Hello!
I desperately need help understanding AWS Cognito - specifically using it to login to a 3rd party site. My understanding is that once you login with Cognito, it should give you a JWT (JSON Web Token). And it does. And I know how to decode the token and access the info contained inside.

The problem is that I have a legacy webapp, with which I would like to enable the option of logging in with Cognito. For example, if a user has already logged in to Cognito, then when they visit the legacy webapp, I'd like for it to somehow know that they've already logged in and not display a login page. My plan to implement this was to store the Cognito generated JWT in a cookie. BUT - the cookie is generated in a different domain: one used by AWS Cognito that I have no control over. And so web browsers don't show that cookie to my legacy webapp.

I've been looking online for ways to circumvent the "same origin" policy, and it looks like there might be possible work-arounds using iframes... But I feel like I must be missing something really basic, because the "same origin" policy is intended to prevent cross-site scripting attacks, etc. I feel bad hacking my way around it. And I've seen many websites now using features like "login with google, facebook, amazon, etc." In each of these cases, you get redirected to an id provider, and somehow a token is returned that the original website trusts and uses. So what's the secret? How are they getting the JWT transmitted back to the original website?

The legacy app is written in perl, as is all my JWT decoding logic, etc.

Thanks!

In reply to Need help with AWS Cognito by scorpio17

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.