Fork me on GitHub
Ben Hammond16:08:52

Hi. I am trying to hook into AWS Cognito to exchange an authorization code for an id_token using #pedestal I have found that I can cobble something together using raw `org.eclipse.jetty.client.HttpClient` like this

(defn logged-in [request]
  (println "logged-in")
  (prn request)
  (let [cli (doto (HttpClient. (SslContextFactory$Client. true)) (.start))
        req (doto
            (.POST cli "")
              (.content (FormContentProvider.
                         (doto (Fields.)
                           (.add "grant_type" "authorization_code")
                           (.add "client_id" "*****")
                           (.add "code" (get-in request [:params :code]))
                           (.add "redirect_uri" ""))))
        ^ContentResponse cr (.send req)
    (clojure.pprint/pprint cr)
    (println (.getContentAsString cr))
but this seems a bit ugly but I don't want to introduce a new `clj-http` library just to extract id_token; mostly I am using `` libraries Is that a cognitect api library function that will exchange authorization codes for id_tokens (that I've not found)? Is there some more elegant way to run this code? I imagine it must be a fairly common thing to do... (cross-posted from #pedestal without waiting very long... hope that's ok)


cognitect aws-api only deals with AWS service APIs -- anything like oAuth is like an application level thing


(same thing interacting with ECR -- creating ECR repos is an amazon api, but using the docker registry that it created is an application thing)


@ben.hammond You could use the http client that cognitect/aws-api uses? I'm not sure if the client was ever documented.


please don't use that

Ben Hammond19:08:49

I did consider it for 10 mins

Ben Hammond19:08:25

Jetty one or the new java one is fine


@ghadi What ever happened with the cognitect http-client? I vaguely recall hints that it would be open sourced at some point. Is that still the eventual plan?

Alex Miller (Clojure team)19:08:11

It is open source - the source is in the jar


Hmm, I thought it originally was licensed such that it wasn't open source. Are there plans to publish it as a project with documentation?

Alex Miller (Clojure team)20:08:29

it has always been open source afaik. I do not think there are any plans to publish it as a project (but not really my area)

Alex Miller (Clojure team)20:08:10

all versions on Maven central include source, and it's licensed Apache 2


What alex said. It's always been open-source, and has a narrow scope, not a general purpose http lib, like you'd want for aws api