Comments (7)
Can you try using this overload:
You may want to call something like
var user = await _userManager.FindByNameAsync(login.UserName);
Then this overload:
The user variable should be then updated with the tokens.
Iirc there is a behavior in Identity where you need to be in another page to recoup the tokens from the Context object.
from aws-aspnet-cognito-identity-provider.
Thank you for the help,
I tried both FindByNameAsync and FindByEmailAsync and while they do return the user object SessionsTokens is null.
Regarding moving to another page this did work for me.
public class DashboardController : Controller
{
private readonly ILogger<DashboardController> _logger;
public DashboardController(ILogger<DashboardController> logger)
{
_logger = logger;
}
[Authorize]
public async Task<IActionResult> Index()
{
var accessToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.AccessToken);
var refreshToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.RefreshToken);
var idToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.IdToken);
var claims = HttpContext.User.Claims;
return View();
}
}
All tokens and claims are loaded here. So I'm assuming at this point not having access to claims and token at login is a Microsoft identity issue.
from aws-aspnet-cognito-identity-provider.
Yes, the context object is updated when accessing another page.
from aws-aspnet-cognito-identity-provider.
The user instance Session Tokens should be updated after calling the PasswordSigningAsync. Can you check that?
from aws-aspnet-cognito-identity-provider.
var user = await _signInManager.UserManager.FindByEmailAsync(login.UserName);
var result = await _signInManager.PasswordSignInAsync(user, login.Password, login.RememberMe, lockoutOnFailure: false);
if (result.Succeeded)
{
_logger.LogInformation("User logged in.");
return LocalRedirect(returnUrl);
}
If I sign in like above, the session tokens are populated, however there is no way that I see to get the CognitoUser with populated session tokens when using the overload from the sample.
This raises another question for me, when I need to refresh the access token/id token using the refreshtoken the method RefreshSigninAsync requires a CognitoUser, does this user need to have SessionToken populated? I can get a CognitoUser from the user manager but session token is empty. Do I manually create session token from HttpContext or is there a mechanism to get the currently logged in user.
from aws-aspnet-cognito-identity-provider.
Would you mind sharing a sample app that reproduce the error? Please make sure to not include secrets.
As you can see below, we populate the user tokens from the Context when calling UserManager.GetUserFrom* methods:
This is also called by the RefreshSigninAsync method so the tokens should be populated.
from aws-aspnet-cognito-identity-provider.
Closing due to inactivity
from aws-aspnet-cognito-identity-provider.
Related Issues (20)
- Ways of supporting social login HOT 2
- Security: Defaults require secrets be published in unencrypted configuration files. HOT 6
- Sample App is nonfunctional for core common use cases and actively misleads users, seems abandoned. HOT 6
- Getting error "Unable to get IAM security credentials from EC2 Instance Metadata Service." while trying to login HOT 4
- AWSCognitoClientOptions doesn't contain a Region property (which is required by AWS) HOT 5
- Use inclusive pronouns in documentation. HOT 2
- Any plans to support .NET 5.0? HOT 4
- Implementing MFA suppression via remembered devices, getting 'Invalid device key given.' exception HOT 6
- Sample not working properly - Unable to get IAM security credentials from EC2 Instance Metadata Service. HOT 3
- Unable to retrieve UserPoolClientId and UserPoolClientSecret form AWS Parameter Store HOT 4
- Ability to reload AWSOptions after ASP.NET Core Lambda Startup HOT 19
- How to retrieve the list of all roles (groups) HOT 3
- AmazonCognitoIdentityProviderClient Usage HOT 6
- RemovePasswordAsync() fails for an unconfirmed user HOT 4
- Sign Out from all "active sessions" HOT 4
- RevokeToken behavior for multiple logins
- Support for External Providers HOT 4
- Check Password for unconfirmed user. HOT 5
- PasswordSignInAsync or CheckPasswordSignInAsync and SignInAsync are not persisting auth cookie User.Identity.IsAuthenticated is false HOT 6
- We can no longer search or find users with this sdk HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aws-aspnet-cognito-identity-provider.