Use /authorize endpoint instead of /login

cgauge / Flask-AWSCognito

Extension for Flask that adds support for AWSCognito into your application

https://flask-awscognito.readthedocs.io

MIT License

28 stars 28 forks source link

Use /authorize endpoint instead of /login #2

Open randykinne opened 4 years ago

randykinne commented 4 years ago

Use /authorize endpoint instead of /login to allow cognito to try to fetch an already-granted token - if the user already has a login token from cognito's hosted UI, they will just get redirected to the redirect_uri specified.

https://docs.aws.amazon.com/cognito/latest/developerguide/authorization-endpoint.html

AFAIK the fact that /authorize first checks whether the client already has a login token is not described in the documentation but is an observed functionality.

babaMar commented 4 years ago

Thanks for the heads up, I'll check ASAP

randykinne commented 4 years ago

This could also be a config option or set by the user in case someone prefers either endpoint over the other or if there is an unintended side-effect associated with this change.

randykinne commented 3 years ago

Hello, any update on this?