def logout(self, auth):
u = Cognito(
self.pool_id,
self.client_id,
id_token=auth["id_token"],
refresh_token=auth["refresh_token"],
access_token=auth["access_token"],
)
u.logout()
def signout():
if 'id_token' in session and 'access_token' in session and 'refresh_token':
u = Cognito(cognito_userpool_id,
cognito_client_id,
cognito_userpool_region,
id_token=session['id_token'],
refresh_token=session['refresh_token'],
access_token=session['access_token'])
u.logout()
logout_user()
# to do
return redirect(url_for('index'))
def logout_user():
access = request.headers.get('accessToken')
refresh = request.headers.get('refreshToken')
_id = request.headers.get('idToken')
u = Cognito(CONSTANTS['cognito_id'],
CONSTANTS['cognito_app'],
id_token=_id,
refresh_token=refresh,
access_token=access)
u.logout()
return Response(json.dumps({"status": True}),
status=200,
mimetype='application/json')
def cognito_logout():
try:
access_token = json.loads(json.dumps(request.form))["access_token"]
u = Cognito(pool_id, client_id, user_pool_region="us-east-2", access_key=os.environ["AWS_ACCESS_KEY"],
secret_key=os.environ["AWS_SECRET_KEY"], access_token=access_token);
u.logout();
userResponse = {
"username" : u.username,
"id_token" : u.id_token,
"access_token" : u.access_token,
"refresh_token" : u.refresh_token,
"token_type" : u.token_type
}
return response_with(responses.SUCCESS_200, value=userResponse);
except Exception as e:
return response_with(resp.SERVER_ERROR_500, error=e.args);
return access_token;
def post(self):
"""Logout user from all devices"""
json_data = request.get_json(force=True)
email = json_data['email']
refresh_token = json_data['refresh_token']
id_token = json_data['id_token']
access_token = json_data['access_token']
try:
u = Cognito(cognitoUserPoolId, cognitoUserPoolClientId, awsRegion, id_token=id_token,
refresh_token=refresh_token, access_token=access_token)
u.logout()
return ReturnDocument(email, "success").asdict()
except ClientError as err:
return ReturnDocument(err.__str__(), "error").asdict()
class CognitoAuthTestCase(unittest.TestCase):
def setUp(self):
self.cognito_user_pool_id = env('COGNITO_USER_POOL_ID')
self.app_id = env('COGNITO_APP_ID')
self.username = env('COGNITO_TEST_USERNAME')
self.password = env('COGNITO_TEST_PASSWORD')
self.user = Cognito(self.cognito_user_pool_id, self.app_id,
self.username)
def tearDown(self):
del self.user
def test_authenticate(self):
self.user.authenticate(self.password)
self.assertNotEqual(self.user.access_token, None)
self.assertNotEqual(self.user.id_token, None)
self.assertNotEqual(self.user.refresh_token, None)
def test_logout(self):
self.user.authenticate(self.password)
self.user.logout()
self.assertEqual(self.user.id_token, None)
self.assertEqual(self.user.refresh_token, None)
self.assertEqual(self.user.access_token, None)
@patch('warrant.Cognito', autospec=True)
def test_register(self, cognito_user):
u = cognito_user(self.cognito_user_pool_id,
self.app_id,
username=self.username)
res = u.register('sampleuser',
'sample4#Password',
given_name='Brian',
family_name='Jones',
name='Brian Jones',
email='*****@*****.**',
phone_number='+19194894555',
gender='Male',
preferred_username='******')
#TODO: Write assumptions
def test_renew_tokens(self):
self.user.authenticate(self.password)
self.user.renew_access_token()
def test_update_profile(self):
self.user.authenticate(self.password)
self.user.update_profile({'given_name': 'Jenkins'})
u = self.user.get_user()
self.assertEquals(u.given_name, 'Jenkins')
def test_admin_get_user(self):
u = self.user.admin_get_user()
self.assertEqual(u.pk, self.username)
def test_check_token(self):
self.user.authenticate(self.password)
self.assertFalse(self.user.check_token())
@patch('warrant.Cognito', autospec=True)
def test_validate_verification(self, cognito_user):
u = cognito_user(self.cognito_user_pool_id,
self.app_id,
username=self.username)
u.validate_verification('4321')
@patch('warrant.Cognito', autospec=True)
def test_confirm_forgot_password(self, cognito_user):
u = cognito_user(self.cognito_user_pool_id,
self.app_id,
username=self.username)
u.confirm_forgot_password('4553', 'samplepassword')
with self.assertRaises(TypeError) as vm:
u.confirm_forgot_password(self.password)
@patch('warrant.Cognito', autospec=True)
def test_change_password(self, cognito_user):
u = cognito_user(self.cognito_user_pool_id,
self.app_id,
username=self.username)
u.authenticate(self.password)
u.change_password(self.password, 'crazypassword$45DOG')
with self.assertRaises(TypeError) as vm:
self.user.change_password(self.password)
def test_set_attributes(self):
u = Cognito(self.cognito_user_pool_id, self.app_id)
u._set_attributes({'ResponseMetadata': {
'HTTPStatusCode': 200
}}, {'somerandom': 'attribute'})
self.assertEquals(u.somerandom, 'attribute')
def test_admin_authenticate(self):
self.user.admin_authenticate(self.password)
self.assertNotEqual(self.user.access_token, None)
self.assertNotEqual(self.user.id_token, None)
self.assertNotEqual(self.user.refresh_token, None)
session_token = credentials['SessionToken']
print('access_key_id:', access_key_id)
print('secret_key:', secret_key)
print('session_token:', session_token)
# auth = AWS4Auth(access_key_id, secret_key, 'eu-west-1', 'execute-api', session_token=session_token)
# r = requests.request(props['TARGET_METHOD'], props['TARGET_URL'], auth=auth, headers={
# 'x-api-key': props['TARGET_API_KEY'],
# 'x-idtoken': ID_TOKEN
# },
# params=None, # params={"include[hubs]": "devices"}
# data=None # json.dumps({"data":{"id":"::215:8d00:12e:4d99@2029726276851335171","type":"devices","attributes":{"name":"Tuneable Li"}}})
# )
#
# print('\nRESPONSE:')
# if r.status_code == 200:
# Printer.green('Response code: {}'.format(r.status_code))
# Printer.green(r.text)
#
# else:
# Printer.red('Response code: {}'.format(r.status_code))
# Printer.red(r.text)
# Printer.red(r.reason)
u = Cognito(props['USER_POOL_ID'],
props['CLIENT_ID'],
id_token=tokens['AuthenticationResult']['IdToken'],
refresh_token=tokens['AuthenticationResult']['RefreshToken'],
access_token=tokens['AuthenticationResult']['AccessToken'])
u.logout()
