search

amazon-archives / amazon-cognito-auth-js

The Amazon Cognito Auth SDK for JavaScript simplifies adding sign-up, sign-in with user profile functionality to web apps.
Apache License 2.0
423 stars 232 forks source link

parseCognitoWebResponse() does not parse error responses #21

Closed dinvlad closed 6 years ago

dinvlad commented 7 years ago

Hi Team,

It appears that if redirect from the hosted page produces an error (normally through error and error_description query parameters), parseCognitoWebResponse() would still treat it as a "success", at least when dealing with tokens. Indeed, at the end of getTokenQueryParameter() we see: https://github.com/aws/amazon-cognito-auth-js/blob/5b365426b2eef2ef27914f7a275e72dea5e302cb/src/CognitoAuth.js#L294-L296 So to treat an error, we must also parse the hash for error and/or error_description in our onSuccess callback, even though it's supposed to get a valid session. It would be more appropriate to call the onFailure callback with that error instead.

Would you accept a PR on the matter?

Thanks

yuntuowang commented 6 years ago

Currently, parseCognitoWebResponse() only treat it as a "success". You can go ahead for a pull request and we can review and merge it. Thanks.