Authorisation with Amazon Cognito

mteichtahl

Hi All,

I am trying to get authorisation working with Amazon Cognito.

JsReport is running inside a Fargate container and functions properly when logging in with the admin user.

Im stuck with how to even approach debugging this.

Im hoping someone may have some hints to assist.

My config (partial) is below.

authentication: {
      cookieSession: {
        secret: SESSION_COOKIE,
      },
      admin: {
        username: ADMIN_USERNAME,
        password: ADMIN_PASSWORD,
      },
      authorizationServer: {
        name: 'Amazon Federate',
        issuer: IDP_ISSUER,
        endpoints: {
          jwks: IDP_JWKS_URI,
          authorization: IDP_AUTHORIZATION_URI,
          token: IDP_TOKEN_URI,
          introspection: IDP_INTROSPECT_URI,
          userinfo: IDP_USERINFO_URI,
        },
        studioClient: {
          clientId: 'xxxx',
          clientSecret: 'xxxx',
        },
        apiResource: {
          clientId: 'xxx',
          clientSecret: 'xxx',
        },
        authorizationRequest: {
          scope: ['openid', 'profile'],
        },
        enabled: true,
      },
      authorization: {
        enabled: true,
      },
    },
    'postgres-store': {
      database: DB_NAME,
      host: DB_HOST,
      port: DB_PORT,
      user: DB_USERNAME,
      password: DB_PASSWORD,
    },

When trying to log in the error I receive is below

Eror during processing request at https://jsreport.dev.reporting.aws-prototyping.cloud/auth-server/callback?error_description=invalid_scope&state=lG3eNy6P7_j3_-GIRjD6t_VFlSuI9uewznQ03o54ZHM&error=invalid_request, details: Error: Authentication with authorization server failed. did not find expected authorization request details in session, req.session["oidc:cognito-idp.us-west-2.amazonaws.com"] is undefined