node-red-contrib-cognito-auth

This is a helper that uses the amazon-cognito-identity-js to create and maintain a valid JWT that can be used to authenticate further calls to the AWS platform (e.g. GraphQL).

Runs that need to request a new JWT will take a bit longer, but calls that can re-use an existing token are quicker.

This is the first version of the Node, and it has been tailored for a specific need. Feel free to fork on GitHub, or reach out with your request.

Inputs

Name
Display name of the Node.

TargetAttribute Defines the Attribute of the msg Object that will store the valid Token.
Defaults to msg.payload.

Username
The user name of the Cognito Account, typically a email address.
This can also be provided as a parameter to the inbount message on attribute msg.username.
If the msg.username is present on the input, it will be removed before the message is send foreward.

Password
The Password of the Cognito Account.
This can also be provided as a parameter to the inbount message on attribute msg.password.
If the msg.password is present on the input, it will be removed before the message is send foreward.

Userpool Id
Id of the Cognito Userpool.
Format starts with a region, followed by an ID (e.g.: eu-west-1_SoMeId).

Client Id
Client ID or Webclient ID, as provided by Cognito.

Token Type
This is either "id" or "access".
Note: Tests only covered "access" so far.

msg.reset
If present on the inbound message, the current Token will be withdrawn.
Afterwards, the node will attempt to generate a new one.
The flag msg.reset attribute will be removed.

Output

token on msg.payload (or the specified target attribute)

Dependencies

• amazon-cognito-identity-js
• jwt-decode