search

awslabs / aws-saas-boost

AWS SaaS Boost is a ready-to-use toolset that removes the complexity of successfully running SaaS workloads in the AWS cloud.
Apache License 2.0
959 stars 188 forks source link

Fix invalid_scope, ensure UserPoolDomain is unique and active. #417

Closed PoeppingT closed 1 year ago

PoeppingT commented 1 year ago

This commit contains three bugfixes.

  1. Tell Cognito to expect all three default OAuth scopes: openid, profile, and email.
  2. Ensure that UserPoolDomain is globally unique by pulling randomness from the CFN-generated random string in the stack name. This prevents collisions across accounts when different people create environments with the same name.
  3. Ensure that the CustomizeCognitoUi custom resource only acts once the UserPoolDomain has reached the ACTIVE state, since the Cognito API call to customize the hosted UI will fail otherwise.

Fixes #415

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license