Open balloob opened 6 years ago
What is the solution for this?
Since the PR got reverted and I am unable to fix the code myself without being able to run the tests, I can't open a PR that would be ok to merge. You will have to patch the used client yourself. This is how Home Assistant does it
We experienced this issue with the authenticate
call. For workaround,
(1) Put [default]
in .aws/credentials with empty access key values to avoid the exception.
[default]
aws_access_key_id=
aws_secret_access_key=
(2) Or, passing dummy access_key
and secret_key
when calling Cognito()
user = Cognito(
userpool,
userpool_appclientid,
user_pool_region="xxx",
username="xxx",
access_key="dummy_not_used",
secret_key="dummy_not_used",
)
It would be great to have this fixed :)
Khau's post would be a really nice addition to the docs, under "authentication", I think.
Warrant will use the default boto configuration which is to load credentials from
~/.aws
. Not all requests to Cognito require requests to be signed in. Examples of these are register, authenticate, forgot password, confirm forgot password.Botocore will blow up with a
NoCredentialsError
exception if~/.aws
doesn't exist:We can set the cognito client to use unsigned requests for the user facing APIs (make account, reset password). I tried adding this in https://github.com/capless/warrant/pull/59 however ran into a problem where the admin tests actually rely on this.
I can't run the tests locally and the PR has since been reverted 😞