register: secret hash issue #105
Comments
|
We are already passing username argument to the I don't know if you are maintaining this library (and saw that 15 PR's are waiting) but if you accept I can create another one to fix this issue. |
alastairmccormack
pushed a commit
to alastairmccormack/pycognito
that referenced
this issue
Feb 15, 2022
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.2.5 to 7.0.1. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@6.2.5...7.0.1) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I have an app pool with a client secret and either I'm doing something wrong, or i've uncovered an issue with the register() method when requiring a client secret.
The instructions for instantiating the Cognito object for register do not include the username parameter (which makes sense, since you are trying to create one). So self.username is None.
However, the register method calls:
self._add_secret_hash(params, 'SecretHash')
which if you follow the tree is trying to hash self.username + client id + client secret.
BEFORE it creates the user, so it throws a null reference exception.
I think that the readme needs to state that if you have a client secret, you need to include the username when you instantiate Cognito (or alternatively, modify the implementation to populate the self.username from the one passed in on the register() method BEFORE trying to add secret hash.
The text was updated successfully, but these errors were encountered: