I am trying to modify the https_client example from ncs\nrf\samples\nrf9160\https_client on Thingy91 so that it will retrieve an authentifcation token from AWS Cognito.
So far I have changed the certificate to Amazon Root CA 1, changed the URL to "cognito-idp.eu-central-1.amazonaws.com" instead of "google.com" and sending the following data to the server (sensitive data blanked here) instead of HTTP_HEAD as in the example:
"POST / HTTP/1.1\r\n" \
"Host: cognito-idp.eu-central-1.amazonaws.com\r\n" \
"Content-Type: application/x-amz-json-1.1\r\n" \
"X-Amz-Target: AWSCognitoIdentityProviderService.InitiateAuth\r\n" \
"Content-Length: 149\r\n" \
"\r\n" \
"{\"AuthParameters\": {\"USERNAME\": \"xxxxxxxxx\", \"PASSWORD\": \"xxxxxxxxxxxx\"}, \"AuthFlow\": \"USER_PASSWORD_AUTH\", \"ClientId\": \"xxxxxxxxxxxxxxxxxxxxxxxxxx\"}"
When I send this payload to AWS cognito using openssl s_client on a PC, I get the authentification token, but running on Thingy I just receive an empty reply from the server (zero bytes received, further reads produce an error: -1).
I substituted the certificate for the old one which is not in the verification chain of the cognito server and already the connect command fails, so I can rule out that the certificate is wrong.
I changed Content-Length to a value less than 149 and then I get a BAD REQUEST reply. If I change to something larger than 149, recv will block (which is to be expected as the server is still waiting for the missing payload).
I also tried to wait 2s between send and recv, but I still got an empty response from the server.
Any ideas what to do?
