Update the Cognito UserPool to support user logins (currently only being used for client_credentials grant flow system-to-system).
We want to support code grant flows
Should support Logout as well
Rails app will handle code to token exchange
Successfully built a Prototype of the initial Cognito functionality. The work can be found in this repo's cognito-auth branch
I added a homepage to the dmphub.uc3dev.cdlib.net site (currently only supports DMP ID landing pages and a 404 page)
Added a Cognito Identity Pool attached to the existing UserPool (currently used by the DMPTool to connect to the DMPHub API)
Added a Lambda to exchange OAuth grant codes for OAuth tokens
The homepage has a Login / Sign Up (and Sign Out if user is already logged in)
When the user clicks to Login / Sign up they are redirected to a Cognito authentication form. This test just allowed for email+password auth (no Shib, ORCID, Google at this point)
After they login the are redirected to the new Lambda function with an OAuth code. The Lambda calls Cognito to exchange the Code for a Token
The Lambda, if successful, redirects the user back to the React page with the token. React stores the token in the user session and then redirects them to a test dashboard page.
Update the Cognito UserPool to support user logins (currently only being used for
client_credentials
grant flow system-to-system).code
grant flowsSuccessfully built a Prototype of the initial Cognito functionality. The work can be found in this repo's cognito-auth branch
dmphub.uc3dev.cdlib.net
site (currently only supports DMP ID landing pages and a 404 page)