https://serverless-stack.com/ logo
Join Slack
Powered by
More dumb questions from a newb! Looking at this <...
# sst
j
More dumb questions from a newb! Looking at this https://serverless-stack.com/chapters/secure-our-serverless-apis.html my user in the Cognito userpool has a username (sub) of 
ae0a40db-b854-46a6-87e9-000f18309f0c
but when I get the 
event.requestContext.authorizer.iam.cognitoIdentity.identityId
it returns me 
eu-west-2:5f9ee6e6-2291-457d-8f5a-10edf136cc14
and so how do I get the user sub from the logged in user cognitoIdentity?
g
User pools and User Identity pool are 2 different things.. User pool handles your user directory: users. User identity pools handles identities that have credentials to access aws resources.. you can "plug" your user pool as a identity provider to your identity pool to make a user to have a identity to call aws services.. a little bit different from usual.. you can get the user pool data with this: https://serverless-stack.com/chapters/mapping-cognito-identity-id-and-user-pool-id.html another reference: https://github.com/aws-amplify/amplify-js/issues/390#issuecomment-451337455
the Auth construct makes the User Pool/ User Identity Pool Integration for you..
but under the hood it creates a user pool and user identity pool and makes the user pool as a source of identities for authenticated user identity pool identities that can call aws resources
@Frank maybe sst could provide some runtime helpers.. like:
Copy code
import { cognitoUtils } from '@serverless-stack/runtime'

[...]

const userIds = cognitoUtil.extractUserPoolInfoFromIdentityContext(context)
const userRole = cognitoUtil.extractAssumedRoleNameFromIdentityContext(context)
j
Thanks @Gabriel Araújo I'll take a look at those. Yeah I do think some helpers might be nice. Also maybe the guide could be a little clearer here.
f
@Gabriel Araújo great idea. I think there are a few things a helper can definitely be of value. Opened an issue here https://github.com/serverless-stack/serverless-stack/issues/1132
g
If you want/works for sst I can help.. I'll try to submit a PR late this week with the initial idea
f
Appreciate the help! On top of my head, I can’t think of the best way to do this. Another approach is making this into a middy plugin. I like the idea of a runtime helper, but I almost feel I’d want to know what else the helper can do. For example, is this a good use case to wrap around aws sdk to simply interacting w/ services:
Copy code
import { s3 } from '@serverless-stack/runtime'
s3.bucket("my-bucket").upload(file);
Might be easier to come up with a good design after we collect more use cases from the community. What do you think? (cc @Jay @thdxr on this topic)
j
Yeah I think this goes with the 
uses
idea you had Frank. Do we have that in an issue somewhere? Maybe add to this issue with those details to collect some feedback?
f
Oh yeah, just opened an issue with what I’ve been thinking. https://github.com/serverless-stack/serverless-stack/issues/1137
j
Nice!
Let’s post this in #general or #sst and ask people for feedback?
Open in Slack
PreviousNext
Powered by