From 8c9838cc8c9ecad027f577db3622accb85c23a6e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mateusz=20G=C5=82owi=C5=84ski?= <mglowinski93@gmail.com>
Date: Thu, 10 Nov 2022 18:08:56 +0100
Subject: [PATCH] CognitoIDP: Replace email with username in cogntio JWT tokens
 (#5652)

---
 moto/cognitoidp/models.py                | 2 +-
 tests/test_cognitoidp/test_cognitoidp.py | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/moto/cognitoidp/models.py b/moto/cognitoidp/models.py
index 478e13efc..9451b30fe 100644
--- a/moto/cognitoidp/models.py
+++ b/moto/cognitoidp/models.py
@@ -538,7 +538,7 @@ class CognitoIdpUserPool(BaseModel):
             "token_use": token_use,
             "auth_time": now,
             "exp": now + expires_in,
-            "email": flatten_attrs(self._get_user(username).attributes).get("email"),
+            "username": username,
         }
         payload.update(extra_data or {})
         headers = {"kid": "dummy"}  # KID as present in jwks-public.json
diff --git a/tests/test_cognitoidp/test_cognitoidp.py b/tests/test_cognitoidp/test_cognitoidp.py
index abb54e997..3ec1fd496 100644
--- a/tests/test_cognitoidp/test_cognitoidp.py
+++ b/tests/test_cognitoidp/test_cognitoidp.py
@@ -2838,6 +2838,7 @@ def test_token_legitimacy():
         id_token = outputs["id_token"]
         access_token = outputs["access_token"]
         client_id = outputs["client_id"]
+        username = outputs["username"]
         issuer = "https://cognito-idp.us-west-2.amazonaws.com/{}".format(
             outputs["user_pool_id"]
         )
@@ -2851,6 +2852,7 @@ def test_token_legitimacy():
         access_claims["iss"].should.equal(issuer)
         access_claims["aud"].should.equal(client_id)
         access_claims["token_use"].should.equal("access")
+        access_claims["username"].should.equal(username)
 
 
 @mock_cognitoidp