Closed nagendrakumar02 closed 1 year ago
Hi @nagendrakumar02 ,
I understand that when using cognito-at-edge's Authenticator.handle
method to handle your CloudFront's distribution viewer request your website's visitors are not being redirected to your SAML identity provider. Would you mind describing the behavior that you're seeing instead?
Hi @jeandek,
I was able to get it working by forking the code and added 2 optional parameters (idprovider and scope). If the 2 parameters are set, it is appended to the redirect url. This has fixed my issue.
Are you able to make a PR for these changes? I need this functionality as well.
I forked the code from the main branch to support redirecting to IdP.
https://github.com/nagendrakumar02/cognito-at-edge
Nagendra Dattatreya
CTO
973.960.3951
zappyride.com https://www.zappyride.com/
[image: LinkedIn] https://www.linkedin.com/company/27054560[image: Twitter] https://twitter.com/zappyride
On Wed, Feb 15, 2023 at 12:02 PM Theodore Rogers @.***> wrote:
Are you able to make a PR for these changes? I need this functionality as well.
— Reply to this email directly, view it on GitHub https://github.com/awslabs/cognito-at-edge/issues/56#issuecomment-1431691341, or unsubscribe https://github.com/notifications/unsubscribe-auth/AY4N7ZMNI35PICOQ5ZJUMC3WXUD2PANCNFSM6AAAAAATUHB3CQ . You are receiving this because you modified the open/close state.Message ID: @.***>
2 new parameters are added
_idpIdentifier: Name of the IdP _scope: scope
To read more about this follow this article
https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html
Nagendra Dattatreya
CTO
973.960.3951
zappyride.com https://www.zappyride.com/
[image: LinkedIn] https://www.linkedin.com/company/27054560[image: Twitter] https://twitter.com/zappyride
On Sat, Feb 18, 2023 at 9:40 AM Nagendra Dattatreya @.***> wrote:
I forked the code from the main branch to support redirecting to IdP.
https://github.com/nagendrakumar02/cognito-at-edge
- -
Nagendra Dattatreya
CTO
973.960.3951
zappyride.com https://www.zappyride.com/
[image: LinkedIn] https://www.linkedin.com/company/27054560[image: Twitter] https://twitter.com/zappyride
On Wed, Feb 15, 2023 at 12:02 PM Theodore Rogers @.***> wrote:
Are you able to make a PR for these changes? I need this functionality as well.
— Reply to this email directly, view it on GitHub https://github.com/awslabs/cognito-at-edge/issues/56#issuecomment-1431691341, or unsubscribe https://github.com/notifications/unsubscribe-auth/AY4N7ZMNI35PICOQ5ZJUMC3WXUD2PANCNFSM6AAAAAATUHB3CQ . You are receiving this because you modified the open/close state.Message ID: @.***>
@nagendrakumar02 was this ever merged into this package? I need this feature too.
I believe it was merged.
Looks like the PR was closed and not merged: https://github.com/awslabs/cognito-at-edge/pull/73
I am using federated cognito, where the user is redirected to SAML IdP. Cognito-at-edge does not expose the "scope" and "idp_identifier". this is based on the documentation from the aws site https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html
What happened: When using this in lambda, user is not redirected to the IdP
What did you expect to have happen: User must be redirected to the IdP
How to reproduce this (as precisely and succinctly as possible): Create a new Cognito Pool and use a third party identity provider (like SAML). Set the properties from the pool
const authenticator = new Authenticator({ // Replace these parameter values with those of your own environment region: 'us-west-2', // user pool region userPoolId: 'ddffff', // user pool ID userPoolAppId: 'xxxxx', // user pool app client ID userPoolDomain: '.auth.us-west-2.amazoncognito.com', // user pool domain });
Anything else you think we should know?
Environment:
version of cognito-at-edge being used: Latest version
node version of code base which uses cognito-at-edge:16.x
other: