3ev/feature/734 cognito ammends

config/cognito.php

@@ -32,6 +32,8 @@
     'app_client_id'     => env('AWS_COGNITO_CLIENT_ID'),
     'app_client_secret' => env('AWS_COGNITO_CLIENT_SECRET'),
     'user_pool_id'      => env('AWS_COGNITO_USER_POOL_ID'),
+    'scheme'            => env('AWS_COGNITO_SCHEME', 'https'),
+    'endpoint'          => env('AWS_COGNITO_ENDPOINT'),
     'region'            => env('AWS_COGNITO_REGION', 'us-east-1'),
     'version'           => env('AWS_COGNITO_VERSION', 'latest'),
 

src/Auth/RefreshToken.php

@@ -23,7 +23,6 @@
 
 use Exception;
 use Illuminate\Validation\ValidationException;
-use Ellaisys\Cognito\Exceptions\AwsCognitoException;
 use Symfony\Component\HttpKernel\Exception\HttpException;
 use Aws\CognitoIdentityProvider\Exception\CognitoIdentityProviderException;
 
@@ -56,9 +55,10 @@ public function __construct(AwsCognito $cognito) {
      *
      * @return mixed
      */
-    public function refresh(Request $request, string $paramUsername='email', string $paramRefreshToken='refresh_token')
+    public function refresh(Request $request, string $paramUsername='email', string $paramRefreshToken='refresh_token', string $authGuard = 'api', mixed $user = null)
     {
         try {
+            $userSubId = null;
 
             if ($request instanceof Request) {
                 //Validate request
@@ -74,24 +74,32 @@ public function refresh(Request $request, string $paramUsername='email', string
             //Create AWS Cognito Client
             $client = app()->make(AwsCognitoClient::class);
 
-            //Get Authenticated user
-            $authUser  = Auth::guard('api')->user();
+            if($user === null) {
+                //Get Authenticated user
+                $authUser = Auth::guard($authGuard)->user();
 
-            //Get User Data
-            $user = $client->getUser($authUser[$paramUsername]);
+                //Get User Data
+                if($user = $client->getUser($authUser[$paramUsername])) {
+                    $userSubId = $user['Username'];
+                }
+            } else {
+                $userSubId = $user?->{config('cognito.user_subject_uuid')};
+            }
 
             //Use username from AWS to refresh token, not email from login!
-            if (!empty($user['Username'])) {
-                $response = $client->refreshToken($user['Username'], $request[$paramRefreshToken]);
+            if (!empty($userSubId)) {
+                $response = $client->refreshToken($userSubId, $request[$paramRefreshToken]);
                 if (empty($response) || empty($response['AuthenticationResult'])) {
                     throw new HttpException(400);
                 } //End if
 
                 //Authenticate User
-                $claim = new AwsCognitoClaim($response, $authUser, 'email');
+                $claim = new AwsCognitoClaim($response, $authUser ?? $user, 'email');
                 if ($claim && $claim instanceof AwsCognitoClaim) { 
                     //Store the token
                     $this->cognito->setClaim($claim)->storeToken();
+                    //Revoke old refresh token
+                    $client->revokeToken($request[$paramRefreshToken]);
 
                     //Return the response object
                     return $claim->getData();    

src/Providers/AwsCognitoServiceProvider.php

@@ -38,7 +38,7 @@
  */
 class AwsCognitoServiceProvider extends ServiceProvider
 {
-    
+
     /**
      * Register the application services.
      *
@@ -87,11 +87,11 @@ protected function registerPublishing()
         if ($this->app->runningInConsole()) {
             //Publish config
             $this->publishes([
-                __DIR__.'/../../config/cognito.php' => $this->app->configPath('cognito.php'),
+                __DIR__ . '/../../config/cognito.php' => $this->app->configPath('cognito.php'),
             ], 'cognito-config');
 
             $this->publishes([
-                __DIR__.'/../../database/migrations' => $this->app->databasePath('migrations'),
+                __DIR__ . '/../../database/migrations' => $this->app->databasePath('migrations'),
             ], 'cognito-migrations');
 
             // $this->publishes([
@@ -111,7 +111,7 @@ protected function registerAliases()
         $this->app->alias('ellaisys.aws.cognito', AwsCognito::class);
     }
 
-    
+
     /**
      * Setup the configuration for Cognito.
      *
@@ -120,7 +120,8 @@ protected function registerAliases()
     protected function configure()
     {
         $this->mergeConfigFrom(
-            __DIR__.'/../../config/cognito.php', 'cognito'
+            __DIR__ . '/../../config/cognito.php',
+            'cognito'
         );
     } //Function ends
 
@@ -191,13 +192,15 @@ protected function registerCognitoProvider()
     {
         $this->app->singleton(AwsCognitoClient::class, function () {
             $aws_config = [
-                'region'      => config('cognito.region'),
-                'version'     => config('cognito.version')
+                'region' => config('cognito.region'),
+                'version' => config('cognito.version'),
+                'endpoint' => config('cognito.endpoint'),
+                'scheme' => config('cognito.scheme')
             ];
 
             //Set AWS Credentials
             $credentials = config('cognito.credentials');
-            if (! empty($credentials['key']) && ! empty($credentials['secret'])) {
+            if (!empty($credentials['key']) && !empty($credentials['secret'])) {
                 $aws_config['credentials'] = Arr::only($credentials, ['key', 'secret', 'token']);
             } //End if
 
@@ -274,7 +277,7 @@ protected function extendApiAuthGuard()
      */
     protected function registerResources()
     {
-        $this->loadViewsFrom(__DIR__.'/../../resources/views', 'cognito');
+        $this->loadViewsFrom(__DIR__ . '/../../resources/views', 'cognito');
     } //Function ends
 
 
@@ -286,8 +289,8 @@ protected function registerResources()
     protected function registerMigrations()
     {
         if (AwsCognito::$runsMigrations && $this->app->runningInConsole()) {
-            $this->loadMigrationsFrom(__DIR__.'/../../database/migrations');
+            $this->loadMigrationsFrom(__DIR__ . '/../../database/migrations');
         } //End if
     } //Function ends
-    
+
 } //Class ends