使用OpenID,社交登录和Amazon Cognito管理我的网站上的用户
[英]Manage users on my website using OpenID, Social Login and Amazon Cognito
问题描述
I'm getting a little overwhelmed with all the information available to me. 
我对我掌握的所有信息有些不知所措。
Say I have a website on which I want to authenticate users and manage their profiles for cross mobile reuse. 假设我有一个网站,我要在该网站上对用户进行身份验证并管理其个人资料以实现跨移动设备的重复使用。 This website works closely with Amazon AWS. 该网站与Amazon AWS紧密合作。
How can I achieve the following combination? 如何实现以下组合?
- Authenticate users using a wide array of providers 使用各种提供商对用户进行身份验证
- Not integrate each and every provider separately and manually 不能单独和手动集成每个提供商
- Use the credentials from these authenticated users to integrate with Amazon Cognito 使用来自这些经过身份验证的用户的凭证与Amazon Cognito集成
Facts that I am aware of: 我知道的事实:
- There are services out there that offer a single API to authenticate with a wide variety of providers (well known example: oneall.com ). 那里提供的服务提供了一个API,可以通过各种提供程序进行身份验证(众所周知的示例: oneall.com )。
- OpenId is a standardized authentication scheme that some providers implement. OpenId是一些提供商实施的标准化身份验证方案。 But the list seems much shorter than the lists of Social Network Providers that services such as OneAll support. 但是,该列表似乎比OneAll等服务所支持的社交网络提供商的列表要短得多。 However, OneAll also support OpenId it seems, but I'm not sure what that means for me. 但是,OneAll似乎也支持OpenId,但是我不确定这对我意味着什么。
- Amazon Cognito integrates a very limited list of Social Network Providers, but you have to do the groundwork yourself, Amazon Cognito only seems to known about the keys they produce Amazon Cognito集成了非常有限的社交网络提供商列表,但是您必须自己做基础工作,Amazon Cognito似乎只知道他们产生的密钥
- Amazon Cognito also support OpenID Amazon Cognito还支持OpenID
Ideally I would like to use one of the Social Network Provider meta services that allow me to effortlessly add and remove login options. 理想情况下,我想使用一种社交网络提供程序元服务,该服务使我可以轻松添加和删除登录选项。 At the same time, I want to be able to use Amazon Cognito to link these credentials to profiles. 同时,我希望能够使用Amazon Cognito将这些凭证链接到配置文件。
What are my options? 我有什么选择?
1 个解决方案
解决方案1
2 已采纳 2015-10-05 17:44:22
Amazon Cognito supports users logging in with Facebook, Amazon, Twitter, Digits, Google, or any OpenID Connect provider. Amazon Cognito支持使用Facebook,Amazon,Twitter,Digits,Google或任何OpenID Connect提供程序登录的用户。 If you want to support users logged in with another provider or with a federated provider, you can use OpenID Connect or Developer Authenticated Identities. 如果要支持使用其他提供程序或联合提供程序登录的用户,则可以使用OpenID Connect或开发人员验证的身份。
OpenID Connect : There are products out there that federate/broker multiple social providers and expose the federated user via OpenID Connect which have special support for Cognito including Ping Federate and Auth0 to name a couple. OpenID Connect :有一些产品可以联合/代理多个社交提供商,并通过OpenID Connect暴露联合用户,这些产品对Cognito具有特殊支持,包括Ping Federate和Auth0等 。
Developer Authenticated Identities enables you completely control the authentication process for the user. 开发者身份验证身份使您可以完全控制用户的身份验证过程。 Essentially your user logs in with your own backend (which you could use to broker social logins) and your backend makes a secure call to Amazon Cognito with an identifier that you use to uniquely identify the user to retrieve a token from Cognito. 本质上,您的用户使用您自己的后端登录(可以用来代理社交登录),并且您的后端使用一个标识符来安全地调用Amazon Cognito,该标识符用于唯一地标识用户以从Cognito检索令牌。 Potentially you could federate identities using this method as well. 潜在地,您也可以使用此方法联合身份。 The Cognito Developer Guide has a visual showing the flow to understand the big picture and a complete guide to setting it up . 《 Cognito开发人员指南》具有直观的视图, 显示了了解全局的流程以及完整的设置指南 。
Again, Amazon Cognito already supports the most popular social providers out of the box and we have a topic for each social provider in the Amazon Cognito Developer Guide , but above is a more exhaustive list of options. 同样,Amazon Cognito已经开箱即用地支持最受欢迎的社交提供者,并且在Amazon Cognito开发人员指南中我们为每个社交提供者提供了一个主题 ,但是上面提供了更详尽的选项列表。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.