Skip to content

Commit

Permalink
Add links to PyPI and GHA on badges
Browse files Browse the repository at this point in the history
  • Loading branch information
mblackgeo committed Mar 24, 2022
1 parent af7defc commit 9069718
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Protect Flask routes with AWS Cognito

![PyPI](https://img.shields.io/pypi/v/flask_cognito_lib?style=for-the-badge) ![Tests](https://img.shields.io/github/workflow/status/mblackgeo/flask-cognito-lib/tests?style=for-the-badge) [![codecov](https://img.shields.io/codecov/c/github/mblackgeo/flask-cognito-lib?style=for-the-badge&token=TGV2RMGNZ5)](https://codecov.io/gh/mblackgeo/flask-cognito-lib)
[![PyPI](https://img.shields.io/pypi/v/flask_cognito_lib?style=for-the-badge)](https://pypi.org/project/flask-cognito-lib/) [![Tests](https://img.shields.io/github/workflow/status/mblackgeo/flask-cognito-lib/tests?style=for-the-badge)](https://github.com/mblackgeo/flask-cognito-lib/actions/workflows/pipeline.yml) [![codecov](https://img.shields.io/codecov/c/github/mblackgeo/flask-cognito-lib?style=for-the-badge&token=TGV2RMGNZ5)](https://codecov.io/gh/mblackgeo/flask-cognito-lib)

A Flask extension that supports protecting routes with AWS Cognito following [OAuth 2.1 best practices](https://oauth.net/2.1/). That means the full authorization code flow, including Proof Key for Code Exchange (RFC 7636) to prevent Cross Site Request Forgery (CRSF), along with secure storage of access tokens in HTTP only cookies (to prevent Cross Site Scripting attacks), and additional `nonce` validation (if using ID tokens) to prevent replay attacks.

Expand Down

0 comments on commit 9069718

Please sign in to comment.