I'm trying to integrate SIWA with AWS Cognito, but am running into issues on the native iOS app. I'm able to successfully sign in on the AWS hosted UI after configuring with SIWA.
On the native iOS app, I'm able to get the auth token and decode the JWT token. However, once I send that token to AWS using func finishedWithAuth this is when it fails to send to AWS and authenticate with my identity pool there. Here's code I have so far following the documentation from SIWA with AWS Cognito (I can't link it here).
Here's the error I get from line 28:
{"__type":"NotAuthorizedException","message":"Token is not from a supported provider of this identity pool."}
2020-06-23 10:48:29:047 wolf-ios[1879:1393080] GetId failed. Error is [Error Domain=com.amazonaws.AWSCognitoIdentityErrorDomain Code=8 "(null)" UserInfo={__type=NotAuthorizedException, message=Token is not from a supported provider of this identity pool.}]
Error: The operation couldn’t be completed. (com.amazonaws.AWSCognitoIdentityErrorDomain error 8.)
func finishedWithAuth(auth: ASAuthorizationAppleIDCredential!, error: NSError!)	{
if error != nil {
print(error.localizedDescription)
} else if let idToken = auth.identityToken {
// Force the SDK to obtain new credentials
clearCredentials()
updateCredentialsProvider()
let idTokenString = String(data: idToken, encoding:.utf8) ?? ""
logit("Apple Id Token: \(idTokenString)")
// self.idToken = idToken.tokenS
// credentialsProvider?.identityProvider.logins().setValue(idToken, forUndefinedKey: "appleid.apple.com")
let logins = ["appleid.apple.com": idTokenString]
let customIdentityProvider = CustomIdentityProvider(tokens: logins)
let identityPoolId = Configuration.cognitoIdentityPoolId.value
let region: AWSRegionType = .USWest2
let credentialsProvider = AWSCognitoCredentialsProvider(regionType: region,
identityPoolId: identityPoolId,
identityProviderManager: customIdentityProvider)
let configuration = AWSServiceConfiguration(region: region, credentialsProvider: credentialsProvider)
AWSServiceManager.default().defaultServiceConfiguration = configuration
credentialsProvider.getIdentityId().continueWith { (task: AWSTask!) -> AnyObject? in
if task.error != nil {
print("Error: " + (task.error?.localizedDescription)!)
} else {
// the task result will contain the identity id
let cognitoId = task.result
logit("Cognito ID : \(cognitoId ?? "")")
}
return nil
}
// let idToken = auth.identityToken, credentialsProvider.logins = ["appleid.apple.com": idToken!]
}
}