Open vcajes opened 6 years ago
+1
Here is a link that might help:
It looks like the "code" value you receive needs to then be passed to the following endpoint:
https://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html
Sample request:
POST https://mydomain.auth.us-east-1.amazoncognito.com/oauth2/token&
Content-Type='application/x-www-form-urlencoded'&
Authorization=Basic aSdxd892iujendek328uedj
grant_type=authorization_code&
client_id=djc98u3jiedmi283eu928&
code=AUTHORIZATION_CODE&
redirect_uri=com.myclientapp://myclient/redirect
Sample response:
HTTP/1.1 200 OK
Content-Type: application/json
{
"access_token":"eyJz9sdfsdfsdfsd",
"refresh_token":"dn43ud8uj32nk2je",
"id_token":"dmcxd329ujdmkemkd349r",
"token_type":"Bearer",
"expires_in":3600
}
The id_token
, refresh_token
and access_token
can then be used with the .check_token()
method. If this method returns False
the access_token
is valid. If not it will use the refresh_token
and return a new access_token
that can be accessed using u.access_token
after the .check_token()
method call.
u = Cognito('your-user-pool-id','your-client-id',
id_token='id-token',refresh_token='refresh-token',
access_token='access-token')
u.check_token()
Hope this helps!
I know this is an old post, but for anyone else looking for solutions to this, you can just change the https://
Change response_type from code to token to get the login tokens
I configured Cognito to use the custom website that AWS Cognito provides for signup/signin as specified here:
https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-ui-customization.html
I am perfectly able to signup and login within the AWS Cognito page:
https:///login?response_type=code&client_id=&redirect_uri=
(in this scenario, Cognito provides EVERYTHING, the Web interface, registration forms, facebook login buttons, etc. It works great! But I can not validate the received token)
The problem is that, after a successful login, Cognito redirect to the redirect page that I set, and the redirect includes a "code" value as a GET parameter.
I can not find documentation of how to use that "code" parameter, but it surely needs to be validated by my Python backend in order to check if that code is a valid session for a given user.
Does warrant provides a way to validate this "code" token? If so, can you provide a sample Python code? Otherwise, is there a possibility to request this as a feature for warrant?
Thanks!!