This repository has been archived by the owner on Apr 13, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 159
/
Copy pathprovision-user.py
86 lines (73 loc) · 1.77 KB
/
provision-user.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
"""
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
"""
import boto3
import sys
import json
'''
example run:
python3 provision-user.py <UserPoolId> <ClientId> <Region>
python3 provision-user.py us-west-2_yk8jbgpWM 12pgvi3gsl32qp9h8lg130arr0 us-west-2
'''
client = boto3.client('cognito-idp', region_name=sys.argv[3])
USERNAME = 'workshopuser'
response = client.admin_create_user(
UserPoolId=sys.argv[1],
Username=USERNAME,
UserAttributes=[
{
'Name': 'email',
'Value': 'dummy@email.com'
},
{
'Name': 'email_verified',
'Value': 'True'
},
{
'Name': 'custom:tenantId',
'Value': 'tenant1'
}
],
ValidationData=[
{
'Name': 'email',
'Value': 'dummy@email.com'
}
],
TemporaryPassword='Master123!',
MessageAction='SUPPRESS'
)
response = client.initiate_auth(
AuthFlow='USER_PASSWORD_AUTH',
AuthParameters={
'USERNAME': USERNAME,
'PASSWORD': 'Master123!'
},
ClientId=sys.argv[2]
)
sessionid = response['Session']
response = client.respond_to_auth_challenge(
ClientId=sys.argv[2],
ChallengeName='NEW_PASSWORD_REQUIRED',
Session=sessionid,
ChallengeResponses={
'USERNAME': USERNAME,
'NEW_PASSWORD': 'Master123!'
}
)
response = client.admin_add_user_to_group(
UserPoolId=sys.argv[1],
Username=USERNAME,
GroupName='practitioner'
)
response = client.initiate_auth(
AuthFlow='USER_PASSWORD_AUTH',
AuthParameters={
'USERNAME': USERNAME,
'PASSWORD': 'Master123!'
},
ClientId=sys.argv[2]
)
id_token = response['AuthenticationResult']['IdToken']
print(id_token)