Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

AdminInitiateAuth - return correct AccessToken for Refresh-scenario (#5109)

Browse Source
This commit is contained in:
Bert Blommers 2022-05-09 08:41:29 +00:00 committed by GitHub
parent 515243eab0
commit 4a5c72d5ed
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 36 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
moto/cognitoidp/models.py
View File

@ -1270,8 +1270,8 @@ class CognitoIdpBackend(BaseBackend):
elif auth_flow is AuthFlow.REFRESH_TOKEN: elif auth_flow is AuthFlow.REFRESH_TOKEN:
refresh_token = auth_parameters.get("REFRESH_TOKEN") refresh_token = auth_parameters.get("REFRESH_TOKEN")
( (
id_token,
access_token, access_token,
id_token,
expires_in, expires_in,
) = user_pool.create_tokens_from_refresh_token(refresh_token) ) = user_pool.create_tokens_from_refresh_token(refresh_token)

35
tests/test_cognitoidp/test_cognitoidp.py
View File

@ -3939,6 +3939,41 @@ def test_admin_reset_password_and_change_password():
result["UserStatus"].should.equal("CONFIRMED") result["UserStatus"].should.equal("CONFIRMED")
@mock_cognitoidp
def test_admin_initiate_auth__use_access_token():
client = boto3.client("cognito-idp", "us-west-2")
un = str(uuid.uuid4())
pw = str(uuid.uuid4())
# Create pool and client
user_pool_id = client.create_user_pool(PoolName=str(uuid.uuid4()))["UserPool"]["Id"]
client_id = client.create_user_pool_client(
UserPoolId=user_pool_id, ClientName=str(uuid.uuid4()), GenerateSecret=True
)["UserPoolClient"]["ClientId"]
client.admin_create_user(UserPoolId=user_pool_id, Username=un, TemporaryPassword=pw)
client.confirm_sign_up(ClientId=client_id, Username=un, ConfirmationCode="123456")
# Initiate once, to get a refresh token
auth_result = client.admin_initiate_auth(
UserPoolId=user_pool_id,
ClientId=client_id,
AuthFlow="ADMIN_NO_SRP_AUTH",
AuthParameters={"USERNAME": un, "PASSWORD": pw},
)
refresh_token = auth_result["AuthenticationResult"]["RefreshToken"]
# Initiate Auth using a Refresh Token
auth_result = client.admin_initiate_auth(
UserPoolId=user_pool_id,
ClientId=client_id,
AuthFlow="REFRESH_TOKEN",
AuthParameters={"REFRESH_TOKEN": refresh_token},
)
access_token = auth_result["AuthenticationResult"]["AccessToken"]
# Verify the AccessToken of this authentication works
client.global_sign_out(AccessToken=access_token)
@mock_cognitoidp @mock_cognitoidp
def test_admin_reset_password_disabled_user(): def test_admin_reset_password_disabled_user():
client = boto3.client("cognito-idp", "us-west-2") client = boto3.client("cognito-idp", "us-west-2")