It appears that if redirect from the hosted page produces an error (normally through error and error_description query parameters), parseCognitoWebResponse() would still treat it as a "success", at least when dealing with tokens. Indeed, at the end of getTokenQueryParameter() we see:
https://github.com/aws/amazon-cognito-auth-js/blob/5b365426b2eef2ef27914f7a275e72dea5e302cb/src/CognitoAuth.js#L294-L296
So to treat an error, we must also parse the hash for error and/or error_description in our onSuccess callback, even though it's supposed to get a valid session. It would be more appropriate to call the onFailure callback with that error instead.
Hi Team,
It appears that if redirect from the hosted page produces an error (normally through
error
anderror_description
query parameters),parseCognitoWebResponse()
would still treat it as a "success", at least when dealing with tokens. Indeed, at the end ofgetTokenQueryParameter()
we see: https://github.com/aws/amazon-cognito-auth-js/blob/5b365426b2eef2ef27914f7a275e72dea5e302cb/src/CognitoAuth.js#L294-L296 So to treat an error, we must also parse the hash forerror
and/orerror_description
in ouronSuccess
callback, even though it's supposed to get a valid session. It would be more appropriate to call theonFailure
callback with that error instead.Would you accept a PR on the matter?
Thanks