Open Ressvieth opened 7 months ago
Current solution works only with implicit grant type, but this approach is not recommended due to security issues: https://oauth.net/2/grant-types/implicit/
implicit grant
There can be an easy fix set for hosted ui support option, to use Authorization code flow (https://oauth.net/2/grant-types/authorization-code/) - adding optional request for token endpoint inside handleCallback method.
Authorization code
https://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html
Current solution works only with
implicit granttype, but this approach is not recommended due to security issues: https://oauth.net/2/grant-types/implicit/There can be an easy fix set for hosted ui support option, to use
Authorization codeflow (https://oauth.net/2/grant-types/authorization-code/) - adding optional request for token endpoint inside handleCallback method.https://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html