SSO authentication does not work for users that were created in Cognito - Githubissues

lizardsystem / lizard-auth-server

Django backend for the old SSO server

http://lizard-auth-server.readthedocs.io/

MIT License

2 stars 1 forks source link

SSO authentication does not work for users that were created in Cognito #114

Closed caspervdw closed 3 years ago

caspervdw commented 3 years ago

See Sentry https://sentry.io/organizations/nens/issues/2222720310

This happens when a user account exists in Cognito, but not in the SSO.

If someone authenticates in the SSO, the authentication is done in Cognito. So far so good.

But, because an SSO user does not exist yet (and we need it for the SSO user session) a new user is created in the SSO https://github.com/lizardsystem/lizard-auth-server/blob/3824edfaedd01caff5eb84bbcb9557ccfec2371a/lizard_auth_server/backends.py#L69

But this isn't allowed because the user exists in Cognito already https://github.com/lizardsystem/lizard-auth-server/blob/3824edfaedd01caff5eb84bbcb9557ccfec2371a/lizard_auth_server/signal_handlers.py#L20

byrman commented 3 years ago

@lexvand : Versie 3.3 van lizard-auth-server staat inmiddels in productie, dus dit zou nu verholpen moeten zijn.