Cognito auth flow fails with “Already found an entry for username Facebook_10155611263153532”

断了今生、忘了曾经 提交于 2019-12-20 20:34:42

问题


The goal is to implement a social provider auth flow as described in User Pools App Integration and Federation.

One important thing that I want to satisfy, is to merge user pool accounts that have the same email address.

I am accomplishing that by calling adminLinkProviderForUser within the PreSignUp_ExternalProvider cognito lambda trigger.

So with this, everything works. The new social provided user is being registered and linked with the already existing Cognito (user+pass) user.

However, the authentication flow, from user's perspective doesn't complete. It fails at the last step where the callback uri (defined in cognito user pool) is being called:

error: invalid_request

error_description: Already found an entry for username Facebook_10155611263152353

But then, if the user retries the social auth flow, everything works, and would get session tokens that represent the original Cognito User Pool user (the one that already had that email).

Note that I'm testing the auth flow on an empty User Pool, zero user accounts.


回答1:


Yes, this is how it is currently setup. If you try to link users using PreSignUp trigger, the first time won't work. A better way to handle this(I think) would be to provide an option in your UI to link external accounts on sign-in. In the pre-signup trigger, search for a user with the same unique attribute (say email) and see if the sign up is from external provider. Then show a message such as email already exists. Login in & use this menu/option to link. Haven't tested this though.



来源:https://stackoverflow.com/questions/47815161/cognito-auth-flow-fails-with-already-found-an-entry-for-username-facebook-10155

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!