Use endpoint url for generating pool url (NabuCasa#181)

* Use custom endpoint urls as part of token issuer * username may not always be provided as part of ChallengeParameters * Cleaner parameter handling * Fixed formatting issues
swyckoff · Dec 30, 2022 · a12a73e · a12a73e
1 parent 3a836c7
commit a12a73e
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 4 deletions.
diff --git a/pycognito/__init__.py b/pycognito/__init__.py
@@ -195,6 +195,8 @@ def __init__(
         if access_key and secret_key:
             boto3_client_kwargs["aws_access_key_id"] = access_key
             boto3_client_kwargs["aws_secret_access_key"] = secret_key
+        self.pool_domain_url = boto3_client_kwargs.get("endpoint_url", None)
+
         if self.user_pool_region:
             boto3_client_kwargs["region_name"] = self.user_pool_region
         if botocore_config:
@@ -207,6 +209,9 @@ def __init__(
 
     @property
     def user_pool_url(self):
+        if self.pool_domain_url:
+            return f"{self.pool_domain_url}/{self.user_pool_id}"
+
         return f"https://cognito-idp.{self.user_pool_region}.amazonaws.com/{self.user_pool_id}"
 
     def get_keys(self):

diff --git a/pycognito/aws_srp.py b/pycognito/aws_srp.py
@@ -225,8 +225,10 @@ def get_secret_hash(username, client_id, client_secret):
     def get_cognito_formatted_timestamp(input_datetime):
         return f"{WEEKDAY_NAMES[input_datetime.weekday()]} {MONTH_NAMES[input_datetime.month - 1]} {input_datetime.day:d} {input_datetime.hour:02d}:{input_datetime.minute:02d}:{input_datetime.second:02d} UTC {input_datetime.year:d}"
 
-    def process_challenge(self, challenge_parameters):
-        internal_username = challenge_parameters["USERNAME"]
+    def process_challenge(self, challenge_parameters, request_parameters):
+        internal_username = challenge_parameters.get(
+            "USERNAME", request_parameters["USERNAME"]
+        )
         user_id_for_srp = challenge_parameters["USER_ID_FOR_SRP"]
         salt_hex = challenge_parameters["SALT"]
         srp_b_hex = challenge_parameters["SRP_B"]
@@ -270,7 +272,9 @@ def authenticate_user(self, client=None, client_metadata=None):
             ClientId=self.client_id,
         )
         if response["ChallengeName"] == self.PASSWORD_VERIFIER_CHALLENGE:
-            challenge_response = self.process_challenge(response["ChallengeParameters"])
+            challenge_response = self.process_challenge(
+                response["ChallengeParameters"], auth_params
+            )
             tokens = boto_client.respond_to_auth_challenge(
                 ClientId=self.client_id,
                 ChallengeName=self.PASSWORD_VERIFIER_CHALLENGE,
@@ -306,7 +310,9 @@ def set_new_password_challenge(self, new_password, client=None):
             ClientId=self.client_id,
         )
         if response["ChallengeName"] == self.PASSWORD_VERIFIER_CHALLENGE:
-            challenge_response = self.process_challenge(response["ChallengeParameters"])
+            challenge_response = self.process_challenge(
+                response["ChallengeParameters"], auth_params
+            )
             tokens = boto_client.respond_to_auth_challenge(
                 ClientId=self.client_id,
                 ChallengeName=self.PASSWORD_VERIFIER_CHALLENGE,