使用AWS Amplify验证Google登录 - federatedSignin返回null？

Question

I'm trying to use AWS Amplify to support email / password and Google authentication. Now, I want to store the details from Google into my user pool in AWS. I don't understand the flow here - there are many blog posts I read but most of them are just confusing.

Here's what I tried to do:

// gapi and Amplify included
googleSigninCallback(googleUser => {
 const googleResponse = googleUser.getAuthResponse();
 const profile = googleUser.getBasicProfile();
 const name = profile.getName();
 const email = profile.getEmail();

 Amplify.Auth.federatedSignin('google', googleResponse, {email, name})
  .then(response => { console.log(response); }) // is always null
  .catch(err => console.log(err));
});

In DevTools I have the following error in the request in Network Tab:

{"__type":"NotAuthorizedException","message":"Unauthenticated access is not supported for this identity pool."}

Why should I enable unauthenticated access to this pool? I don't want to.

Am I doing this right? Is it even possible or is it a good practice to store Google User details into the AWS User Pool? If it's not a good practice, then what is?

Also, if I want to ask user for further details not provided by Google in the app and store them, how to do it if we can't store the user in User Pool?

Answer 1

First make sure your identity pool and user pool are setup for google authentication.

Then federatedSignIn has a capital last I.

And finally just change your second param in the call to federatedSignIn as follows:

Amplify.Auth.federatedSignIn('google', {
  token: googleResponse.id_token,
  expires_at: googleResponse.expires_at
}, {email, name})...