def get_access_token(self, request_args): code = request_args.get("code") state = request_args.get("state") expected_state = get_state(self.user_pool_id, self.user_pool_client_id) if state != expected_state: raise FlaskAWSCognitoError("State for CSRF is not correct ") access_token = self.cognito_service.exchange_code_for_token(code) return access_token
def get_sign_in_url(self): quoted_redirect_url = quote(self.redirect_url) state = get_state(self.user_pool_id, self.user_pool_client_id) full_url = (f"{self.domain}/login" f"?response_type=code" f"&client_id={self.user_pool_client_id}" f"&redirect_uri={quoted_redirect_url}" f"&state={state}") return full_url
def get_refreshed_access_token(self, request_args, refresh_token): if self._access_token: return self._access_token code = request_args.get("code") state = request_args.get("state") expected_state = get_state(self.user_pool_id, self.user_pool_client_id) if state != expected_state: raise FlaskAWSCognitoError("State for CSRF is not correct ") tokens = self.cognito_service.refresh_token(code, refresh_token) return tokens