This repository has been archived by the owner on Feb 21, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 230
/
auth.go
79 lines (64 loc) · 1.93 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
package fbcloud
import (
"bytes"
"encoding/json"
"fmt"
"io"
"net/http"
"github.com/pkg/errors"
)
const (
authFlow = "USER_PASSWORD_AUTH"
cognitoURLTemplate = "https://cognito-idp.%s.amazonaws.com"
)
type cognitoParameters struct {
Email string `json:"USERNAME"`
Password string `json:"PASSWORD"`
}
type cognitoAuthRequest struct {
AuthParameters cognitoParameters `json:"AuthParameters"`
AuthFlow string `json:"AuthFlow"`
AppClientID string `json:"ClientId"`
}
type cognitoAuthResult struct {
IDToken string `json:"IdToken"`
}
type cognitoAuthResponse struct {
Result cognitoAuthResult `json:"AuthenticationResult"`
}
func authenticate(clientID, region, email, password string) (string, error) {
authPayload := cognitoAuthRequest{
AuthParameters: cognitoParameters{
Email: email,
Password: password,
},
AuthFlow: authFlow,
AppClientID: clientID,
}
data, err := json.Marshal(authPayload)
if err != nil {
return "", errors.Wrap(err, "marshaling json")
}
url := fmt.Sprintf(cognitoURLTemplate, region)
req, err := http.NewRequest(http.MethodPost, url, bytes.NewBuffer(data))
if err != nil {
return "", errors.Wrap(err, "creating authentication request object")
}
req.Header.Add("Content-Type", "application/x-amz-json-1.1")
req.Header.Add("X-Amz-Target", "AWSCognitoIdentityProviderService.InitiateAuth")
resp, err := http.DefaultClient.Do(req)
if err != nil {
return "", errors.Wrap(err, "making request")
}
defer resp.Body.Close()
fullbod, err := io.ReadAll(resp.Body)
if resp.StatusCode != http.StatusOK || err != nil {
return "", errors.Errorf("HTTP status code=%d from Cognito authentication response. reading body: %v, body: '%s'", resp.StatusCode, err, fullbod)
}
var auth cognitoAuthResponse
err = json.Unmarshal(fullbod, &auth)
if err != nil {
return "", errors.Wrap(err, "decoding cognito auth response")
}
return auth.Result.IDToken, nil
}