Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <img src="...">
- {
- "Version": "2012-10-17",
- "Statement": [
- {
- "Effect": "Allow",
- "Action": ["s3:ListBucket"],
- "Resource": ["arn:aws:s3:::<BUCKET-NAME>"],
- "Condition": {"StringLike": {"s3:prefix": ["cognito/<APPLICATION-NAME>/"]}}
- },
- {
- "Effect": "Allow",
- "Action": [
- "s3:GetObject",
- "s3:PutObject",
- "s3:DeleteObject"
- ],
- "Resource": [
- "arn:aws:s3:::<BUCKET-NAME>/cognito/<APPLICATION-NAME>/${cognito-identity.amazonaws.com:sub}",
- "arn:aws:s3:::<BUCKET-NAME>/cognito/<APPLICATION-NAME>/${cognito-identity.amazonaws.com:sub}/*"
- ]
- }
- ]
- }
- var params = {Bucket: 'bucket', Key: 'key'};
- var url = s3.getSignedUrl('getObject', params);
- login(credentials: UserCredentials, callback: (sm: StateMessage) => void, forcedChangePasswordCallback: () => void) {
- const username = credentials.login;
- const authenticationData = {
- Username : username,
- Password : credentials.password
- };
- const authenticationDetails = new AuthenticationDetails(authenticationData);
- this._createCognitoUser(username);
- this.cognitoUser.authenticateUser(authenticationDetails, {
- onSuccess: (session: CognitoUserSession) => {
- // store token to use with all api request
- localStorage.setItem('idToken', session.getIdToken().getJwtToken());
- // create credentials to access s3 correctly
- // AWS.config.region = '<region>';
- // AWS.config.credentials = new CognitoIdentityCredentials({
- // IdentityPoolId : '...',
- // Logins : {
- // 'cognito-idp.<region>.amazonaws.com/<YOUR_USER_POOL_ID>' : result.getIdToken().getJwtToken()
- // }
- // });
- // AWS.config.credentials.refresh((error) => {
- // if (error) {
- // console.error(error);
- // } else {
- // // Instantiate aws sdk service objects now that the credentials have been updated.
- // var s3 = new AWS.S3();
- // }
- // });
- },
- onFailure: (err) => {
- ...
- },
- });
- }
Add Comment
Please, Sign In to add comment