search

chi2labs / cognitoR

CognitoR provides easy integration of Shiny with AWS Cognito Authentication.
22 stars 9 forks source link

Authenticate with `scope=openid` to be able to retrieve all user attributes #38

Open Fideldue opened 8 months ago

Fideldue commented 8 months ago

This is more of a feature request to support all user attributes than a bug. I could not retrieve custom user attributes via the userdata values and wanted to know what might be the issue since the userInfo endpoint from Cognito is providing them.

According to stackoverflow scope need to be defined as scope=openid during the authentication.

A short tryout with adding this to the build of the url in get_url_auth_redirect, it can retrieve all user attributes including the custom ones.

...
 aws_auth_redirect <- paste0(cognito_config$base_cognito_url, 
    "/oauth2/authorize?", "scope=openid", "&", "response_type=", 
    cognito_config$oauth_flow, "&", "client_id=", cognito_config$app_client_id, 
    "&", "redirect_uri=", cognito_config$redirect_uri, "&", 
    paste0("state=", params))
...