AWS Cognito fails with redirect_mismath


#1

Hi all -

I believe I have everything configured properly to use AWS cognito on an ec2 machine running ubuntu. I have a working shinyproxy installation, so the only issue is getting openID to work. This is my current config file:

  openid:
    auth-url: https://shinyproxy.auth.us-east-2.amazoncognito.com/oauth2/author$
    token-url: https://shinyproxy.auth.us-east-2.amazoncognito.com/oauth2/token
    jwks-url: https://cognito-idp.us-east-2.amazonaws.com/us-east-2_Uphts82FW/.$
    client-id: ***
    client-secret: ***

My callback URL is:

https://report.princetontradestudy.org/login/oauth2/code/shinyproxy

I have a load balancer running that is redirecting traffic on port 80 to port 8080. The AWS Cognito will only accept HTTPS callback URLs, so I don’t know if that’s the problem. When I manually run the AWS login command using this URL:


https://shinyproxy.auth.us-east-2.amazoncognito.com/login?response_type=code&client_id=6m7cnh72b09h2cqq8032ldl38l&redirect_uri=https://report.princetontradestudy.org:8080/login/oauth2/code/shinyproxy

I get the following response when I try to log in:

image

Any help much appreciated!


#2

Woo I figured it out! This error was caused by an incorrect SSL certificate. I had one set up for the root domain but not a subdomain that was mapped to the app/load balancer.