Skip to content

Add option to choose between id token and access token#44

Open
ckng0221 wants to merge 4 commits intolabd:masterfrom
ckng0221:master
Open

Add option to choose between id token and access token#44
ckng0221 wants to merge 4 commits intolabd:masterfrom
ckng0221:master

Conversation

@ckng0221
Copy link

@ckng0221 ckng0221 commented Feb 24, 2023
edited
Loading

Fixes #22

User can define to use id token or access token in settings.py.
Without defining, it by default take id token.

COGNITO_TOKEN_TYPE = "access"  # '{'id', 'access'} Default: 'id'

@ckng0221
Add option to decode access token
d2c961a
@ckng0221
Update readme
ade07ec
@ckng0221
Add client_id validation for access token, and get_user_info method.
ed5866f 
The client_id from access token will be validated whether it matches the one defined in the `settings.COGNITO_AUDIENCE`.
When using access token, the backend will call the userinfo endpoint from Amazon Cognito, to obtain the user info based on the access key, and pass into the payload inside the Django user_model's get_or_create_for_cognito method.
@ckng0221
Split the get_or_create_for_cognito method.
a6756b6 
Split the method into get_user and create_for_cognito.
Spliting the method into two allows more efficient calling of the method, especially  when using access token.
The get_user method will first check whether the user exists. If exists, it will directly skip the get requests from UserInfo endpoint, and also skip the attempt for user creation, and directly return the user object.

The UserInfo endpoint will be only called during the initial registeration of the client that does not exist in User database.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Unable to accept Cognito Access Tokens

1 participant

@ckng0221