Skip to content

testing jwt signing and oauth2 Client Credentials Flow

Notifications You must be signed in to change notification settings

wmoussa-gc/poc-cognito-oauth2

Repository files navigation

Proof of Concept: Client Grant Flow + JWT Verification + AWS Cognito

Create an AWS Cognito User Pool

  1. Go to AWS Cognito User Pools.

  2. Specifics:

    • For machine-to-machine, disable MFA enforcement.
    • Enable the Cognito Hosted UI to obtain a Cognito Domain (necessary for communicating with /auth2/token).
    • Create a resource server with the scope read and Resource Server Identifier forms.
  3. Save the User Pool ID, Cognito Domain and the region in your .env file.

Running the Server and Saving Client Secrets (Asymmetric Keys and Metadata)

  1. Set your AWS keys.
  2. Install dependencies:
    npm install
  3. Start the server:
    node_modules/.bin/nodemon .
  4. In your browser, call: http://localhost:3000/api/createAppClient. This will create the asymmetric keys for signing the JWT and the client ID/secret metadata, which the client will need to store securely.

image

Client Simulator in Node

Run the client test:

node client_test.js

image

References

About

testing jwt signing and oauth2 Client Credentials Flow

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published