is first doing a call to GetId and then calling GetCredentialsForIdentity with this new ID that then gets accepted.

As a workaround I now call AWSCognito.config.credentials.clearCachedId(); before calling authenticateUser and everything works fine.

At the beginning of the script I do:

AWS.config.credentials = new AWS.CognitoIdentityCredentials({
  IdentityPoolId: 'eu-west-1:e71ecd05-fbec-430b-8520-60d375fad889'
});
AWSCognito.config.credentials = new AWS.CognitoIdentityCredentials({
  IdentityPoolId: 'eu-west-1:e71ecd05-fbec-430b-8520-60d375fad889'
});

Am I missing something or is this a bug?

If I follow the example "Authenticate a User" shown on the http://docs.aws.amazon.com/cognito/latest/developerguide/using-amazon-cognito-user-identity-pools-javascript-examples.html page or the "Use case 4" example on the https://github.com/aws/amazon-cognito-identity-js/blob/master/README.md page using the Username, the example works.

I am trying to authenticate a user using their email attribute, rather than their username. I have marked the email attribute as an Alias in my User Pool. When I use email in place of username in the "Authenticate a User" example I get the following error: ResourceNotFoundException: Username/client id combination not found. I have included my code sample below.

How does one Authenticate a User via email address?

Code Sample

function authenticateUserViaEmail() {

    log("authenticateUserViaEmail called");

    // Initialize the Amazon Cognito credentials provider
    AWS.config.region = 'us-east-1'; // Region
    AWS.config.credentials = new AWS.CognitoIdentityCredentials({
        IdentityPoolId: identityPoolId,
    });

    AWSCognito.config.region = 'us-east-1';
    AWSCognito.config.credentials = new AWS.CognitoIdentityCredentials({
        IdentityPoolId: identityPoolId,
    });

    var authenticationData = {
        Username : document.getElementById("email").value,
        Password : document.getElementById("password").value
    };

    log("using: " + JSON.stringify(authenticationData));

    var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
    var poolData = { UserPoolId : userPoolId,
        ClientId : clientId
    };
    var userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(poolData);
    var userData = {
        Username : document.getElementById("email").value,
        Pool : userPool
    };
    var cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);

    log("About to call authenticateUser...");

    cognitoUser.authenticateUser(authenticationDetails, {
        onSuccess: function (result) {
            log('Access token: ' + result.getAccessToken().getJwtToken());
        },
        onFailure: function(err) {
            log(err);
            console.error(err);
        },
    });            
}

How can I use this with webpack? Tried logging in a user but it seems that amazon-cognito-identity can't find jsbn despite it being imported ahead of it.

amazon-cognito-identity.min.js:19 Uncaught ReferenceError: BigInteger is not defined

It seems that amazon-cognito-identity is being loaded before jsbn, is there a way to reverse the order?

Hi,
I've followed all the steps and I can login with username & password, but... what's next?

After the login I'm seeing that a new Unauthenticated Identity is added in my Cognito Identity Pool. How can I link that Identity to my user?

Something like the following...? Or maybe I'm totally missing the point of this service.

   AWS.config.credentials.get(function () {
       const token = session.getIdToken().getJwtToken();
       AWS.config.credentials.params.Logins = {};
       AWS.config.credentials.params.Logins['us-east-1_U5i6fZ4XX'] = token; // ???
       AWS.config.credentials.expired = true;

       AWS.config.credentials.get(function () {
            // now I'm using authenticated credentials
       });

With any combination of Logins[] I'm trying, I get HTTP 40X from the Cognito API:

• if using .getIdToken() I get "Issuer doesn't match providerName
• if using .getAccessToken() I get "Missing a required claim: aud"

Thank you!
Simone

I was able to successfully sign up userPool.signUp and then successfully confirm cognitoUser.confirmRegistration.

But authentication of the user, so basically sign in with the following code fails

    // Cognito Identity Pool Id
    AWS.config.region = 'us-east-1'; // Region
    AWS.config.credentials = new AWS.CognitoIdentityCredentials({
        IdentityPoolId: 'us-east-1:XXX'
    });

    // Cognito User Pool Id
    AWSCognito.config.region = 'us-east-1';
    AWSCognito.config.credentials = new AWS.CognitoIdentityCredentials({
        IdentityPoolId: 'us-east-1:XXX'
    });

    var poolData = { UserPoolId : 'us-east-XXX',
        ClientId : 'XXX'
    };
    var userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(poolData);

    var authenticationData = {
        Username : 'testuser',
        Password : 'testpassword',
    };
    var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);

    var userData = {
        Username : 'testuser',
        Pool : userPool
    };
    var cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);
    cognitoUser.authenticateUser(authenticationDetails, {
        onSuccess: function (result) {
            console.log('access token + ' + result.getAccessToken().getJwtToken());
        },

        onFailure: function(err) {
            alert(err);
        },

    });

This is the error I get

aws-cognito-sdk.min.js:6 Uncaught TypeError: Cannot read property 'toBits' of undefined

Basically, I have to run my login script twice for it to work. The first time gives me the error, "Error: Missing credentials in config", with the message, "Access to Identity 'us-east-1:......' is forbidden." Second time I run the function, it works. I tried rearranging things and using callback functions so it fires in the right order. Even tried setTimeout on some portions, but still not sure what is wrong exactly. Probably something simple that I'm overlooking. Any help would be appreciated. Thanks.

function loginUser()
{
//SET LOGIN VARIABLES
var username = document.getElementById("inputEmail").value;
var password = document.getElementById("inputPassword").value;

AWS.config.region = aws_Region;
var authenticationData = {
    Username : username,
    Password : password
};
var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
var poolData = { 
     UserPoolId : aws_UserPoolId,
    ClientId : aws_ClientId
};
var userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(poolData);
var userData = {
    Username : username,
    Pool : userPool
};
var cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);
cognitoUser.authenticateUser(authenticationDetails, {
    onSuccess: function (result) {
        //console.log('access token + ' + result.getAccessToken().getJwtToken());
        //console.log(result);
        var cognitoUser = userPool.getCurrentUser();

        if (cognitoUser != null) {
            cognitoUser.getSession(function(err, result) {
                if (result) {
                    console.log('You are now logged in.');
                    // Add the User's Id Token to the Cognito credentials login map.
                    AWS.config.credentials = new AWS.CognitoIdentityCredentials({
                        IdentityPoolId: aws_IdentityPoolId,

                        Logins: {
                            aws_Login : result.getIdToken().getJwtToken()
                        }
                    });
                    window.location.assign("dashboard.html");

                }
            });
        }

    },

    onFailure: function(err) {
        document.getElementById("login-errors").innerHTML = "Incorrect email or password.";
        console.log(err);
    },

});
}

After the initially issued id/access tokens have expired (1 hour) calls to cognitoUser.getSession() will retrieve new tokens from the endpoint.

These tokens aren't cached in localstorage so any subsequent calls to getSession() always results in a call to the endpoint and new id/access tokens being issued.

cognitoUser.authenticateUser(authenticationDetails, {
onSuccess: function (result) {
console.log('access token + ' + result.getAccessToken().getJwtToken());
},

    onFailure: function(err) {
        alert(err);
    },

});

The above is causing the form to be submitted twice, Environment IONIC
any guess?

I did my best to follow the directions. Not sure if I succeeded or not, but I'm getting these errors:

TypeError: AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool is not a constructor
TypeError: AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails is not a constructor

In the minified code, I get amazon-cognito.js:3541 Uncaught TypeError: c.update is not a function

When I dig into it and look at C it is a new sjcl.misc.hmac(prk, sjcl.hash.sha256) and it does have an update method, but it is on the prototype of a function inside that object.

I'm pretty sure this is the source for where this is going wrong.
source

Hi,

I noticed that the CognitoUser::signout doesn't revoke the access token, It just clears it from browser cache. Is there a way to revoke access and refresh tokens ?

Hello, this is a general question

I work in France so the region of all my aws service including Cognito Federated Identity is eu-west-1.

I want to use Cognito User Pool which is only available in us-east-1 region.

I intend to user the Cognito User Pool as a provider for the Cognito Identity Pool.

I wonder if it is possible since there are on different region ?

Best regards

When trying to execute the client authentication example I get the following error in my console:

CognitoUser.js: Uncaught TypeError: this.client.getAuthenticationDetails is not a function

It looks like this.client is instantiated by calling AWSCognito.CognitoIdentityServiceProvider({apiVersion: '2016-04-19'}).

The thing is I can't find any reference to the getAuthenticationDetails method in the AWS SDK.

Is this a developer preview method only?

I am running the code in scenario 4 to try to login against Cognito using user pools and an identity pool backed by the user pool.

When I debug the flow and look at the post request to Cognito, the validation data is blank (empty array).

From Firebug, looking at the JSON payload:

"ValidationData":[]

Code snippet:

<html>
<body>

<script src="file:///home/etucker/cognito/jsbn.js"></script>
<script src="file:///home/etucker/cognito/jsbn2.js"></script>
<script src="file:///home/etucker/cognito/sjcl.js"></script>
<script src="file:///home/etucker/cognito/moment.min.js"></script>
<script src="file:///home/etucker/cognito/aws-cognito-sdk.min.js"></script>
<script src="file:///home/etucker/cognito/amazon-cognito-identity.min.js"></script>
<script src="file:///home/etucker/cognito/aws-sdk.min.js"></script>

<script>
AWS.config.region = 'us-east-1';
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
    IdentityPoolId: 'us-east-1:<SNIP>'
});

AWSCognito.config.region = 'us-east-1';
AWSCognito.config.credentials = new AWS.CognitoIdentityCredentials({
  IdentityPoolId: 'us-east-1:<SNIP>'
});

// Need to provide placeholder keys unless unauthorised user access is enabled for user pool
AWSCognito.config.update({accessKeyId: 'anything', secretAccessKey: 'anything'})

var poolData = {
  UserPoolId : 'us-east-1_<SNIP>',
  ClientId : '<SNIP>'
};

var userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(poolData);

var userData = {
  Username : '<SNIP>',
  Pool : userPool
};

var cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);

var authenticationData = {
  Username : '<SNIP>',
  Password : '<SNIP>',
};

var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
cognitoUser.authenticateUser(authenticationDetails, {
  onSuccess: function (result) {
      console.log('access token = ' + result.getAccessToken().getJwtToken());
  },

  onFailure: function(err) {
      alert(err);
  },
});
</script>
</body>
</html>

Hi, I have already followed all your examples, everything worked ok but I am not able to confirm the user with the email code.

I got a success response but the user is still not confrmed on the aws console.

Do you have any ideas?

Regards

I get this error

aws-cognito-sdk.js:489 Uncaught TypeError: AWS.CognitoIdentity is not a constructor

This is my code: (replace XXXXX with your values)

<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <title>Bla</title>
  <script src="jsbn.js"></script>
  <script src="jsbn2.js"></script>
  <script src="sjcl.js"></script>
  <script src="moment.js"></script>
  <script src="aws-cognito-sdk.js"></script>
  <script src="amazon-cognito-identity.min.js"></script>
  <script src="aws-sdk.js"></script>
</head>
<body>
<h1>Test</h1>
<script>

  debugger;

  // Initialize the Amazon Cognito credentials provider
  AWSCognito.config.region = 'us-east-1'; // Region
  AWSCognito.config.credentials = new AWSCognito.CognitoIdentityCredentials({
    IdentityPoolId: 'us-east-1:XXXXXXXXXXXXXXXXXXXXXXXXX',
  });

  AWSCognito.config.region = 'us-east-1';
  var poolData = { UserPoolId : 'us-east-1_XXXXXXXXXX',
    ClientId : 'XXXXXXXXXXXXXXXXXXXXX'
  };
  var userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(poolData);

  var attributeList = [];

  var dataEmail = {
    Name : 'email',
    Value : '[email protected]'
  };
//  var dataPhoneNumber = {
//    Name : 'phone_number',
//    Value : '+15555555555'
//  };
  var attributeEmail = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserAttribute(dataEmail);
//  var attributePhoneNumber = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserAttribute(dataPhoneNumber);

  attributeList.push(attributeEmail);
//  attributeList.push(attributePhoneNumber);

  userPool.signUp('test', '1234567890', attributeList, null, function(err, result){
    if (err) {
      alert(err);
      return;
    }
    cognitoUser = result.user;
    console.log('user name is ' + cognitoUser.getUsername());
  });





</script>
</body>
</html>

I recreated every thing and doubled check all the ID in the add user code the previously worked ut get this unhelpful error

The id given does not tie in with anything I can find.

My user pool has no required attributes though I did create a custom attrib. The UI doesn't make it clear if they are required or not but I am not supplying it. As I can't seem to delete the custom attrib I'll recreate the user pool again :(

This repo name makes no mention of User Pools and appears to cover more general functionality.

Needs to be renamed to something like Amazon-cognito-user-pools-js-client-sdk

Hi,

I integrated with cognitoUser.authenticate yesterday and stumbled across something that I consider to be a bug.

I have a user in my User Pool with username=foo.
When I try to authenticate with this user but give an incorrect password I get the following error message:

{ 
    "message": "Incorrect username or password.",
    "code": "NotAuthorizedException", 
    ...
}

It correctly tells me that either the username or password was incorrect.
How ever, if I try to authenticate with username=bar I get the following error message:

{ 
    "message": "Username/client id combination not found.",
    "code": "ResourceNotFoundException",
    ...
}

Now it tells me that the username does not exist.

This can easily be done to harvest valid usernames and since a lot of sites opt to use email as username it's a great way to harvest valid email adresses.

Both these errors should yield the same error message, namely the first one which does not indicate what went wrong (although, at the moment we know it was the password that was incorrect since it did not complain about the user not existing).

I understand that these errors most likely originate from the backend so I guess that this might not be something that you guys can adress but maybe you can send this feedback to the backend team or help me get in touch with them.

I realise a script tag is the simplest and thus lowest common denominator but I'm using a modern web set up using babel and ES6 modules so want to import

thanks

How much time it takes to the confirmation code sent to my email or phone to expire without confirmation?

Hi.
I get this error:

Uncaught TypeError: Cannot read property 'toBits' of undefined

Here is the code:

<!DOCTYPE html>
<html>
<body>

<script type="text/javascript" src="http://www-cs-students.stanford.edu/~tjw/jsbn/jsbn.js"></script>
<script type="text/javascript" src="http://www-cs-students.stanford.edu/~tjw/jsbn/jsbn2.js"></script>
<script type="text/javascript"  src="https://rawgit.com/bitwiseshiftleft/sjcl/master/sjcl.js"></script>
<script type="text/javascript" src="http://momentjs.com/downloads/moment.min.js"></script>
<script type="text/javascript" src="https://rawgit.com/aws/amazon-cognito-identity-js/master/dist/aws-cognito-sdk.min.js"></script>
<script type="text/javascript" src="https://rawgit.com/aws/amazon-cognito-identity-js/master/dist/amazon-cognito-identity.min.js"></script>
<script type="text/javascript" src="https://rawgit.com/aws/aws-sdk-js/master/dist/aws-sdk.min.js"></script>
<script type="text/javascript">

  AWS.config.region = 'us-east-1'; // Region
    AWS.config.credentials = new AWS.CognitoIdentityCredentials({
        IdentityPoolId: 'us-east-1:bd245beb-b15b-4a45-87a1-1f955f0cc1f7', // your identity pool id here
        RoleArn: 'arn:aws:iam::063863219770:role/Cognito_myidentitypool1Unauth_Role',
        AccountId: '063863219770', // your AWS account ID
    });

    AWSCognito.config.region = 'us-east-1';
    AWSCognito.config.credentials = new AWS.CognitoIdentityCredentials({
        IdentityPoolId: 'us-east-1:bd245beb-b15b-4a45-87a1-1f955f0cc1f7', // your identity pool id here
        RoleArn: 'arn:aws:iam::063863219770:role/Cognito_myidentitypool1Unauth_Role',
        AccountId: '063863219770', // your AWS account ID
    });

    var poolData = { UserPoolId : 'us-east-1_8TsX0W4Tz',
                     ClientId : '5buhqgfeq5vj1qst7u0rukuvf',
    };
    var userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(poolData);

    var authenticationData = {
        Username : '[email protected]',
        Password : 'qwerQWER1234!"£$',
    };
    var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
    var userData = {
        Username : '[email protected]',
        Pool : userPool
    };
    var cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);
    cognitoUser.authenticateUser(authenticationDetails, {
        onSuccess: function (result) {
            console.log('access token + ' + result.getAccessToken().getJwtToken());
        },

        onFailure: function(err) {
            alert(err);
        },

    });

</script>

</body>
</html>