Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
OAuth 2.0 PKCE Flow with AWS Cognito - Login with public client, like CLI
import {
Issuer,
generators,
Client,
TokenSet,
CallbackParamsType,
} from "openid-client";
const http = require('http');
const issuer = await Issuer.discover('https://cognito-idp.eu-central-1.amazonaws.com/eu-central-1_VqitD3cvk/.well-known/openid-configuration')
const client = new issuer.Client({
client_id: '6oeov5dtf2tvu0tl557a5erp0g',
redirect_uris: ['http://localhost:6363'],
response_types: ['code'],
token_endpoint_auth_method: 'none'
});
const code_verifier = generators.codeVerifier();
const code_challenge = generators.codeChallenge(code_verifier);
const authorizationUrl = await client.authorizationUrl({
scope: 'openid',
code_challenge,
code_challenge_method: 'S256',
});
let params
const server = http.createServer((req, res) => {
if (req.url.startsWith('/?')) {
params = client.callbackParams(req);
res.end('THX')
} else {
res.end('Unsupported')
}
}).listen(6363)
opn(authorizationUrl)
while (params === undefined) {
await new Promise(resolve => setTimeout(resolve, 500));
}
const tokenSet = await client.oauthCallback('http://localhost:6363', params, { code_verifier })
server.close()
console.log(tokenSet)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.