pwrdrvr/microapps-core

v0.3 - OIDC / OAuth for CloudFront

Closed this issue · 1 comments

To-Do

  • Allow passing additional edge lambdas to MicroApps construct
  • Pass auth lambda in private deploy
  • Add auth lambda to static routes in private deploys
  • Confirm auth works in dev/qa/prod
  • Fix redirect using state
  • Fix refresh to not logout
  • Add token redirect endpoint
  • Evaluate auth.js as option

Overview

  • Need Lambda Authorizer integration for PwrDrvr internal applications
  • Authorizer demo will be beneficial to consumers of microapps-core
  • OIDC is preferred as it is generally much easier to setup, but SAML is acceptable if no other option can work
  • Federation between Cognito and Google appears to be possible, but potentially as a social login with a domain restriction and not as an App integration in Google Workspace directly (actually it's not clear if social login is possible for a Workspace domain)

Documentation

Remaining work to publish this as a construct moved to #304