Mail

venv/lib/python3.12/site-packages/allauth/socialaccount/providers/amazon_cognito/provider.py

@@ -0,0 +1,78 @@
+from allauth.account.models import EmailAddress
+from allauth.socialaccount.providers.amazon_cognito.utils import (
+    convert_to_python_bool_if_value_is_json_string_bool,
+)
+from allauth.socialaccount.providers.base import ProviderAccount
+from allauth.socialaccount.providers.oauth2.provider import OAuth2Provider
+
+
+class AmazonCognitoAccount(ProviderAccount):
+    def to_str(self):
+        dflt = super(AmazonCognitoAccount, self).to_str()
+
+        return self.account.extra_data.get("username", dflt)
+
+    def get_avatar_url(self):
+        return self.account.extra_data.get("picture")
+
+    def get_profile_url(self):
+        return self.account.extra_data.get("profile")
+
+
+class AmazonCognitoProvider(OAuth2Provider):
+    id = "amazon_cognito"
+    name = "Amazon Cognito"
+    account_class = AmazonCognitoAccount
+
+    def extract_uid(self, data):
+        return str(data["sub"])
+
+    def extract_common_fields(self, data):
+        return {
+            "email": data.get("email"),
+            "first_name": data.get("given_name"),
+            "last_name": data.get("family_name"),
+        }
+
+    def get_default_scope(self):
+        return ["openid", "profile", "email"]
+
+    def extract_email_addresses(self, data):
+        email = data.get("email")
+        verified = convert_to_python_bool_if_value_is_json_string_bool(
+            data.get("email_verified", False)
+        )
+
+        return (
+            [EmailAddress(email=email, verified=verified, primary=True)]
+            if email
+            else []
+        )
+
+    def extract_extra_data(self, data):
+        return {
+            "address": data.get("address"),
+            "birthdate": data.get("birthdate"),
+            "gender": data.get("gender"),
+            "locale": data.get("locale"),
+            "middlename": data.get("middlename"),
+            "nickname": data.get("nickname"),
+            "phone_number": data.get("phone_number"),
+            "phone_number_verified": convert_to_python_bool_if_value_is_json_string_bool(
+                data.get("phone_number_verified")
+            ),
+            "picture": data.get("picture"),
+            "preferred_username": data.get("preferred_username"),
+            "profile": data.get("profile"),
+            "website": data.get("website"),
+            "zoneinfo": data.get("zoneinfo"),
+        }
+
+    @classmethod
+    def get_slug(cls):
+        # IMPORTANT: Amazon Cognito does not support `_` characters
+        #            as part of their redirect URI.
+        return super(AmazonCognitoProvider, cls).get_slug().replace("_", "-")
+
+
+provider_classes = [AmazonCognitoProvider]

venv/lib/python3.12/site-packages/allauth/socialaccount/providers/amazon_cognito/tests.py

@@ -0,0 +1,69 @@
+import json
+
+from django.test import override_settings
+
+from allauth.account.models import EmailAddress
+from allauth.socialaccount.models import SocialAccount
+from allauth.socialaccount.providers.amazon_cognito.provider import (
+    AmazonCognitoProvider,
+)
+from allauth.socialaccount.providers.amazon_cognito.views import (
+    AmazonCognitoOAuth2Adapter,
+)
+from allauth.socialaccount.tests import OAuth2TestsMixin
+from allauth.tests import MockedResponse, TestCase
+
+
+def _get_mocked_claims():
+    return {
+        "sub": "4993b410-8a1b-4c36-b843-a9c1a697e6b7",
+        "given_name": "John",
+        "family_name": "Doe",
+        "email": "jdoe@example.com",
+        "username": "johndoe",
+    }
+
+
+@override_settings(
+    SOCIALACCOUNT_PROVIDERS={
+        "amazon_cognito": {"DOMAIN": "https://domain.auth.us-east-1.amazoncognito.com"}
+    }
+)
+class AmazonCognitoTestCase(OAuth2TestsMixin, TestCase):
+    provider_id = AmazonCognitoProvider.id
+
+    def get_mocked_response(self):
+        mocked_payload = json.dumps(_get_mocked_claims())
+
+        return MockedResponse(status_code=200, content=mocked_payload)
+
+    @override_settings(SOCIALACCOUNT_PROVIDERS={"amazon_cognito": {}})
+    def test_oauth2_adapter_raises_if_domain_settings_is_missing(
+        self,
+    ):
+        mocked_response = self.get_mocked_response()
+
+        with self.assertRaises(
+            ValueError,
+            msg=AmazonCognitoOAuth2Adapter.DOMAIN_KEY_MISSING_ERROR,
+        ):
+            self.login(mocked_response)
+
+    def test_saves_email_as_verified_if_email_is_verified_in_cognito(
+        self,
+    ):
+        mocked_claims = _get_mocked_claims()
+        mocked_claims["email_verified"] = True
+        mocked_payload = json.dumps(mocked_claims)
+        mocked_response = MockedResponse(status_code=200, content=mocked_payload)
+
+        self.login(mocked_response)
+
+        user_id = SocialAccount.objects.get(uid=mocked_claims["sub"]).user_id
+        email_address = EmailAddress.objects.get(user_id=user_id)
+
+        self.assertEqual(email_address.email, mocked_claims["email"])
+        self.assertTrue(email_address.verified)
+
+    def test_provider_slug_replaces_underscores_with_hyphens(self):
+        self.assertTrue("_" not in self.provider.get_slug())

venv/lib/python3.12/site-packages/allauth/socialaccount/providers/amazon_cognito/urls.py

@@ -0,0 +1,7 @@
+from allauth.socialaccount.providers.amazon_cognito.provider import (
+    AmazonCognitoProvider,
+)
+from allauth.socialaccount.providers.oauth2.urls import default_urlpatterns
+
+
+urlpatterns = default_urlpatterns(AmazonCognitoProvider)

venv/lib/python3.12/site-packages/allauth/socialaccount/providers/amazon_cognito/utils.py

@@ -0,0 +1,7 @@
+def convert_to_python_bool_if_value_is_json_string_bool(s):
+    if s == "true":
+        return True
+    elif s == "false":
+        return False
+
+    return s

venv/lib/python3.12/site-packages/allauth/socialaccount/providers/amazon_cognito/views.py

@@ -0,0 +1,57 @@
+import requests
+
+from allauth.socialaccount import app_settings
+from allauth.socialaccount.providers.amazon_cognito.provider import (
+    AmazonCognitoProvider,
+)
+from allauth.socialaccount.providers.oauth2.views import (
+    OAuth2Adapter,
+    OAuth2CallbackView,
+    OAuth2LoginView,
+)
+
+
+class AmazonCognitoOAuth2Adapter(OAuth2Adapter):
+    provider_id = AmazonCognitoProvider.id
+
+    DOMAIN_KEY_MISSING_ERROR = (
+        '"DOMAIN" key is missing in Amazon Cognito configuration.'
+    )
+
+    @property
+    def settings(self):
+        return app_settings.PROVIDERS.get(self.provider_id, {})
+
+    @property
+    def domain(self):
+        domain = self.settings.get("DOMAIN")
+
+        if domain is None:
+            raise ValueError(self.DOMAIN_KEY_MISSING_ERROR)
+
+        return domain
+
+    @property
+    def access_token_url(self):
+        return "{}/oauth2/token".format(self.domain)
+
+    @property
+    def authorize_url(self):
+        return "{}/oauth2/authorize".format(self.domain)
+
+    @property
+    def profile_url(self):
+        return "{}/oauth2/userInfo".format(self.domain)
+
+    def complete_login(self, request, app, access_token, **kwargs):
+        headers = {
+            "Authorization": "Bearer {}".format(access_token),
+        }
+        extra_data = requests.get(self.profile_url, headers=headers)
+        extra_data.raise_for_status()
+
+        return self.get_provider().sociallogin_from_response(request, extra_data.json())
+
+
+oauth2_login = OAuth2LoginView.adapter_view(AmazonCognitoOAuth2Adapter)
+oauth2_callback = OAuth2CallbackView.adapter_view(AmazonCognitoOAuth2Adapter)