def init_environment(env, users, user_list, user_dict, username_dict, logger): # First clean the user_list (in case its a re-init) del user_list[:] # Authenticate all the users... for user in users: user_list.append(user['username']) # create a cognito user object u = warrant.Cognito(get_env_var(env, 'COGNITO_USER_POOL_ID'), get_env_var(env, 'COGNITO_USER_POOL_CLIENT_ID'), username=user['username']) try: # Try to authenticate the user u.authenticate(password=user['passwd']) except Exception as e: # Authentication failed... logger.log(Logger.ERROR, "%r" % (e)) sys.exit(2) # Save the authenticated cognito user object user['auth'] = u # get the user ID by decoding the id_token decoded = u.verify_token(u.id_token, 'id_token', 'id') user['id'] = decoded['sub'] user['decoded_id_token'] = decoded # Save the warrant cognito user object in the USER ID MAP user_dict[decoded['sub']] = u username_dict[user['username']] = u set_env_var(env, 'USERNAME_DICT', username_dict) set_env_var(env, 'USER_DICT', user_dict)
def main(args): ssm = boto3.client('ssm') app_client_id = ssm.get_parameter(Name=f'/{args.resource_prefix}/{args.stage}/auth/app-client-id')['Parameter']['Value'] user_pool_id = ssm.get_parameter(Name=f'/{args.resource_prefix}/{args.stage}/auth/user-pool-id')['Parameter']['Value'] user = warrant.Cognito(user_pool_id, app_client_id, username=args.username) user.authenticate(password=args.password) print(user.id_token, end='')
def _cognito(self, **kwargs): """Get the client credentials.""" cognito = warrant.Cognito(user_pool_id=self.cloud.user_pool_id, client_id=self.cloud.cognito_client_id, user_pool_region=self.cloud.region, **kwargs) cognito.client = boto3.client( "cognito-idp", region_name=self.cloud.region, config=botocore.config.Config(signature_version=botocore.UNSIGNED), ) return cognito
def client(self, username=None, id_token=None, refresh_token=None, access_token=None): u = warrant.Cognito(self.user_pool_id, self.client_id, user_pool_region=self.region, username=username, id_token=id_token, refresh_token=refresh_token, access_token=access_token) return u
def get_jwt(user_credentials): user = warrant.Cognito(user_pool_id, app_client_id, username=user_credentials['username']) user.authenticate(password=user_credentials['password']) return user.id_token
def cognito_session(**kwargs): pool_id = get_cognito_pool_id() app_id = get_cognito_client_id() return warrant.Cognito(pool_id, app_id, **kwargs)