awslabs / cognito-at-edge

Serverless authentication solution to protect your website or Amplify application
Apache License 2.0
191 stars 57 forks source link

Why is the authorization endpoint `/authorize` and not `/oauth2/authorize` ? #77

Open tksx1227 opened 1 year ago

tksx1227 commented 1 year ago

How can we help?

Firstly, I'd like to express my gratitude for developing such a useful project!

While perusing the source code, I noticed that this project uses the endpoint https://${this._userPoolDomain}/authorize for Cognito's authorization endpoint. Yet, the official Cognito documentation lists the authorization endpoint as /oauth2/authorize .

https://github.com/awslabs/cognito-at-edge/blob/e8c7e305b2fe87d0fbc47bcde560b4526a0235d2/src/index.ts#L547

https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html#get-authorize

Could you shed light on the choice to use /authorize instead of /oauth2/authorize ? While everything seems to be functioning correctly as is, aligning with the official documentation might be beneficial for clarity and potential future-proofing.

If there were specific considerations or historical reasons for this choice during the early implementation phases, I'd be keen to understand.

Should you consider making this adjustment, I'm more than willing to submit a PR and would be glad to have it reviewed at your convenience :)