Open Shpionus opened 1 year ago
userPasswordAuthFlow by default returns verifyPasswordChallenge (ref).
userPasswordAuthFlow
verifyPasswordChallenge
But USER_PASSWORD_AUTH does not require providing DEVICE_KEY
USER_PASSWORD_AUTH
DEVICE_KEY
Steps to reproduce:
aws --endpoint http://127.0.0.1:5000 cognito-idp create-user-pool \ --pool-name $POOL_NAME \ --query UserPool.Id --output text \ --policies "PasswordPolicy={MinimumLength=6,RequireUppercase=true,RequireLowercase=true,RequireNumbers=true,RequireSymbols=true,TemporaryPasswordValidityDays=7}" \ --username-attributes "email" \ --account-recovery-setting 'RecoveryMechanisms=[{Priority=1,Name=verified_email}]'
aws --endpoint http://127.0.0.1:5000 cognito-idp create-user-pool-client \ --user-pool-id $POOL_ID \ --client-name $CLIENT_NAME \ --no-generate-secret \ --explicit-auth-flows "ALLOW_USER_PASSWORD_AUTH" "ALLOW_REFRESH_TOKEN_AUTH" \ --prevent-user-existence-errors ENABLED \ --query UserPoolClient.ClientId --output text\
aws --endpoint http://127.0.0.1:5000 cognito-idp sign-up \ --client-id $CLIENT_ID \ --username new_user@gmail.com \ --password "1qazXSW@" \ --user-attributes Name="email",Value="new_user@gmail.com"
{ "UserConfirmed": false, "UserSub": "7c82e5cc-99b6-468d-8c33-9bb0272bbbfe" }
aws --endpoint http://127.0.0.1:5000 cognito-idp initiate-auth \ --auth-flow USER_PASSWORD_AUTH \ --auth-parameters USERNAME="new_user@gmail.com",PASSWORD="1qazXSW@" \ --client-id $CLIENT_ID \ --debug
{ "ChallengeName": "PASSWORD_VERIFIER", "ChallengeParameters": {}, "AuthenticationResult": { "AccessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkNvZ25pdG9Mb2NhbCJ9.eyJhdXRoX3RpbWUiOjE2NzQwMjg4NDQsImNsaWVudF9pZCI6IjA2NnJodXZ1N2N1dGNwd2liMXlzOXkydDQiLCJldmVudF9pZCI6ImM4MWNiOGM0LTdlNDYtNDU5Yi1hNTQ0LTQ4ZDIzM2NlNTY4MCIsImlhdCI6MTY3NDAyODg0NCwianRpIjoiMDlkOGQ0YzAtOGZiMy00YWZjLWFmNzYtNTQ2Yjc2YmNhMDJhIiwic2NvcGUiOiJhd3MuY29nbml0by5zaWduaW4udXNlci5hZG1pbiIsInN1YiI6IjdjODJlNWNjLTk5YjYtNDY4ZC04YzMzLTliYjAyNzJiYmJmZSIsInRva2VuX3VzZSI6ImFjY2VzcyIsInVzZXJuYW1lIjoibmV3X3VzZXJAZ21haWwuY29tIiwiZXhwIjoxNjc0MTE1MjQ0LCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjkyMjkvbG9jYWxfM3BPeUp3aUIifQ.K8LVTHNcp4TPYnQUtU8aOgS-V1MPodnEYgFkE09jJyUseN0OE7rZ5fJPBCnVLIiEcdk3sQEnb0QW91JzmHiRrpIHzLZ2rMlcw9wTAplFLVyN-rfL2TW-P2gyyNMmUPBzT8YZDPupL7b6rk67QIcVqSxVQerlGYWn9qXIMKtTXunFcH_EVXpRxz0ctWxXXLZsElodw8Zf3QNjQeXHGpqUFjXO5vCP87LGBV3FxwRac8YP3a0nWNoIBavvvBq4GjjEp1zpdXx-QwDcaJTUWCpq3OW00GPQwT4Pv1hmfXIaIyd52yGhO7V2sovQgtlKcNQRiSxmsDQJp4fVpA3zWaJmYw", "RefreshToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb2duaXRvOnVzZXJuYW1lIjoibmV3X3VzZXJAZ21haWwuY29tIiwiZW1haWwiOiJuZXdfdXNlckBnbWFpbC5jb20iLCJpYXQiOjE2NzQwMjg4NDQsImp0aSI6IjI2ZTY0M2VjLWQ1ZGUtNGQ5ZS05YmFiLTZiNTRkMjg5NjJjNyIsImV4cCI6MTY3NDYzMzY0NCwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo5MjI5L2xvY2FsXzNwT3lKd2lCIn0.vzjcCoTHI-gHnf-yDxnXXRT5DDRAt_R3lyx9adHBXhDGs0mABRP5cDOIiNMrTQjALfWtCB9geHRWlxVzwAwPwIV69VqUurIzdUi5zg31Xm9bcWLm_WuQrxrPsvXAw_JSR9Thvh7LfYie_FtnhKHvgIJduvzeAZf2zGHMxiCsVc79ZBrx21jOlFTzCM-UxTCU1rxEkBEbwYEOMclpFzW0N0_VhyRk6ZrNYG6HUgCgFy53ViB672w-n-zeC5jW2bo7259DKw4rBUe6dgXTf4vC8NN0MXGfibKTOmnIPytBgEEA1pnoEG8uPQJKN25FJu2hiJ42P-aJQg3T0I6ru0535w", "IdToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkNvZ25pdG9Mb2NhbCJ9.eyJjb2duaXRvOnVzZXJuYW1lIjoibmV3X3VzZXJAZ21haWwuY29tIiwiYXV0aF90aW1lIjoxNjc0MDI4ODQ0LCJlbWFpbCI6Im5ld191c2VyQGdtYWlsLmNvbSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwiZXZlbnRfaWQiOiJjODFjYjhjNC03ZTQ2LTQ1OWItYTU0NC00OGQyMzNjZTU2ODAiLCJpYXQiOjE2NzQwMjg4NDQsImp0aSI6IjcyN2ZlMDNlLTQ4YTEtNGRlYi05NTJlLTY5NWM4MzQ0MWZlYSIsInN1YiI6IjdjODJlNWNjLTk5YjYtNDY4ZC04YzMzLTliYjAyNzJiYmJmZSIsInRva2VuX3VzZSI6ImlkIiwiZXhwIjoxNjc0MTE1MjQ0LCJhdWQiOiIwNjZyaHV2dTdjdXRjcHdpYjF5czl5MnQ0IiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo5MjI5L2xvY2FsXzNwT3lKd2lCIn0.DKevzXf4q3eKmjMe2ZPtJDkbNfHeFQ4sKB_juMKPSLh9QkaCxE0qWCJ7gYgeLEn1diCv72WvfkOLpMxVnkPIK36CDGtPJvEpXXIL8I9VWVj4OdwdPMMJLvhBQG7sZdFebBGbY2CiPU-NPoGSIo0rEli3d3E7AzSTPPek6Qfu1jOM3Cr7JTfC60u8o_v_eoas9qncnT826GnAf6Bw8qx5MMjqoMx9f6-5enmmZU4Fwhq5jE9r4xkaI2vV40WV6G5JdlYYgOxK7AmIBlchkeirX8U1F6Lj4Smf_rWWfr64RPmCLiBD86n0Pw0wCd92S40gHQqtbqWhn28lLTyRMqb2kA" } }
Expected: 'UserNotConfirmedException'
userPasswordAuthFlow
by default returnsverifyPasswordChallenge
(ref).But
USER_PASSWORD_AUTH
does not require providingDEVICE_KEY
Steps to reproduce:
Expected: 'UserNotConfirmedException'