Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

session.user undefined if all tokens are added to it with AWS cognito oauth2 flow #107

Open
sebastianhutter opened this issue Aug 14, 2022 · 0 comments
Open

session.user undefined if all tokens are added to it with AWS cognito oauth2 flow #107

sebastianhutter opened this issue Aug 14, 2022 · 0 comments

Comments

@sebastianhutter
Copy link

I am trying to add authentication for AWS cognito with sk-auth.

This is my current src/lib/appAuth.ts file

import { SvelteKitAuth } from "sk-auth";
import { dev } from '$app/env';
import {
    OAuth2Provider
} from "sk-auth/providers";

const DOMAIN = import.meta.env.VITE_COGNITO_DOMAIN;
export const appAuth = new SvelteKitAuth({
    protocol: dev ? 'http' : 'https',
    providers: [
        new OAuth2Provider({
            id: 'cognito',
            accessTokenUrl: `https://${DOMAIN}/oauth2/token`,
            profileUrl: `https://${DOMAIN}/oauth2/userInfo`,
            authorizationUrl: `https://${DOMAIN}/oauth2/authorize`,
            clientId: import.meta.env.VITE_COGNITO_CLIENT_ID,
            clientSecret: import.meta.env.VITE_COGNITO_CLIENT_SECRET,
            scope: ['openid', 'email'],
            contentType: 'application/x-www-form-urlencoded',
            profile(profile, tokens) {
                return {
                    ...profile,
                    access_token: tokens.access_token,
                    id_token: tokens.id_token,
                    refresh_token: tokens.refresh_token,
                    provider: 'cognito'
                };
            }
        })
    ]
});

I am testing the login with this index.svelte file

<script lang="ts">
    import { session } from "$app/stores";
    import { signOut as authSignOut } from "sk-auth/client";
    
    function signIn() {
        location.assign('/api/auth/signin/cognito?redirect=/');
    }

    function signOut() {
        authSignOut().then(session.set);
    }

    console.log($session.user)
</script>

{#if !$session.user}
    <button on:click="{signIn}">Log In with Cognito</button>
{:else}
    <p>You are logged in as: {$session.user.email}!</p>
    <button on:click={signOut}>Log Out</button>
{/if}

The authentication works but as soon as I am passing more then one token to the session.user the login breaks and the session.user remains "undefined":

image

When I am removing all but one token from the OAuth2 Configuration the object is passed as expected:

(src/lib/appAuth.ts)

...
...
            profile(profile, tokens) {
                return {
                    ...profile,
                    id_token: tokens.id_token,
                    provider: 'cognito'
...
...

image

Any clues why this happens? I assume this has to do with the size of the passed cookie / HTTP headers, but I do not know how to verify this assumption.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sebastianhutter