如何以编程方式交换授权代码以使用python从cognito获取访问令牌 [英] How programtically exchange the authorization code to get the access token from cognito using python

问题描述

我一直在寻找一种解决方案，该方案如何交换authorization_code实用地从cognito获取访问令牌.我创建了Cognito池和集成的应用程序客户端.因此，当我以以下格式调用登录域时，我会获得登录页面并能够登录/注册

I been searching for a solution on how to exchange authorization_code to get the access token from cognito pragmatically . i have created cognito pool and integrated app client. so when i invoke the login domain in the below format, iam getting the login page and able to login/sign up

https://<your_domain>/login?response_type=code&client_id=<your_app_client_id>&redirect_uri=<your_callback_url>

现在，上述网址将返回authorization_code作为参数.我使用邮递员通过以下查询获取结果，该查询返回ID令牌，访问令牌，刷新令牌.

Now the above url will return the authorization_code as parameter. I used post man to get the result with following query, which return the id token, acccess token, refresh token.

POST https://mydomain.auth.us-east-1.amazoncognito.com/oauth2/token&
Content-Type='application/x-www-form-urlencoded'
grant_type=authorization_code&
client_id=myid&
code=AUTHORIZATION_CODE&
redirect_uri=http://localhost:5000/login

现在，我需要在我的应用中实施相同操作才能获取访问令牌下面是我尝试过的代码

Now i would need to implement the same in my app to get the access token Below is the code i tried

 response = requests.post(url + '/oauth2/token',
                             auth=(App_client_id),
                             data={'grant_type': grant_type, 'code': accessCode, 'client_id': App_client_id,
                                   "redirect_uri":'http://localhost:5000/login'})
print(response.json())

但是我没有得到任何回应.

But i am not getting any response.

1. 我有一个与cognito用户池/授权者关联的api网关，并且此api网关返回了来自其他AWS服务(例如lambda)的响应.

2.在我的应用程序-Flask App中，我想以这样一种方式放置逻辑，即用户登录后通过用户池进行身份验证后，它将在redirect_uri中返回authorization_code.

2.In my application - Flask App, i want to put a logic in such a way that once user authenticated with the user pool after login, it return the authorization_code in the redirect_uri.

1. 在redirect_uri中，我有一些操作-读/写/删除任务.对于每个任务，我需要使用通过authorization_code交换接收到的访问令牌进行身份验证.因此只有登录的用户才能从重定向uri中执行操作.

是否知道有人可以帮助解决此问题?

Appreciate if anyone can help to resolve this?

谢谢

推荐答案

Finlay可以通过以下代码交换授权代码，以从cognito auth中检索access_token，刷新和id_token:

Finlay got the way to exchange Authorization code to retrieve the access_token along with the refresh and id_token from cognito auth with below code:

response = requests.post(url + '/oauth2/token',{'Content-Type':'application/x-www-form-urlencoded', 'grant_type': grant_type, 'client_id': App_client_id,  'code': code, 'redirect_uri': 'http://localhost:5000/login'})
print(response.json())

谢谢

这篇关于如何以编程方式交换授权代码以使用python从cognito获取访问令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！