From 4ad11a498e9e13f040398442b6b44598cdc158cc Mon Sep 17 00:00:00 2001 From: Zack Spear Date: Wed, 28 Aug 2024 13:27:26 -0700 Subject: [PATCH] feat: cognito oauth support custom domain --- src/runtime/server/lib/oauth/cognito.ts | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/src/runtime/server/lib/oauth/cognito.ts b/src/runtime/server/lib/oauth/cognito.ts index 1ca15874..4bf6b1b4 100644 --- a/src/runtime/server/lib/oauth/cognito.ts +++ b/src/runtime/server/lib/oauth/cognito.ts @@ -41,6 +41,11 @@ export interface OAuthCognitoConfig { * @default process.env.NUXT_OAUTH_COGNITO_REDIRECT_URL or current URL */ redirectURL?: string + /** + * AWS Cognito App Custom Domain – some pool configurations require this + * @default '' + */ + domain?: string } export function oauthCognitoEventHandler({ config, onSuccess, onError }: OAuthConfig) { @@ -59,8 +64,10 @@ export function oauthCognitoEventHandler({ config, onSuccess, onError }: OAuthCo return onError(event, error) } - const authorizationURL = `https://${config.userPoolId}.auth.${config.region}.amazoncognito.com/oauth2/authorize` - const tokenURL = `https://${config.userPoolId}.auth.${config.region}.amazoncognito.com/oauth2/token` + const urlBase = config?.domain || `${config.userPoolId}.auth.${config.region}.amazoncognito.com` + + const authorizationURL = `https://${urlBase}/oauth2/authorize` + const tokenURL = `https://${urlBase}/oauth2/token` const redirectURL = config.redirectURL || getRequestURL(event).href if (!code) { @@ -107,7 +114,7 @@ export function oauthCognitoEventHandler({ config, onSuccess, onError }: OAuthCo const accessToken = tokens.access_token // TODO: improve typing // eslint-disable-next-line @typescript-eslint/no-explicit-any - const user: any = await $fetch(`https://${config.userPoolId}.auth.${config.region}.amazoncognito.com/oauth2/userInfo`, { + const user: any = await $fetch(`https://${urlBase}/oauth2/userInfo`, { headers: { Authorization: `${tokenType} ${accessToken}`, },