Skip to content

ajayaldo/cognito-passport-oauth2

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

congnitoStrategy.js

congnitoStrategy.js

 
 

index.js

index.js

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

Repository files navigation

cognito-passport-oauth2

Passport Cognito OAuth2 strategy for AWS Cognito User Pools. This supports providing congnito specific additional auth parameters. This is subclass of passport-oauth2 strategy.

Install

$ npm i cognito-passport-oauth2

Create Strategy

The strategy takes a verify function, auth options, and optional additional auth params. Find simple working example here.

const passport = require('passport'),
CognitoOAuth2Strategy = require('cognito-passport-oauth2');

passport.serializeUser(function (user, done) {
    done(null, user);
});

passport.deserializeUser(async function (user, done) {
    done(null, user);
});

const options = {
    callbackURL: 'http://localhost:4001/auth/callbacks', //Your callback url
    clientDomain: 'https://yourdomain.auth.eu-west-1.amazoncognito.com', //Your cognito user pool domain
    clientID: 'your cognito app client id',
    clientSecret: 'your cognito app client secret',
    region: 'eu-west-1', //your region
    passReqToCallback: true
};

//Indicates the provider that the end user should authenticate with. 
//You can as well provide other custom auth params 
const customOptions = { identity_provider: 'your idp name' };
 
 async function verify(req, accessToken, refreshToken, { id_token }, profile, done) //if you need id_token, use this signature
 or   
 async function verify(req, accessToken, refreshToken, profile, done) {
    //Your additional user logic

    let sessionData = {
        username: profile.username
        //additional props
    }

    return done(null, sessionData);
};

passport.use('cognito', new CognitoOAuth2Strategy(options, verify, customOptions));
or 
passport.use('cognito', new CognitoOAuth2Strategy(options, verify)); //go to default cognito login page and let user choose the idp

Configure Route to Invoke Auth Requests

Use passport.authenticate(), specifying the 'cognito' strategy

app.get('/auth/login', passport.authenticate('cognito'));
or
app.get('/auth/login', passport.authenticate('cognito', additionalAuthParameters)); //Overwrite customOptions (see above) or provide additional auth params

app.get('/auth/callback', passport.authenticate('cognito', { failureRedirect: '/error', failureFlash: true, successRedirect: '/index' }));

Additional Details

Refer here for more information about configuring cognito app client

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages