How to implement authenticated web messaging using Aws Cognito as identity provider

Web Messaging
1

I have read this AWS Cognito document here: What is Amazon Cognito? - Amazon Cognito

I also read this blueprint for genesys okta: https://developer.genesys.cloud/blueprints/messenger-authentication-okta-integration-blueprint/

The problem is this code example:

Genesys('registerPlugin', 'AuthProvider', (AuthProvider) => {

  // COMMAND
  // *********
  // getAuthCode

  let oktaTransactionStorage = window.document.cookie.toString(); // Get nonce from cookie

  if (oktaTransactionStorage) {
  const storage = oktaTransactionStorage.split('okta-oauth-nonce=')[1]; // Extract 'okta-oauth-nonce' cookie from 'oktaTransactionStorage'
  const nonce = storage.split(';')[0];
  }

  const urlParams = new URLSearchParams(window.location.search); // Get the authorization response which is added as a query string from the redirect URL
  const authCode = urlParams.has('code') ? urlParams.get('code'); // Get code from the query string
  const iss = urlParams.has('iss') ? urlParams.get('iss'); // Get optional iss parameter from the query string. urlParams will decode this issuer URL if it is encoded.

  /* Register Command - mandatory */

  AuthProvider.registerCommand('getAuthCode', (e) => {

  //Messenger calls this command to get the the tokens.

  e.resolve({
      authCode: <authCode>,			// Pass your authCode here
      redirectUri: <your redirect uri>,	   // Pass the redirection URI configured in your authentication provider here
      nonce: <nonce>,				//  Mandatory parameter in OKTA Javascript SDK approach.
      maxAge: <maxAge>				// Pass the elapsed time in seconds as an optional parameter
      codeVerifier: <codeVerifier>		// For PKCE Oauth flow: If you use the Okta Auth JavaScript SDK to authenticate signin, get the code verifier from session storage. If you use the endpoint to authenticate signin, pass a cryptographically random string that you used to generate the codeChallenge value.
      iss: <iss>					// Pass the optional parameter iss if it was returned in the authorization response by your Authentication provider.
    });
  });
});

I can not pass authCode: , to e.resolve(), because my user is already authenticated and auth code is gone. Auth code is used to retrieve access token. I can only provide access token for my authenticated user. Can I provide access token somewhere directly for authenticated message?

Do you have an example authenticated web messageing using AWS Cognito as identity provider?

2

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.