`User must have an username` when JWT payload has `username` key

[alex-all3dp]

I receive the following error when adding the Authentication() decorator to my controller:

{
    "response": {
      "statusCode": 401,
           "message": "User must have an username",
           "error": "Unauthorized"
    },
    "status": 401,
    "options": {},
    "message": "User must have an username",
    "name": "UnauthorizedException"
}

The JWT payload is:

{
  sub: "a08464d7-b408-4ab5-b58d-ac75531a9103,
  iss: "https://cognito-idp.eu-west-1.amazonaws.com/...",
  version: 2,
  client_id: "...",
  event_id: "14261d37-e312-4f54-9561-09d19bd7c2a5",
  token_use: "access",
  scope: "openid",
  auth_time: 1676576732,
  exp: 1676578459,
  iat: 1676578159,
  jti: "249d6b08-ff28-4212-a676-9ac2fcf29234",
  username: "a08464d7-b408-4ab5-b58d-ac75531a9103",
}

It appears that you check for cognito:username only, which may be a custom attribute? Could you extend this check to use either cognito:username or username, depending on which one is present on the payload?

https://github.com/Lokicoule/nestjs-cognito/blob/b1dde65e682e38a3555dee7a1b0517ba94652287/packages/auth/lib/user/user.mapper.ts#L12

[Lokicoule]

Hello Alex,

Thank you for bringing this issue to our attention. We're happy to inform you that the issue you reported has been fixed in version 1.0.2 of @nestjs-cognito/auth npm package. The updated version now handles both cognito:username and username attributes in the JWT payload, allowing for more flexible authentication.

Could you please confirm if the updated version has resolved the issue for you? If everything is working correctly, we will go ahead and close this issue.

Thank you for your help in improving our solution.

[alex-all3dp]

@Lokicoule Thanks for the quick fix, it works nicely! :)