flask_cognitologin package

Submodules

flask_cognitologin.cognitologin module

Main module.

class flask_cognitologin.cognitologin.CognitoLogin(app=None)[source]

Bases: object

property JWKS
checkIdentity(identity)[source]

Check identity claims

If the current identity is about to expire a new one will be emitted.

If identity does not has exp and refresh_token keys this returns None

Parameters

identity (dict) – current user identity claims

Returns

identity

Return type

dict

getIdentity()[source]

Process cognito autorization code grant

Returns

the user identity or None

Return type

dict

getLogOutUrl()[source]

Return the cognito logout url

getSignInUrl()[source]

Return the cognito url for login

getTokens(refresh_token)[source]

Returns the id_token and access_token

Parameters

refresh_token (str) – refresh token for the user

Returns

a dict with the keys id_token and access_token

Return type

dict

init_app(app)[source]

Initialize the extension

This extension need session so the SECRET_KEY should be configured:

app.config['SECRET_KEY'] = 'some-secret-of-my-own'

You also need:

  • AWS_REGION: aws region of your cognito user pool

  • COGNITO_POOL_ID: Cognito user pool ID

  • COGNITO_DOMAIN: this is the full hostname of the cognito domain for example, mycogdomain.auth.eu-west-1.amazoncognito.com, refer to aws documentation

  • COGNITO_CLIENT_ID: Your cognito client ID

  • COGNITO_CALLBACK_URL: URL for the autorization code grant, cognito will call to this URL with the user tokens

  • COGNITO_CLIENT_SECRET: Your cognito client secret

Raises

ValueError – if the config keys are missing

teardown(exception)[source]

Module contents

Top-level package for Flask-CognitoLogin.

class flask_cognitologin.CognitoLogin(app=None)[source]

Bases: object

property JWKS
checkIdentity(identity)[source]

Check identity claims

If the current identity is about to expire a new one will be emitted.

If identity does not has exp and refresh_token keys this returns None

Parameters

identity (dict) – current user identity claims

Returns

identity

Return type

dict

getIdentity()[source]

Process cognito autorization code grant

Returns

the user identity or None

Return type

dict

getLogOutUrl()[source]

Return the cognito logout url

getSignInUrl()[source]

Return the cognito url for login

getTokens(refresh_token)[source]

Returns the id_token and access_token

Parameters

refresh_token (str) – refresh token for the user

Returns

a dict with the keys id_token and access_token

Return type

dict

init_app(app)[source]

Initialize the extension

This extension need session so the SECRET_KEY should be configured:

app.config['SECRET_KEY'] = 'some-secret-of-my-own'

You also need:

  • AWS_REGION: aws region of your cognito user pool

  • COGNITO_POOL_ID: Cognito user pool ID

  • COGNITO_DOMAIN: this is the full hostname of the cognito domain for example, mycogdomain.auth.eu-west-1.amazoncognito.com, refer to aws documentation

  • COGNITO_CLIENT_ID: Your cognito client ID

  • COGNITO_CALLBACK_URL: URL for the autorization code grant, cognito will call to this URL with the user tokens

  • COGNITO_CLIENT_SECRET: Your cognito client secret

Raises

ValueError – if the config keys are missing

teardown(exception)[source]