Skip to content

Instantly share code, notes, and snippets.

Created April 12, 2018 05:26
What would you like to do?
Example Aegis Cognito Callback Handler
// Handle oauth2 callback, will exchange code for token
func cognitoCallback(ctx context.Context, d *aegis.HandlerDependencies, req *aegis.APIGatewayProxyRequest, res *aegis.APIGatewayProxyResponse, params url.Values) error {
// Exchange code for token
tokens, err := d.Services.Cognito.GetTokens(req.QueryStringParameters["code"], []string{})
if err != nil {
log.Println("Couldn't get access token", err)
res.JSONError(500, err)
} else {
// verify the token
_, err := d.Services.Cognito.ParseAndVerifyJWT(tokens.IDToken)
if err == nil {
host := req.GetHeader("Host")
stage := req.RequestContext.Stage
res.SetHeader("Set-Cookie", "access_token="+tokens.AccessToken+"; Domain="+host+"; Secure; HttpOnly")
res.Redirect(301, "https://"+host+"/"+stage+"/protected")
} else {
res.JSONError(401, errors.New("unauthorized, invalid token"))
return nil
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment