cognito-sync-service 1.0.0 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.env.example +5 -7
- data/.gitignore +2 -3
- data/.rubocop.yml +4 -0
- data/.travis.yml +16 -0
- data/CHANGELOG.md +5 -0
- data/CONTRIBUTING.md +1 -1
- data/Gemfile +3 -0
- data/Gemfile.lock +44 -0
- data/README.md +20 -7
- data/built_with_pain_from_cognito.png +0 -0
- data/cognito_sync_service.gemspec +2 -2
- data/doc/c_find_by_access_token!.md +51 -0
- data/doc/ca_create!.md +26 -1
- data/doc/ca_delete!.md +9 -0
- data/doc/ca_disable!.md +9 -0
- data/doc/ca_enable!.md +34 -0
- data/doc/ca_find!.md +10 -0
- data/doc/ca_initiate_auth!.md +8 -0
- data/doc/ca_refresh_tokens!.md +63 -0
- data/doc/ca_respond_to_auth_challenge!.md +33 -14
- data/doc/ca_set_user_password!.md +36 -0
- data/doc/ca_update!.md +12 -0
- data/lib/cognito-sync-service.rb +34 -0
- data/lib/cognito-sync-service/version.rb +1 -1
- data/logo.png +0 -0
- metadata +12 -7
- data/cognito-sync-service-0.2.0.gem +0 -0
- data/cognito-sync-service-0.3.0.gem +0 -0
- data/cognito-sync-service-0.3.1.gem +0 -0
- data/cognito-sync-service-0.3.2.gem +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 409e8d0d186b2925e1b6811945c26a370e5ad3c7065f32057284dd9e7ba4e885
|
4
|
+
data.tar.gz: ea6db076ea88af154ef20f8980e8207502a2bc23935968f7c61291715a9f299e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c91be559d76d03364504dbe1baaa687c8a3bdf1c28bafba97ce1c6eb7d18a97114090bd05b62738d1b909f74101baf464cb8549d00ae8e51672ff500ce311e48
|
7
|
+
data.tar.gz: 4a536617bedad414efec359545ebf110a5ae8c3273c067912f4f37b5d39934a4069fe8fc033a949e45672e1920e9156fbe2ae65ea1f2a3fd049129eafb892cd5
|
data/.env.example
CHANGED
@@ -1,7 +1,5 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
region: "region"
|
7
|
-
client_id: "client_id"
|
1
|
+
ACCESS_KEY_ID: "access_key_id"
|
2
|
+
SECRET_ACCESS_KEY: "secret_access_key"
|
3
|
+
REGION: "region"
|
4
|
+
POOL_ID: "pool_id"
|
5
|
+
CLIENT_ID: "client_id"
|
data/.gitignore
CHANGED
data/.rubocop.yml
CHANGED
data/.travis.yml
CHANGED
@@ -2,6 +2,22 @@
|
|
2
2
|
sudo: false
|
3
3
|
language: ruby
|
4
4
|
cache: bundler
|
5
|
+
branches:
|
6
|
+
only:
|
7
|
+
- master
|
5
8
|
rvm:
|
6
9
|
- 2.5.3
|
7
10
|
before_install: gem install bundler -v 2.0.1
|
11
|
+
|
12
|
+
before_script:
|
13
|
+
- curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
|
14
|
+
- chmod +x ./cc-test-reporter
|
15
|
+
- ./cc-test-reporter before-build
|
16
|
+
|
17
|
+
script:
|
18
|
+
- bundle exec rspec
|
19
|
+
after_script:
|
20
|
+
- ./cc-test-reporter after-build --exit-code $TRAVIS_TEST_RESULT
|
21
|
+
env:
|
22
|
+
global:
|
23
|
+
- CC_TEST_REPORTER_ID='445d9b9f6189382202cc35adc7f9959cf62985857be1174d394e407ad8db8a0c'
|
data/CHANGELOG.md
ADDED
data/CONTRIBUTING.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
|
2
2
|
1. Fork it ( https://github.com/[username]/cognito-sync-service )
|
3
|
-
2. Run `spec` and `rubocop` (don't forget add
|
3
|
+
2. Run `spec` and `rubocop` (don't forget add .env to you local project folder)
|
4
4
|
3. Create your feature branch (git checkout -b my-new-feature)
|
5
5
|
4. Commit your changes (git commit -am 'Add some feature')
|
6
6
|
5. Push to the branch (git push origin my-new-feature)
|
data/Gemfile
CHANGED
@@ -2,6 +2,8 @@
|
|
2
2
|
|
3
3
|
source 'https://rubygems.org'
|
4
4
|
|
5
|
+
gem 'rake', '~> 11.2', '>= 11.2.2'
|
6
|
+
|
5
7
|
group :development, :test do
|
6
8
|
gem 'aws-sdk-cognitoidentity', '~> 1.0.0.rc7'
|
7
9
|
gem 'aws-sdk-cognitoidentityprovider', '~> 1.12'
|
@@ -22,6 +24,7 @@ group :development, :test do
|
|
22
24
|
end
|
23
25
|
|
24
26
|
group :test do
|
27
|
+
gem 'dotenv-rails'
|
25
28
|
gem 'rspec-its', '~> 1.2'
|
26
29
|
gem 'rspec-simplecov', '~> 0.2'
|
27
30
|
gem 'simplecov', '~> 0.14'
|
data/Gemfile.lock
CHANGED
@@ -1,6 +1,19 @@
|
|
1
1
|
GEM
|
2
2
|
remote: https://rubygems.org/
|
3
3
|
specs:
|
4
|
+
actionpack (5.2.3)
|
5
|
+
actionview (= 5.2.3)
|
6
|
+
activesupport (= 5.2.3)
|
7
|
+
rack (~> 2.0)
|
8
|
+
rack-test (>= 0.6.3)
|
9
|
+
rails-dom-testing (~> 2.0)
|
10
|
+
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
11
|
+
actionview (5.2.3)
|
12
|
+
activesupport (= 5.2.3)
|
13
|
+
builder (~> 3.1)
|
14
|
+
erubi (~> 1.4)
|
15
|
+
rails-dom-testing (~> 2.0)
|
16
|
+
rails-html-sanitizer (~> 1.0, >= 1.0.3)
|
4
17
|
activesupport (5.2.3)
|
5
18
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
6
19
|
i18n (>= 0.7, < 2)
|
@@ -39,11 +52,18 @@ GEM
|
|
39
52
|
aws-sigv4 (~> 1.1)
|
40
53
|
aws-sigv4 (1.1.0)
|
41
54
|
aws-eventstream (~> 1.0, >= 1.0.2)
|
55
|
+
builder (3.2.3)
|
42
56
|
byebug (11.0.1)
|
43
57
|
coderay (1.1.2)
|
44
58
|
concurrent-ruby (1.1.5)
|
59
|
+
crass (1.0.4)
|
45
60
|
diff-lcs (1.3)
|
46
61
|
docile (1.3.2)
|
62
|
+
dotenv (2.7.5)
|
63
|
+
dotenv-rails (2.7.5)
|
64
|
+
dotenv (= 2.7.5)
|
65
|
+
railties (>= 3.2, < 6.1)
|
66
|
+
erubi (1.8.0)
|
47
67
|
factory_bot (4.11.1)
|
48
68
|
activesupport (>= 3.0.0)
|
49
69
|
i18n (1.6.0)
|
@@ -51,8 +71,14 @@ GEM
|
|
51
71
|
jaro_winkler (1.5.3)
|
52
72
|
jmespath (1.4.0)
|
53
73
|
json (2.2.0)
|
74
|
+
loofah (2.2.3)
|
75
|
+
crass (~> 1.0.2)
|
76
|
+
nokogiri (>= 1.5.9)
|
54
77
|
method_source (0.9.2)
|
78
|
+
mini_portile2 (2.4.0)
|
55
79
|
minitest (5.11.3)
|
80
|
+
nokogiri (1.10.4)
|
81
|
+
mini_portile2 (~> 2.4.0)
|
56
82
|
parallel (1.17.0)
|
57
83
|
parser (2.6.3.0)
|
58
84
|
ast (~> 2.4.0)
|
@@ -65,7 +91,22 @@ GEM
|
|
65
91
|
pry-doc (1.0.0)
|
66
92
|
pry (~> 0.11)
|
67
93
|
yard (~> 0.9.11)
|
94
|
+
rack (2.0.7)
|
95
|
+
rack-test (1.1.0)
|
96
|
+
rack (>= 1.0, < 3)
|
97
|
+
rails-dom-testing (2.0.3)
|
98
|
+
activesupport (>= 4.2.0)
|
99
|
+
nokogiri (>= 1.6)
|
100
|
+
rails-html-sanitizer (1.1.0)
|
101
|
+
loofah (~> 2.2, >= 2.2.2)
|
102
|
+
railties (5.2.3)
|
103
|
+
actionpack (= 5.2.3)
|
104
|
+
activesupport (= 5.2.3)
|
105
|
+
method_source
|
106
|
+
rake (>= 0.8.7)
|
107
|
+
thor (>= 0.19.0, < 2.0)
|
68
108
|
rainbow (3.0.0)
|
109
|
+
rake (11.3.0)
|
69
110
|
rb-readline (0.5.5)
|
70
111
|
rspec (3.8.0)
|
71
112
|
rspec-core (~> 3.8.0)
|
@@ -105,6 +146,7 @@ GEM
|
|
105
146
|
simplecov-html (0.10.2)
|
106
147
|
terminal-table (1.8.0)
|
107
148
|
unicode-display_width (~> 1.1, >= 1.1.1)
|
149
|
+
thor (0.20.3)
|
108
150
|
thread_safe (0.3.6)
|
109
151
|
tzinfo (1.2.5)
|
110
152
|
thread_safe (~> 0.1)
|
@@ -121,10 +163,12 @@ DEPENDENCIES
|
|
121
163
|
aws-sdk-ec2 (~> 1)
|
122
164
|
aws-sdk-s3 (~> 1)
|
123
165
|
aws-sdk-ses (~> 1.6)
|
166
|
+
dotenv-rails
|
124
167
|
factory_bot (~> 4.8)
|
125
168
|
pry (~> 0.10)
|
126
169
|
pry-byebug (~> 3.4)
|
127
170
|
pry-doc (~> 1.0.0)
|
171
|
+
rake (~> 11.2, >= 11.2.2)
|
128
172
|
rb-readline
|
129
173
|
rspec (~> 3.6)
|
130
174
|
rspec-its (~> 1.2)
|
data/README.md
CHANGED
@@ -1,10 +1,21 @@
|
|
1
1
|
# CognitoSyncService
|
2
2
|
|
3
|
-
|
3
|
+
<img src="logo.png" alt="logo" width="200"/>
|
4
|
+
|
5
|
+
## Status
|
6
|
+
[![Gem Version](https://badge.fury.io/rb/cognito-sync-service.svg)](https://badge.fury.io/rb/cognito-sync-service)
|
7
|
+
[![Maintainability](https://api.codeclimate.com/v1/badges/7bbc9677e91e5561a35d/maintainability)](https://codeclimate.com/github/7DevsApps/cognito-sync-service/maintainability)
|
8
|
+
[![Build Status](https://travis-ci.com/7DevsApps/cognito-sync-service.svg?branch=master)](https://travis-ci.com/7DevsApps/cognito-sync-service)
|
9
|
+
[![Test Coverage](https://api.codeclimate.com/v1/badges/7bbc9677e91e5561a35d/test_coverage)](https://codeclimate.com/github/7DevsApps/cognito-sync-service/test_coverage)
|
10
|
+
[![Inline docs](http://inch-ci.org/github/7DevsApps/cognito-sync-service.svg?branch=master&style=shields)](http://inch-ci.org/github/7DevsApps/cognito-sync-service)
|
11
|
+
[![Built with love](built_with_pain_from_cognito.png)](https://rmosolgo.github.io/react-badges/)
|
12
|
+
|
13
|
+
## Content
|
4
14
|
|
5
15
|
- [CognitoSyncService](#cognitoSyncService)
|
6
16
|
- [Installation](#installation)
|
7
17
|
- [Usage](#usage)
|
18
|
+
- [Methods](#list-of-methods)
|
8
19
|
- [Development](#development)
|
9
20
|
- [Contributing](#contributing)
|
10
21
|
- [Contacts](#contacts)
|
@@ -16,7 +27,7 @@ Aws Cognito user pool synchronizer
|
|
16
27
|
Add this line to your application's Gemfile:
|
17
28
|
|
18
29
|
```ruby
|
19
|
-
gem 'cognito-sync-service', '~> 0
|
30
|
+
gem 'cognito-sync-service', '~> 1.0'
|
20
31
|
```
|
21
32
|
|
22
33
|
And then execute:
|
@@ -31,7 +42,7 @@ Or install it yourself as:
|
|
31
42
|
|
32
43
|
[AWS Cognito](https://aws.amazon.com/ru/cognito/) let use [list of methods](https://docs.aws.amazon.com/cli/latest/reference/cognito-idp/index.html) or this [SDK methods for ruby](https://docs.aws.amazon.com/sdkforruby/api/Aws/CognitoIdentity/Client.html).
|
33
44
|
|
34
|
-
In common case you need __CRUD__ functionality, __synchronization__, between
|
45
|
+
In common case you need __CRUD__ functionality, __synchronization__, between your DB and Cognito pools and __handling authorization__.
|
35
46
|
|
36
47
|
#### With this gem you can implement:
|
37
48
|
1. __CRUD__ functionality from you application
|
@@ -172,10 +183,15 @@ User.ca_create!({phone_number: "+1111111111"}, "+1111111111")
|
|
172
183
|
- [#ca_create!](doc/ca_create!.md)
|
173
184
|
- [#ca_update!](doc/ca_update!.md)
|
174
185
|
- [#ca_delete!](doc/ca_delete!.md)
|
186
|
+
- [#ca_enable!](doc/ca_enable!.md)
|
175
187
|
- [#ca_disable!](doc/ca_disable!.md)
|
176
188
|
- [#ca_find!](doc/ca_find!.md)
|
177
189
|
- [#ca_initiate_auth!](doc/ca_initiate_auth!.md)
|
190
|
+
- [#ca_refresh_tokens!](doc/ca_refresh_tokens!.md)
|
178
191
|
- [#ca_respond_to_auth_challenge!](doc/ca_respond_to_auth_challenge!.md)
|
192
|
+
- [#ca_set_user_password!](doc/ca_set_user_password!.md)
|
193
|
+
- [#c_find_by_access_token!](doc/c_find_by_access_token!.md)
|
194
|
+
|
179
195
|
|
180
196
|
## Development
|
181
197
|
|
@@ -195,8 +211,5 @@ Everyone interacting in the CognitoSyncService project’s codebases, issue trac
|
|
195
211
|
## Contacts
|
196
212
|
|
197
213
|
https://7devs.co/contact?section=contact-form
|
198
|
-
https://t.me/hakmatmao
|
199
214
|
|
200
|
-
|
201
|
-
[![Maintainability](https://api.codeclimate.com/v1/badges/b90c232e049a226e25d9/maintainability)](https://codeclimate.com/github/MarkOsipenko/cognito-sync-service/maintainability)
|
202
|
-
[![Test Coverage](https://api.codeclimate.com/v1/badges/b90c232e049a226e25d9/test_coverage)](https://codeclimate.com/github/MarkOsipenko/cognito-sync-service/test_coverage)
|
215
|
+
https://t.me/hakmatmao
|
Binary file
|
@@ -7,8 +7,8 @@ require 'cognito-sync-service/version'
|
|
7
7
|
Gem::Specification.new do |spec|
|
8
8
|
spec.name = 'cognito-sync-service'
|
9
9
|
spec.version = CognitoSyncService::VERSION
|
10
|
-
spec.authors = ['Mark Osipenko']
|
11
|
-
spec.email = ['mark.osipenko@gmail.com']
|
10
|
+
spec.authors = ['Mark Osipenko', 'Andrey Aliabiev']
|
11
|
+
spec.email = ['mark.osipenko@gmail.com', 'andrey.alyabyev23@gmail.com']
|
12
12
|
|
13
13
|
spec.summary = 'Aws Cognito user pool synchronizer'
|
14
14
|
spec.description = 'With this gem you can implement: CRUD functionality from you application, synchronize you database users with user_pools, handling authorization'
|
@@ -0,0 +1,51 @@
|
|
1
|
+
# CognitoSyncService
|
2
|
+
|
3
|
+
__*#c_find_by_access_token!(access_token)*__
|
4
|
+
|
5
|
+
### Synopsys
|
6
|
+
|
7
|
+
> In order to fetch user on Cognito pool by access token
|
8
|
+
> - The access token returned by the server response to get information about the user.
|
9
|
+
|
10
|
+
Cognito return data in format with __user_attributes__ key
|
11
|
+
|
12
|
+
# cognito-idp example
|
13
|
+
|
14
|
+
```
|
15
|
+
#<struct Aws::CognitoIdentityProvider::Types::GetUserResponse
|
16
|
+
username="ba9faac3-2291-4f56-9c6b-a85471445726",
|
17
|
+
user_attributes=[#<struct Aws::CognitoIdentityProvider::Types::AttributeType name="sub", value="ba9faac3-2291-4f56-9c6b-a85471445726">, #<struct Aws::CognitoIdentityProvider::Types::AttributeType name="email", value="email@test.com">],
|
18
|
+
mfa_options=nil,
|
19
|
+
preferred_mfa_setting=nil,
|
20
|
+
user_mfa_setting_list=nil>
|
21
|
+
```
|
22
|
+
|
23
|
+
> Also check this doc [get-user](https://docs.aws.amazon.com/cli/latest/reference/cognito-idp/get-user.html) method
|
24
|
+
|
25
|
+
## Usage
|
26
|
+
|
27
|
+
```ruby
|
28
|
+
class UserExample
|
29
|
+
extend CognitoSyncService
|
30
|
+
end
|
31
|
+
|
32
|
+
UserExample.c_find_by_access_token!("iOiJKV1QiLCJlbmMiOiJBMjU2-Dmc6dms9iukp_YUfeO6Vj-P9sOom_khf3FWTMz1Mb2dI8v")
|
33
|
+
```
|
34
|
+
|
35
|
+
__Output__
|
36
|
+
|
37
|
+
```ruby
|
38
|
+
{
|
39
|
+
"email"=>"email@test.com",
|
40
|
+
"username"=>"dae4900d-0984-4ac0-9ab0-14505e52d50c"
|
41
|
+
}
|
42
|
+
```
|
43
|
+
|
44
|
+
__Error output__
|
45
|
+
|
46
|
+
In case of passing invalid access token you will get AWS error
|
47
|
+
|
48
|
+
```ruby
|
49
|
+
UserExample.c_find_by_access_token!("invalid_access_token")
|
50
|
+
#=> Aws::CognitoIdentityProvider::Errors::NotAuthorizedException: Invalid Access Token
|
51
|
+
```
|
data/doc/ca_create!.md
CHANGED
@@ -6,7 +6,7 @@ __*#ca_create!(username)*__
|
|
6
6
|
|
7
7
|
> In order to create user on Cognito
|
8
8
|
> - Username should be equal __email/phone_number/random_uniq_string__ depend on you cognito user pool settings - [cognito username attribute doc](https://docs.aws.amazon.com/en_us/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-usernames)
|
9
|
-
>
|
9
|
+
> - The user's temporary password must conform to the password policy that you specified when you created the user pool. The temporary password is valid only once. To complete the Admin Create User flow, the user must enter the temporary password in the sign-in page along with a new password to be used in all future sign-ins. This parameter is not required.
|
10
10
|
> Also check this doc [admin-create-user](https://docs.aws.amazon.com/cli/latest/reference/cognito-idp/admin-create-user.html) method
|
11
11
|
|
12
12
|
## Usage
|
@@ -21,7 +21,12 @@ attrs = {
|
|
21
21
|
{ phone_number: '+1111111111' }
|
22
22
|
}
|
23
23
|
|
24
|
+
# with default temporary password
|
24
25
|
UserExample.ca_create!(attrs, attrs[:phone_number])
|
26
|
+
|
27
|
+
# with manual temporary password
|
28
|
+
temporary_password = "Abcdef-123"
|
29
|
+
UserExample.ca_create!(attrs, attrs[:phone_number], temporary_password)
|
25
30
|
```
|
26
31
|
|
27
32
|
__Output__
|
@@ -35,5 +40,25 @@ __Output__
|
|
35
40
|
"user_status"=>"FORCE_CHANGE_PASSWORD",
|
36
41
|
"phone_number"=>"+3333333333"
|
37
42
|
}
|
43
|
+
```
|
44
|
+
|
45
|
+
__Error output__
|
46
|
+
|
47
|
+
```ruby
|
48
|
+
UserExample.ca_create!(attrs, attrs[:email])
|
49
|
+
#=> Aws::CognitoIdentityProvider::Errors::InvalidParameterException: Invalid email address format.
|
50
|
+
```
|
38
51
|
|
52
|
+
_For example minimum password length set to 8 characters_
|
53
|
+
|
54
|
+
```ruby
|
55
|
+
UserExample.ca_create!(attrs, attrs[:phone_number], '123abc')
|
56
|
+
#=> Aws::CognitoIdentityProvider::Errors::InvalidParameterException: Password not long enough
|
57
|
+
```
|
58
|
+
|
59
|
+
_For example password requires numbers_
|
60
|
+
|
61
|
+
```ruby
|
62
|
+
UserExample.ca_create!(attrs, attrs[:phone_number], 'qwerty')
|
63
|
+
#=> Aws::CognitoIdentityProvider::Errors::InvalidParameterException: Password must have numeric characters
|
39
64
|
```
|
data/doc/ca_delete!.md
CHANGED
@@ -23,3 +23,12 @@ __Output__
|
|
23
23
|
```ruby
|
24
24
|
{}
|
25
25
|
```
|
26
|
+
|
27
|
+
__Error output__
|
28
|
+
|
29
|
+
In case of passing invalid or nonexistent(in your Cognito Pool) username you will get AWS error
|
30
|
+
|
31
|
+
```ruby
|
32
|
+
UserExample.ca_delete!('invalid_username')
|
33
|
+
#=> Aws::CognitoIdentityProvider::Errors::UserNotFoundException: User not found.
|
34
|
+
```
|
data/doc/ca_disable!.md
CHANGED
@@ -23,3 +23,12 @@ __Output__
|
|
23
23
|
```ruby
|
24
24
|
{}
|
25
25
|
```
|
26
|
+
|
27
|
+
__Error output__
|
28
|
+
|
29
|
+
In case of passing invalid or nonexistent(in your Cognito Pool) username you will get AWS error
|
30
|
+
|
31
|
+
```ruby
|
32
|
+
UserExample.ca_disable!('invalid_username')
|
33
|
+
#=> Aws::CognitoIdentityProvider::Errors::UserNotFoundException: User not found.
|
34
|
+
```
|
data/doc/ca_enable!.md
ADDED
@@ -0,0 +1,34 @@
|
|
1
|
+
# CognitoSyncService
|
2
|
+
|
3
|
+
__*#ca_enable!(username)*__
|
4
|
+
|
5
|
+
### Synopsys
|
6
|
+
|
7
|
+
> Enable user in cognito pool.
|
8
|
+
>
|
9
|
+
> Also check this doc [admin-enable-user](https://docs.aws.amazon.com/cli/latest/reference/cognito-idp/admin-enable-user.html) method
|
10
|
+
|
11
|
+
## Usage
|
12
|
+
|
13
|
+
```ruby
|
14
|
+
class UserExample
|
15
|
+
extend ::CognitoSyncService
|
16
|
+
end
|
17
|
+
|
18
|
+
UserExample.ca_enable!(username)
|
19
|
+
```
|
20
|
+
|
21
|
+
__Output__
|
22
|
+
|
23
|
+
```ruby
|
24
|
+
{}
|
25
|
+
```
|
26
|
+
|
27
|
+
__Error output__
|
28
|
+
|
29
|
+
In case of passing invalid or nonexistent(in your Cognito Pool) username you will get AWS error
|
30
|
+
|
31
|
+
```ruby
|
32
|
+
UserExample.ca_enable!('invalid_username')
|
33
|
+
#=> Aws::CognitoIdentityProvider::Errors::UserNotFoundException: User not found.
|
34
|
+
```
|
data/doc/ca_find!.md
CHANGED
@@ -8,6 +8,7 @@ __*#ca_find!(username)*__
|
|
8
8
|
> - Username should be equal __email/phone_number/random_uniq_string__ depend on you cognito user pool settings - [cognito username attribute doc](https://docs.aws.amazon.com/en_us/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-usernames)
|
9
9
|
|
10
10
|
Cognito return data in format with __user_attributes__ key
|
11
|
+
|
11
12
|
# cognito-idp example
|
12
13
|
```
|
13
14
|
<struct Aws::CognitoIdentityProvider::Types::AdminGetUserResponse
|
@@ -50,3 +51,12 @@ __Output__
|
|
50
51
|
"username"=>"dae4900d-0984-4ac0-9ab0-14505e52d50c"
|
51
52
|
}
|
52
53
|
```
|
54
|
+
__Error output__
|
55
|
+
|
56
|
+
|
57
|
+
In case of passing invalid or nonexistent(in your Cognito Pool) username you will get AWS error
|
58
|
+
|
59
|
+
```ruby
|
60
|
+
UserExample.ca_find!('invalid_username')
|
61
|
+
#=> Aws::CognitoIdentityProvider::Errors::UserNotFoundException: User not found.
|
62
|
+
```
|
data/doc/ca_initiate_auth!.md
CHANGED
@@ -44,3 +44,11 @@ result.authentication_result #=> nil
|
|
44
44
|
|
45
45
|
>In this case ```authentication_result``` is ```nil``` because of particular auth flow when user account in Cognito has not been confirmed yet.
|
46
46
|
```authentication_result``` is only returned if the caller does not need to pass another challenge. If the caller does need to pass another challenge before it gets tokens, ChallengeName , ChallengeParameters , and Session are returned.
|
47
|
+
|
48
|
+
__Error output__
|
49
|
+
|
50
|
+
In case of passing invalid email or invalid password you will get AWS error
|
51
|
+
|
52
|
+
```ruby
|
53
|
+
UserExample.ca_initiate_auth!('invalid_username', 'invalid_password') #=> Aws::CognitoIdentityProvider::Errors::NotAuthorizedException: Incorrect username or password.
|
54
|
+
```
|
@@ -0,0 +1,63 @@
|
|
1
|
+
# CognitoSyncService
|
2
|
+
|
3
|
+
__*#ca_refresh_tokens!(refresh_token)*__
|
4
|
+
|
5
|
+
### Synopsys
|
6
|
+
|
7
|
+
> Authentication flow for refreshing the Access token and ID token by supplying a valid refresh token.
|
8
|
+
>
|
9
|
+
> Also check this doc [admin-initiate-auth](https://docs.aws.amazon.com/cli/latest/reference/cognito-idp/admin-enable-user.html) method. Pay attention to description about REFRESH_TOKEN_AUTH authentication flow.
|
10
|
+
|
11
|
+
## Usage
|
12
|
+
|
13
|
+
```ruby
|
14
|
+
class UserExample
|
15
|
+
extend ::CognitoSyncService
|
16
|
+
end
|
17
|
+
|
18
|
+
result = UserExample.ca_refresh_tokens!(refresh_token)
|
19
|
+
```
|
20
|
+
|
21
|
+
__Output__
|
22
|
+
|
23
|
+
```ruby
|
24
|
+
#<struct Aws::CognitoIdentityProvider::Types::AdminInitiateAuthResponse
|
25
|
+
challenge_name=nil,
|
26
|
+
session=nil,
|
27
|
+
challenge_parameters={},
|
28
|
+
authentication_result=
|
29
|
+
#<struct Aws::CognitoIdentityProvider::Types::AuthenticationResultType
|
30
|
+
access_token=
|
31
|
+
"eyJraWQiOiJ3T0RTTmYyTXRheDJPMTVOS2xMc1RoM1hoOXV6V3BBcEpMUk0K29BeDhRNmxzPSIsImFsZHN1U6fbXscuMGeogaR-",
|
32
|
+
expires_in=3600,
|
33
|
+
token_type="Bearer",
|
34
|
+
refresh_token=nil,
|
35
|
+
id_token=
|
36
|
+
"eyJraWQiOiJSejZRdXRPbXVlNk1vdEZpUm83M1lsTWeyJraWQiOiJ3T0RTTmYyTXRheDJPMTVOS2xMc1",
|
37
|
+
new_device_metadata=nil>>
|
38
|
+
```
|
39
|
+
|
40
|
+
__Note:__
|
41
|
+
|
42
|
+
> If you need to retreive `access_token` or `id_token` from ```result``` you can simply call it by its keys like:
|
43
|
+
|
44
|
+
```ruby
|
45
|
+
result.authentication_result.access_token
|
46
|
+
#=> "eyJraWQiOiJ3T0RTTmYyTXRheDJPMTVOS2xMc1RoM1hoOXV6V3BBcEpMUk0K29BeDhRNmxzPSIsImFsZHN1U6fbXscuMGeogaR-"
|
47
|
+
|
48
|
+
result.authentication_result.id_token
|
49
|
+
#=> "eyJraWQiOiJSejZRdXRPbXVlNk1vdEZpUm83M1lsTWeyJraWQiOiJ3T0RTTmYyTXRheDJPMTVOS2xMc1"
|
50
|
+
```
|
51
|
+
|
52
|
+
>In this case ```challenge_name```,`session` and `challenge_parameters` return ```nil``` because of particular auth flow when Access token and ID token have been refreshed successfully.
|
53
|
+
>
|
54
|
+
>So when the caller does need to pass another challenge before it gets tokens, `challenge_name`, `challenge_parameters`, and `session` are returned.
|
55
|
+
|
56
|
+
__Error output__
|
57
|
+
|
58
|
+
In case of passing invalid Refresh token you will get AWS error
|
59
|
+
|
60
|
+
```ruby
|
61
|
+
UserExample.ca_refresh_tokens!('invalid_refresh_token')
|
62
|
+
#=> Aws::CognitoIdentityProvider::Errors::NotAuthorizedException: Invalid Refresh Token.
|
63
|
+
```
|
@@ -28,19 +28,38 @@ result = UserExample.ca_respond_to_auth_challenge!(username, password, session)
|
|
28
28
|
__Output__
|
29
29
|
|
30
30
|
```ruby
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
31
|
+
#<struct Aws::CognitoIdentityProvider::Types::AdminRespondToAuthChallengeResponse
|
32
|
+
session=nil,
|
33
|
+
challenge_parameters={},
|
34
|
+
challenge_name=nil,
|
35
|
+
authentication_result=
|
36
36
|
#<struct Aws::CognitoIdentityProvider::Types::AuthenticationResultType
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
37
|
+
access_token= "eyJraWQiOiJ3T0RTTmYyTXRheDJPM24lD2xMc1RoM1hoOXV6V3BBcEpubjdMMlwvMXo4bz0iLCJhbGciOiJSUzI1NiJ9cHgmlc6WWxXPw36GuQ91jiTisnvtJWus-XvOOcLK4qsQ",
|
38
|
+
expires_in=3600,
|
39
|
+
token_type="Bearer",
|
40
|
+
refresh_token= "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2-Dmc6dms9iukp_YUfeO6Vj-P9sOom_khf3FWTMz1Mb2dI8vjhvG_kK8Gu-5rw",
|
41
|
+
id_token= "eyJraWQiOiJSejZRdXRPbXVlNk1vdEZpUm83M1lsTWJSZjc4Qxv4MUk0K29BeDhRNmxzPSIsImFsZyI6IlJTMjU2In0.hftrLf9--JjgZYAREDXYM8aJkLkeuXCSnM5fkOqYn8DQ",
|
42
|
+
new_device_metadata=nil
|
43
|
+
>
|
44
|
+
>
|
45
|
+
```
|
46
|
+
__Note:__
|
47
|
+
|
48
|
+
> If you need to retreive `access_token` or `id_token` from ```result``` you can simply call it by its keys like:
|
49
|
+
|
50
|
+
```ruby
|
51
|
+
result.authentication_result.access_token
|
52
|
+
#=> "eyJraWQiOiJ3T0RTTmYyTXRheDJPM24lD2xMc1RoM1hoOXV6V3BBcEpubjdMMlwvMXo4bz0iLCJhbGciOiJSUzI1NiJ9cHgmlc6WWxXPw36GuQ91jiTisnvtJWus-"
|
53
|
+
|
54
|
+
result.authentication_result.id_token
|
55
|
+
#=> "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2-Dmc6dms9iukp_YUfeO6Vj-P9sOom_khf3FWTMz1Mb2dI8vjhvG_kK8Gu-5rw"
|
56
|
+
```
|
57
|
+
|
58
|
+
__Error output__
|
59
|
+
|
60
|
+
In case of passing invalid session you will get AWS error
|
61
|
+
|
62
|
+
```ruby
|
63
|
+
UserExample.ca_respond_to_auth_challenge!(username, password, 'invalid_session')
|
64
|
+
#=> Aws::CognitoIdentityProvider::Errors::CodeMismatchException: Invalid session provided
|
46
65
|
```
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# CognitoSyncService
|
2
|
+
|
3
|
+
__*#ca_set_user_password!(username, password)*__
|
4
|
+
|
5
|
+
### Synopsys
|
6
|
+
|
7
|
+
> Sets the specified user's password in a user pool as an administrator. Works on any user.
|
8
|
+
>
|
9
|
+
> Also check AWS API Documentation [AdminSetUserPassword](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminSetUserPassword.html) method
|
10
|
+
>
|
11
|
+
> Also check this doc [admin-set-user-password](https://docs.aws.amazon.com/cli/latest/reference/cognito-idp/admin-set-user-password.html) method
|
12
|
+
|
13
|
+
## Usage
|
14
|
+
|
15
|
+
```ruby
|
16
|
+
class UserExample
|
17
|
+
extend ::CognitoSyncService
|
18
|
+
end
|
19
|
+
|
20
|
+
UserExample.ca_set_user_password!(username, password)
|
21
|
+
```
|
22
|
+
|
23
|
+
__Output__
|
24
|
+
|
25
|
+
```ruby
|
26
|
+
#<struct Aws::CognitoIdentityProvider::Types::AdminSetUserPasswordResponse>
|
27
|
+
```
|
28
|
+
|
29
|
+
__Error output__
|
30
|
+
|
31
|
+
In case of passing invalid or nonexistent(in your Cognito Pool) username you will get AWS error
|
32
|
+
|
33
|
+
```ruby
|
34
|
+
UserExample.ca_set_user_password!('invalid_username', password)
|
35
|
+
#=> Aws::CognitoIdentityProvider::Errors::UserNotFoundException: User not found.
|
36
|
+
```
|
data/doc/ca_update!.md
CHANGED
@@ -39,5 +39,17 @@ __Output__
|
|
39
39
|
"user_status"=>"FORCE_CHANGE_PASSWORD",
|
40
40
|
"phone_number"=>"+111111111"
|
41
41
|
}
|
42
|
+
```
|
43
|
+
|
44
|
+
__Error output__
|
45
|
+
|
46
|
+
In case of passing invalid attributes you will get AWS error
|
47
|
+
|
48
|
+
```ruby
|
49
|
+
attrs = {
|
50
|
+
{ email: 'invalidemail@@@example....com' },
|
51
|
+
{ phone_number: '+1111111111' }
|
52
|
+
}
|
42
53
|
|
54
|
+
UserExample.ca_update!(attrs, attrs[:phone_number]) #=> Aws::CognitoIdentityProvider::Errors::InvalidParameterException: Invalid email address format.
|
43
55
|
```
|
data/lib/cognito-sync-service.rb
CHANGED
@@ -49,6 +49,11 @@ module CognitoSyncService
|
|
49
49
|
cognito_provider.admin_disable_user(user_pool_id: web_pool_id, username: username)
|
50
50
|
end
|
51
51
|
|
52
|
+
# user can be enable by email or phone_number depend on cognito pool settings
|
53
|
+
def ca_enable!(username)
|
54
|
+
cognito_provider.admin_enable_user(user_pool_id: web_pool_id, username: username)
|
55
|
+
end
|
56
|
+
|
52
57
|
# user can be authenticated by email or phone_number depend on cognito pool settings
|
53
58
|
# password can be constant or temporary
|
54
59
|
# "auth_flow" arg may differ depend on you authorization rules, we hardcode ADMIN_NO_SRP_AUTH like a common case
|
@@ -66,6 +71,19 @@ module CognitoSyncService
|
|
66
71
|
)
|
67
72
|
end
|
68
73
|
|
74
|
+
# user can refresh access token and id token by passing in a valid refresh token
|
75
|
+
# REFRESH_TOKEN_AUTH - Authentication flow for refreshing the access token and ID token by supplying a valid refresh token
|
76
|
+
def ca_refresh_tokens!(refresh_token)
|
77
|
+
cognito_provider.admin_initiate_auth(
|
78
|
+
user_pool_id: web_pool_id,
|
79
|
+
client_id: web_client_id,
|
80
|
+
auth_flow: 'REFRESH_TOKEN_AUTH',
|
81
|
+
auth_parameters: {
|
82
|
+
REFRESH_TOKEN: refresh_token
|
83
|
+
}
|
84
|
+
)
|
85
|
+
end
|
86
|
+
|
69
87
|
# for now this method works only for password confirmation flow
|
70
88
|
def ca_respond_to_auth_challenge!(username, password, session)
|
71
89
|
cognito_provider.admin_respond_to_auth_challenge(
|
@@ -76,4 +94,20 @@ module CognitoSyncService
|
|
76
94
|
challenge_responses: { USERNAME: username, NEW_PASSWORD: password }
|
77
95
|
)
|
78
96
|
end
|
97
|
+
|
98
|
+
# works with any user
|
99
|
+
# after this method has been performed your account_status will be FORCE_CHANGE_PASSWORD
|
100
|
+
def ca_set_user_password!(username, password)
|
101
|
+
cognito_provider.admin_set_user_password(
|
102
|
+
user_pool_id: web_pool_id,
|
103
|
+
username: username,
|
104
|
+
password: password
|
105
|
+
).to_h
|
106
|
+
end
|
107
|
+
|
108
|
+
# return user attributes by access token
|
109
|
+
def c_find_by_access_token!(access_token)
|
110
|
+
user = cognito_provider.get_user(access_token: access_token)
|
111
|
+
convert_from_cognito(user)
|
112
|
+
end
|
79
113
|
end
|
data/logo.png
ADDED
Binary file
|
metadata
CHANGED
@@ -1,14 +1,15 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cognito-sync-service
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Mark Osipenko
|
8
|
+
- Andrey Aliabiev
|
8
9
|
autorequire:
|
9
10
|
bindir: exe
|
10
11
|
cert_chain: []
|
11
|
-
date: 2019-
|
12
|
+
date: 2019-12-10 00:00:00.000000000 Z
|
12
13
|
dependencies:
|
13
14
|
- !ruby/object:Gem::Dependency
|
14
15
|
name: aws-sdk-cognitoidentity
|
@@ -182,6 +183,7 @@ description: 'With this gem you can implement: CRUD functionality from you appli
|
|
182
183
|
synchronize you database users with user_pools, handling authorization'
|
183
184
|
email:
|
184
185
|
- mark.osipenko@gmail.com
|
186
|
+
- andrey.alyabyev23@gmail.com
|
185
187
|
executables: []
|
186
188
|
extensions: []
|
187
189
|
extra_rdoc_files: []
|
@@ -191,6 +193,7 @@ files:
|
|
191
193
|
- ".rspec"
|
192
194
|
- ".rubocop.yml"
|
193
195
|
- ".travis.yml"
|
196
|
+
- CHANGELOG.md
|
194
197
|
- CODE_OF_CONDUCT.md
|
195
198
|
- CONTRIBUTING.md
|
196
199
|
- DEVELOPMENT.md
|
@@ -201,21 +204,23 @@ files:
|
|
201
204
|
- Rakefile
|
202
205
|
- bin/console
|
203
206
|
- bin/setup
|
204
|
-
-
|
205
|
-
- cognito-sync-service-0.3.0.gem
|
206
|
-
- cognito-sync-service-0.3.1.gem
|
207
|
-
- cognito-sync-service-0.3.2.gem
|
207
|
+
- built_with_pain_from_cognito.png
|
208
208
|
- cognito_sync_service.gemspec
|
209
|
+
- doc/c_find_by_access_token!.md
|
209
210
|
- doc/ca_create!.md
|
210
211
|
- doc/ca_delete!.md
|
211
212
|
- doc/ca_disable!.md
|
213
|
+
- doc/ca_enable!.md
|
212
214
|
- doc/ca_find!.md
|
213
215
|
- doc/ca_initiate_auth!.md
|
216
|
+
- doc/ca_refresh_tokens!.md
|
214
217
|
- doc/ca_respond_to_auth_challenge!.md
|
218
|
+
- doc/ca_set_user_password!.md
|
215
219
|
- doc/ca_update!.md
|
216
220
|
- lib/cognito-sync-service.rb
|
217
221
|
- lib/cognito-sync-service/version.rb
|
218
222
|
- lib/cognito_attributes_converter.rb
|
223
|
+
- logo.png
|
219
224
|
homepage: https://github.com/7DevsApps/cognito-sync-service
|
220
225
|
licenses:
|
221
226
|
- MIT
|
@@ -238,7 +243,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
238
243
|
- !ruby/object:Gem::Version
|
239
244
|
version: '0'
|
240
245
|
requirements: []
|
241
|
-
rubygems_version: 3.0.
|
246
|
+
rubygems_version: 3.0.6
|
242
247
|
signing_key:
|
243
248
|
specification_version: 4
|
244
249
|
summary: Aws Cognito user pool synchronizer
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|