Closed eddumelendez closed 3 years ago
If I got it right, with this integration we are saving user from setting Spring Security OAuth config like explained here: https://www.baeldung.com/spring-security-oauth-cognito - is this correct?
It's related to this https://docs.spring.io/spring-security/site/docs/current/reference/html5/#oauth2resourceserver-jwt-jwkseturi
I am wondering if we could do more - for example map Cognito groups to GrantedAuthorities (I am not even sure if this is a good idea)
Not sure about it.
I have tested it and it is working after some polish
See gh-123