Remove OAuth Social Providers - amazon-web-services

I accidentally added the Google Social Login with OAuth to Aws Cognito, and now every time I run amplify pull I receive this message -
"You've opted to allow users to authenticate via Google. If you
haven't already, you'll need to go to
https://developers.google.com/identity and create an App ID."
I would like to remove the Google Social Login so I could pull without inputting the client ID, does anyone know how to do this?

From the command line, run: amplify update auth
Select: ❯ Update OAuth social providers.
Arrow-down to "Google", and hit the space bar to deselect it, so that ❯◉ Google becomes ❯◯ Google.
Hit enter.
Run amplify push.

Related

AWS always request MFA code in the browser with Microsoft Authenticator - Can you get it to prompt on your phone?

I use Microsoft Authenticator for my MFA needs. When I log into O365 and need a second authentication factor it will send the request to my device where it prompts me to accept or reject the login there. Even better, I can accept it on my watch without taking my phone out of my pocket. I can also key the code from the Authenticator app into the browser where I'm trying to access the O365 service, but the prompt works most of the time.
I recently started working with AWS and using their MFA setup and added it to Microsoft Authenticator. Whenever I start a new AWS session I'm prompted for my MFA code, which I can retrieve from the Authenticator app, but it doesn't have the oh-so-convenient prompt on my phone and watch that I can just click to say "authorize". Is there something I can do to make AWS prompt me to approve logins via my phone, or is that some sort of Microsoft-only access that O365 has? Or can I get that functionality from a different authentication app?

AWS Cognito Login & Signup using google

Currently I have Signin and Signup functionality using username and password via AWS SDK and https://www.npmjs.com/package/amazon-cognito-identity-js
As the next step I want to enable social login as well like google and I have created client and enabled google as well and its working fine using hosted UI.
I want to integrate it programmatically. How can I do that, I have no idea for next step?
The social login feature is supported through OAuth2.0+OIDC. Use the amplify auth package or any OIDC client (such as AppAuth) to handle the OAuth flow. You can pass an additional query string parameter identity_provider on the authorization URI to redirect the user to your IDP so they won't be presented with the IDP selection screen.

AWS Cognito Change User Password

I'm following this tutorial https://serverless-stack.com/chapters/test-the-apis.html to create a react js app with AWS.
I followed every steps but now I'm facing a challenge, when i want to test my api with npx command with a user I created in the user pool, it needs to change his password.
npx aws-api-gateway-cli-test --username='mail#example.com' --password='password' --user-pool-id='user-pool-id' --app-client-id='app-client-id' --cognito-region='region' --identity-pool-id='identity-pool' --invoke-url='url' --api-gateway-region='region' --path-template='/notes' --method='POST' --body='{"content":"hello world","attachment":"hello.jpg"}'
npx: installed 106 in 7.229s
Authenticating with User Pool
Given user needs to set a new password
All ids are hidden in the command.
How can I do that ? I tried the change password command but it needs an access token and I don't know where to found it.
Thanks for your help

Cloud Foundry: Credentials were rejected

I'm having trouble with cf login. Whenever I try to login i get the following error:
Credentials were rejected, please try again.
Now I'm Aware that this is a known issue. But even with alternatives, I always get the same message.
What I've tried so far:
Git CMD; cmd.exe; Powershell;
cf login -u mail#adress.com; (and different variations)
cf auth "Mail#Adress.com" "MyPassword";
What else is there I can try or what am I missing?
When you run cf login or cf auth and specify a username/password, you are attempting to authenticate with UAA using a standard password based authentication. If your company uses single sign-on (i.e. SSO), this will not work.
When your company uses SSO, you need to run cf login -sso (that's it, no other flags). In this case, the cf cli will give you a link to click. You'll go to this link in your browser and it will display a one-time password. The cf cli will then prompt you for the one-time password, type it in and the cli will use that to log you in with your company's SSO system.
Again, if your company has set up SSO you must use the cf login -sso option to login. As far as I know, there's no way to tell from the cf cli if your company requires SSO, but you can tell if you go to login.system_domain in your browser (where system_domain the the DNS entry set up for CF). When you go to that page, you'll see the login form and when SSO is set up the bottom of the form will have a link that says "click here to login with SSO" or something like that. That link only shows up when SSO is enabled.

Firebase C++ SDK and Google Auth

How can one use Firebase Authentication to allow users to authenticate with a Google account via the C++ SDK (using it in Cocos2d-x).
I’m confused as to whether I would need to build a special Google auth GUI or if the SDK requires/contains a standardized GUI (or, in the case of Cocos2d-x, a Scene) that should be used.
Either way, I am unsure how to do it. Does anyone know how to proceed? The SDK example code shows how to authenticate via Email/Password but not via a Google Account.
Ok, so this is complicated, but not because of Firebase.
Basically, if you want to use a Federated Logon, such as Facebook, Google, Twitter, then you will need to use their UI SDK built for whichever platform you are using. When you successfully login with one of these services, you will construct a Credential with the token that is returned from one of these services.
After you login with this credential, the Firebase Auth service will associate any account data with this federated logon. If you were previously using an anonymous login, then the account should be upgraded. If you have already logged in with another credential (email, phone number, alternative federeated logon) then you will need to do some logic to check if you need to merge or switch.
Firebase Auth can outlive the Federated Token. For example, the Facebook Login token expires or is revoked, your Firebase Auth backend might remain signed in. Vice versa your Facebook token might not expire, but your Firebase Auth might have been signed out. You will need to manage these states.
Here's an example. We want to use Facebook Login as our federated logon provider. We link the Facebook Login SDK for our platform as described in the Facebook Developer docs.
When we want to ask for Facebook login credentials, we use the FBSDKLoginManager .loginwithReadPermissions() to launch the login flow. This typically consists of launching either the Facebook App to confirm permissions for your app or the website (make sure you implement deep links properly as described in the Facebook documentation).
Eventually, the login will succeed or fail.
If it succeeds, Facebook will hand you a token which you can grab from [FBSDKAccessToken currentAccessToken].tokenString. This is what you would send to firebase::auth::FacebookAuthProvider::GetCredential
All of this is ASync and done on separate threads. You should use a concurrent queue to funnel these events to your main thread.
It is possible to use your own server and signup form, in which case you would build your own UI in game and then make secure server calls to your backend. There's a flow for getting a text message to validate a user, not something I would do for a game.