authentication: use iaas providers and custom auth service

[florianbepunkt]

This is neither a bug nor a feature request. I read that the authentication system is refactored for the next release and wonder whether this will address my use case:

I use Amazon Cognito for authentication and authorization. I authenticate my client directly with my AWS Cognito user pool, which gives me an access token on the client, that I would like to use to access backend resources, amongst them some feathers services. Currently I use custom hooks to validate the access token, but I would prefer to use some convenience methods of the feathers auth mechanism and its surrounding plugins.

As far as I know currently this is not possible since feathers auth system has the underlying design choice that you have a service that issues JWT tokens. But in my case I already got the tokens – I just need to validate them on the backend and allow/deny access to services based on the token.

Furthermore I would like to leverage some of the existing auth mechanisms such as populate requests with user entity that would be fetched from a DB based on some claims in the existing JWT token and some existing feathers auth plugins.

I know that this all is can already be achieved via hooks (currently I have some sort of own auth system that only verifies tokens). But I would like to know if custom auth services, and specifically the process of getting tokens from a third party provider, is something that will be covered by next version?

[rkahle]

+1

[b3tts32]

+1

[colinphillips67]

💯

[colinphillips67]

@florianbepunkt - I'm new to feathers and I'm looking to do what you described above: authenticate with AWS Cognito and use the Cognito provided JWT to authenticate to the feathers server. I have implemented authentication via Cognito and AWS Amplify and I'm using the JWT that I get at the client to authenticate my Apollo GraphQL API.
I would like to do the same sort of thing in Feathers. How do you get the JWT from the client to the server, and once there how do you get the JWT so that you can validate it? For reference I started with (and am modifying) the feathers-chat and feathers-chat-react apps. Thanks in advance.

[florianbepunkt]

I uploaded an example here: https://github.com/florianbepunkt/feathers-cognito-example

[daffl]

I'd love to add an example for the newest version to the Cookbook. Looks like there isn't a lot of resources on how to do this with NodeJS/Express in general though.