PHPackages awallef/cakephp-cognito-auth - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. awallef/cakephp-cognito-auth ActiveCakephp-plugin awallef/cakephp-cognito-auth ============================ CakePHP AWS cognito auth 3.4.0.2(8y ago)078PHPPHP >=5.5.9 Since Jul 28Pushed 8y ago1 watchersCompare [ Source](https://github.com/awallef/cakephp-cognito-auth)[ Packagist](https://packagist.org/packages/awallef/cakephp-cognito-auth)[ RSS](/packages/awallef-cakephp-cognito-auth/feed)WikiDiscussions master Synced 2mo ago READMEChangelog (3)Dependencies (2)Versions (4)Used By (0) cakephp-cognito-auth plugin for CakePHP ======================================= [](#cakephp-cognito-auth-plugin-for-cakephp) This plugin allows you auth cognito users Installation ------------ [](#installation) You can install this plugin into your CakePHP application using [composer](http://getcomposer.org). The recommended way to install composer packages is: ``` composer require awallef/cakephp-cognito-auth ``` Configure --------- [](#configure) ### From [](#from) Configure your auth component with your aws credentials & info ``` 'loginAction' => false, // as u want 'unauthorizedRedirect' => false, // as u want 'checkAuthIn' => 'Controller.initialize', // depends where u want it 'storage' => 'Session', // as u want // Authenticate 'authenticate' => [ 'Awallef/CognitoAuth.Form' => [ // AWS - REQUIRED 'region' => 'eu-central-1', 'credentials' => [ 'key' => 'XX', 'secret' => 'XX', ], 'userPoolId' => 'eu-central-1_XX', 'clientId' => 'XX', 'clientSecret' => 'XX', // traditional stuff - OPTIONAL ( here default values ) 'fields' => [ 'username' => 'username', 'password' => 'password' ], 'userModel' => 'Users', 'scope' => [], 'finder' => 'all', 'contain' => null, 'passwordHasher' => 'Default', // create users - OPTIONAL ( here default values ) see User model below 'create' => false, // Groups management - OPTIONAL ( here default values ) whether you want to keep an array or not 'groupImplode' => true, 'groupImplodeGlue' => ',', // renaming - OPTIONAL ( here default values + sepcial is_superuser ) 'fieldsMapping' => [ 'Username' => 'username', 'Enabled' => 'is_active', 'UserStatus' => 'status', 'sub' => 'id', 'Groups' => 'role', 'new key' => 'is_superuser', // in order to use cakeDC/Auth ] // values functions - OPTIONAL ( default value is [] ) triggered after fieldsMapping (renaming) 'valuesPostOperations' => [ 'role' => function($user, $value){ return empty($user['role'])? 'no role': $user['role']; }, 'is_superuser' => function($user, $value){ return (is_string($user['role']) && $user['role'] == 'superuser'); }, ], ], ] ``` ### Basic [](#basic) Configure your auth component with your aws credentials & info ``` 'loginAction' => false, 'unauthorizedRedirect' => false, 'checkAuthIn' => 'Controller.initialize', 'storage' => 'Memory', // means you ask aws for each query... so I suggest you to use my plugin cakephp-redis /* so once Basic grant access, you'll find X-Token header with your token * then add this X-Token hader with value Bearer XXX ( the previous token ) * so storage keep you session in redis instead of asking for new grant access 'storage' => [ 'className' => 'Awallef/Redis.Redis', 'redis' => [ 'prefix' => 'your_app_id:token:', ] ], */ // Authenticate 'authenticate' => [ 'Awallef/CognitoAuth.Basic' => [ // AWS - REQUIRED 'region' => 'eu-central-1', 'credentials' => [ 'key' => 'XX', 'secret' => 'XX', ], 'userPoolId' => 'eu-central-1_XX', 'clientId' => 'XX', 'clientSecret' => 'XX', // traditional stuff - OPTIONAL ( here default values ) 'fields' => [ 'username' => 'username', 'password' => 'password' ], 'userModel' => 'Users', 'scope' => [], 'finder' => 'all', 'contain' => null, 'passwordHasher' => 'Default', // create users - OPTIONAL ( here default values ) see User model below 'create' => false, // Groups management - OPTIONAL ( here default values ) whether you want to keep an array or not 'groupImplode' => true, 'groupImplodeGlue' => ',', // renaming - OPTIONAL ( here default values + sepcial is_superuser ) 'fieldsMapping' => [ 'Username' => 'username', 'Enabled' => 'is_active', 'UserStatus' => 'status', 'sub' => 'id', 'Groups' => 'role', 'new key' => 'is_superuser', // in order to use cakeDC/Auth ] // values functions - OPTIONAL ( default value is [] ) triggered after fieldsMapping (renaming) 'valuesPostOperations' => [ 'role' => function($user, $value){ return empty($user['role'])? 'no role': $user['role']; }, 'is_superuser' => function($user, $value){ return (is_string($user['role']) && $user['role'] == 'superuser'); }, ], ], ] ``` User Model ---------- [](#user-model) you can create a copy of the user in your system by setting create config argument to true ``` // auth settings ... // create users - OPTIONAL 'create' => true, ... ``` So you will need a User Model that matches aws fields or by using fieldsMapping argument congito-auth needs to have write permission on id if you rename AWS 'sub' filed into id ``` // auth settings ... 'fieldsMapping' => [ 'Username' => 'username', 'Enabled' => 'is_active', 'UserStatus' => 'status', 'sub' => 'id', 'Groups' => 'role' ], ... ``` Model Entity: ``` protected $_accessible = [ '*' => true, 'id' => true ]; ``` Challenge --------- [](#challenge) if you recieve a challenge error such as: ``` SMS_MFA PASSWORD_VERIFIER ADMIN_NO_SRP_AUTH NEW_PASSWORD_REQUIRED ``` redirect, or ask user to provide responses in request data object: ``` // + username + password => required // 'USERNAME' and 'SECRET_HASH' => will be filled for you $request->data['Challenge']['responses'] // must be filled ``` please refer to : [aws php SDK](http://docs.aws.amazon.com/aws-sdk-php/v3/api/api-cognito-idp-2016-04-18.html#adminrespondtoauthchallenge) #adminrespondtoauthchallenge ### Health Score 27 — LowBetter than 49% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity9 Limited adoption so far Community7 Small or concentrated contributor base Maturity60 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~2 days Total 3 Last Release 3208d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/e3a1da2aecf796ac1e96bcf4ca27b43c140f29c91e90f7e24eaf7f8cb0ff9507?d=identicon)[awallef](/maintainers/awallef) --- Top Contributors [![awallef](https://avatars.githubusercontent.com/u/1070992?v=4)](https://github.com/awallef "awallef (8 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/awallef-cakephp-cognito-auth/health.svg) ``` [![Health](https://phpackages.com/badges/awallef-cakephp-cognito-auth/health.svg)](https://phpackages.com/packages/awallef-cakephp-cognito-auth) ``` ### Alternatives [friendsofcake/cakepdf CakePHP plugin for creating and/or rendering Pdfs, several Pdf engines supported. 3752.1M3](/packages/friendsofcake-cakepdf)[cakephp/bake Bake plugin for CakePHP 11211.2M158](/packages/cakephp-bake)[dereuromark/cakephp-tools A CakePHP plugin containing lots of useful and reusable tools 338920.1k32](/packages/dereuromark-cakephp-tools)[dereuromark/cakephp-queue The Queue plugin for CakePHP provides deferred task execution. 308850.3k14](/packages/dereuromark-cakephp-queue)[dereuromark/cakephp-ide-helper CakePHP IdeHelper Plugin to improve auto-completion 1862.1M27](/packages/dereuromark-cakephp-ide-helper)[dereuromark/cakephp-tinyauth A CakePHP plugin to handle user authentication and authorization the easy way. 129228.6k10](/packages/dereuromark-cakephp-tinyauth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)