I use aws-amplify as shown below,
Amplify.configure({
Auth: {
region: config.aws.region,
identityPoolRegion: config.aws.region,
userPoolId: process.env.userPoolId,
userPoolWebClientId: process.env.appClientId,
oauth: {
domain: process.env.domain,
// scope: ['phone', 'email', 'profile', 'openid', 'aws.cognito.signin.user.admin'],
redirectSignIn: `${process.env.redirectSignIn}`,
redirectSignOut: process.env.redirectSignout,
responseType: code // NOTE: It was set to 'token' earlier and I used to get accessToken/IDToken back but refreshToken was empty
}
}
});
As you can see responseType was set to token and I was able to do microsoft SSO login successfully. I used to get AccessToken/IdToken in redirect URL but refreshtoken as always empty.
I want to generate refershToken to refresh session at later stage.
To get a refreshtoken, I saw I need to change responseType to code as shown above,
How I call to oauth2 endpoint (with responseType = code)
const azureLogin = () => {
window.location.href = `https://${process.env.domain}/oauth2/authorize?identity_provider=${process.env.identityProviderName}&redirect_uri=${process.env.redirectSignIn}&response_type=${process.env.responseType}&client_id=${process.env.appClientId}&scope=aws.cognito.signin.user.admin+email+openid+phone+profile`;
};
From my app, whenever I do (SSO) login it does following things,
browser's URL changes to something :
https://login.microsoftonline.com/62xxx-7x-4xxxf50-axx7-fxxx692/saml2?SAMLRequest=fZJbS8MwF********************
Then it changes to,
http://localhost:3000/auth/redirect?code=bccxxx-exx-4xx-8x-9xxxxxx
I get code but I don't what should I do with this code. how to use this code to get accessToken, IdToken and refreshToken?
Can someone pls help me with the flow?
PS: I checked AWS-amplify document also but flow is not clear. On top of it, there are no examples available which I can take help from.
