- https://github.com/TimothyJones/github-cognito-openid-wrapper こちらの方が良さそうなので先に試してみる
- https://sst.dev/examples/how-to-add-github-login-to-your-cognito-user-pool.html
できたら、Cognitoの設定を見比べてエラーを解決する
- https://sst.dev/examples/how-to-add-github-login-to-your-cognito-user-pool.html
- https://github.com/aws-samples/cognito-custom-authentication
- https://github.com/TimothyJones/github-cognito-openid-wrapper
- https://qiita.com/tanaka_takurou/items/d5e20f86f75ae8725f73
export function override(
resources: AmplifyAuthCognitoStackTemplate,
) {
const idp = new cognito.CfnUserPoolIdentityProvider(
resources.userPool,
"GitHubIdp",
{
userPoolId: resources.userPool.ref,
providerType: "OIDC",
providerName: "GitHub",
providerDetails: {
client_id: "XXXX",
client_secret: "XXXXXX",
authorize_scopes: "openid user",
attributes_request_method: "GET",
oidc_issuer: "https://github.com",
authorize_url: "https://github.com/login/oauth/authorize",
token_url:
"https://XXXX.execute-api.ap-northeast-1.amazonaws.com/Prod/token",
attributes_url:
"https://XXXX.execute-api.ap-northeast-1.amazonaws.com/Prod/user",
jwks_uri:
"https://XXXX.execute-api.ap-northeast-1.amazonaws.com/Prod/token",
},
attributeMapping: {
email: "email",
name: "name",
picture: "avatar_url",
},
},
);
resources.userPoolClient.addDependency(idp);
resources.userPoolClientWeb.addDependency(idp);
resources.userPoolClient.supportedIdentityProviders = ["Google", "GitHub"];
resources.userPoolClientWeb.supportedIdentityProviders = ["Google", "GitHub"];
}GitHub
github-cognito-openid-wrapperをつかってる
- 手動でCognitoのユーザープールを作成する
- GitHubでOAuth Appを作成する
- GitHubのログイン画面は表示される
- 2要素認証後にアプリにはリダイレクトされるが、エラー
- GitHubのDeveloper SettingsのAuthorization callback URLにはhttps://XXX.auth.ap-northeast-1.amazoncognito.com/oauth2/idpresponse が設定されている
- CognitoのホストされたUIからログインしても同じエラー