Class: Identizer::Handlers::Cognito

Inherits:

Base

Object
Base
Identizer::Handlers::Cognito

show all

Defined in:: lib/identizer/handlers/cognito.rb

Overview

Emulates the two AWS Cognito surfaces the original integration depends on: the management API (used at provider-save time via the AWS SDK, reached by pointing COGNITO_ENDPOINT here) and the hosted-UI token endpoint.

Instance Method Summary collapse

#management_api(target, request) ⇒ Object

Provider-save time.
#token(request) ⇒ Object

Cognito hosted-UI code exchange.

Methods inherited from Base

#initialize

Methods included from Responses

#amz_json, #escape_html, #html, #json, #no_content, #not_found, #notice_page, #redirect, #xml

Constructor Details

This class inherits a constructor from Identizer::Handlers::Base

Instance Method Details

#management_api(target, request) ⇒ `Object`

Provider-save time. The AWS SDK marks the operation with x-amz-target.

# File 'lib/identizer/handlers/cognito.rb', line 10

def management_api(target, request)
  operation = target.split(".").last
  body = parse_json(request)
  name = body["ProviderName"] || body["ClientName"] || "identizer"

  amz_json(payload_for(operation, name, body))
end

#token(request) ⇒ `Object`

Cognito hosted-UI code exchange.

# File 'lib/identizer/handlers/cognito.rb', line 19

def token(request)
  authorization = redeem_code(request)
  return json(400, { error: "invalid_grant" }) if authorization.nil?

  id_token = minter.id_token(authorization.identity, audience: authorization.client_id)
  json(200, { id_token: id_token, token_type: "Bearer" })
end