Deploy Again

Now that we have a way for users to connect with our app and view their profile information, it’s time to deploy. In particular, it would be good to confirm that the URLs we entered in the project configuration in the Google Developers Console are correct. This isn’t something we can verify easily with a unit test or in our development environment. We could try this in a test environment, but that wouldn’t really help either unless the URLs were the same. We want to make sure this really works in production before building user visible features on top of it.

So go ahead and deploy the app using the same ./sspa deploy_bucket command we used in Creating an S3 Bucket. After that’s complete, bring up the app in a browser and give it quick tour while we consider what’s next.

Next Steps

Now that you’ve connected the application with Google using Amazon Cognito, you might want to investigate these additional topics. To keep things simple, I didn’t cover them in the book, but you might want to explore these topics on your own before moving on to the next chapter.

Connect with Facebook

Setting up Facebook access[49] for our app is similar to setting up access to Google. You go to the Facebook developer portal and create a new App, then get an App ID, similar to Google’s Client ID. Facebook provides a Getting Started guide that outlines adding the connect button.

Connect with OpenID

OpenID Connect[50] is a competing standard to OAuth2 that is much more defined, but unfortunately, less popular. However, a few providers offer it, including Salesforce.com and Google. Cognito has a mechanism for connecting to compliant OpenID providers, so it’s an option for our app.

Expanding Your Test Environment

Just as with our S3 bucket, if you’re creating a test environment, you’ll probably want to add an identity pool to it. Simply go through the same steps in this chapter, choosing a different name for your identity pool. You don’t need to create another Google application, though.

Developer-Authenticated Identities

You don’t have to let Amazon host your identity information to be able to issue temporary AWS credentials with Cognito. Using developer-authenticated identities,[51] you can build your own authentication process and still use Cognito to grant credentials that allow access to AWS resources. If you’re integrating with an existing authorization system, you may want to look into this approach.

In the next chapter, we’re going to enhance our app to save the answers provided by the users. We’ll connect to DynamoDB, add an IAM policy to the Cognito role we just created, and see why data validation is more complex than you might think.

Footnotes

[39]

https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy

[40]

http://hueniverse.com/2012/07/26/oauth-2-0-and-the-road-to-hell/

[41]

https://developers.google.com/identity/sign-in/web/sign-in

[42]

http://console.developers.google.com

[43]

https://developer.mozilla.org/en-US/docs/Glossary/Origin

[44]

http://getskeleton.com/#grid

[45]

https://pragprog.com/titles/brapps/source_code

[46]

https://developer.mozilla.org/en-US/docs/Web/API/Window/localStorage

[47]

http://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Credentials.html

[48]

http://jasmine.github.io/2.0/introduction.html#section-Asynchronous_Support

[49]

http://docs.aws.amazon.com/cognito/latest/developerguide/facebook.html

[50]

http://docs.aws.amazon.com/cognito/latest/developerguide/open-id.html

[51]

http://docs.aws.amazon.com/cognito/devguide/identity/developer-authenticated-identities/

Copyright © 2016, The Pragmatic Bookshelf.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.218.156.231