Sample app using Open Liberty and Amazon Cognito deployed using Open Liberty Operator on Red Hat OpenShift
You can skip this section if you already have an Amazon Cognito User Pool instance. Otherwise, follow these steps to create an Amazon Cognito User Pool for the purposes of running this sample.
View instructions
To begin, visit the https://console.aws.amazon.com/cognito/home URL, sign in to your AWS account if required, and click Create user pool
. Most things can be left as default, but some user action is needed to configure/navigate the form items indicated in the red boxes.
Navigate to your Amazon Cognito User Pool and copy the User Pool ID.
Now, open the deploy.yaml file and update the discoveryEndpoint
with:
https://cognito-idp.<region>.amazonaws.com/<user-pool-id>/.well-known/openid-configuration
Navigate to the app client's page by clicking on App integration
and then the name of your client.
Copy the Client ID and Client Secret.
Now, open the secret.yaml file and update the oidc-clientId
and oidc-clientSecret
with the results from:
echo -n <client-id> | base64
echo -n <client-secret> | base64
To deploy the application, ensure you have OpenShift CLI installed and are logged into your OpenShift 4 cluster.
oc new-project sample-cognito
oc process -f deploy/build.yaml | oc create -f -
oc start-build sample-cognito-buildconfig --from-dir=.
oc get builds
oc apply -f deploy/secret.yaml
oc apply -f deploy/deploy.yaml
Run:
oc get routes
Your response should look something like this:
NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD
sample-cognito <host:port> sample-cognito 9443-tcp passthrough/None None
Your callback URL will be in the format:
https://<host:port>/ibm/api/social-login/redirect/oidc
Replace https://localhost
with the callback URL from the previous step and save:
Test your application by visiting <host:port>
from the previous step. You should be redirected to the Amazon Cognito login page. Enter the email and password used to create the first user in the earlier step.
You will be prompted to change its password the first time you log in.
After changing the password, you will be redirected back to the sample app which will display your username, access token, and id token.
Run the following command to delete the project and its associated resources:
oc delete project sample-cognito