I am working on an app that allows users to login using their google account, and then uses that login to get a Cognito federated identity.
I am unable to get the correct token needed to authenticate with Cognito. I keep getting the error com.amazonaws.services.cognitoidentity.model.NotAuthorizedException: Invalid login token. Not a valid OpenId Connect identity token.
Here is my code:
Runnable runnable = new Runnable() {
@Override
public void run() {
CognitoSyncClientManager.init(getActivity().getApplicationContext());
String token = null;
try {
token = GoogleAuthUtil.getToken(getActivity().getApplicationContext(), signInAccount.getAccount(), "oauth2:openid");
}catch (Exception e){
Log.d("login exception", e.toString());
}
Map<String, String> logins = new HashMap<String, String>();
logins.put("accounts.google.com", token);
CognitoSyncClientManager.addLogins("accounts.google.com", token);
Log.d("login", "Created User token " + token);
Log.d("login", "Cached UserID: "+CognitoSyncClientManager.credentialsProvider.getCachedIdentityId());
Log.d("login", "UserID: " + CognitoSyncClientManager.credentialsProvider.getIdentityId());
Toast.makeText(getActivity().getApplicationContext(), "Created user: "+CognitoSyncClientManager.credentialsProvider.getCachedIdentityId(), Toast.LENGTH_LONG);
}
};
Thread t = new Thread(runnable);
t.start();
GoogleAuthUtil's getToken seems to return an Access Token.
https://developers.google.com/android/reference/com/google/android/gms/auth/GoogleAuthUtil.html#getToken(android.content.Context, android.accounts.Account, java.lang.String, android.os.Bundle)
You need pass Google's OpenId Connect Id Token to Cognito and not Access Token.
https://developers.google.com/identity/sign-in/android/backend-auth