LocalUserMapper throwing an exception when given IdToken representing unknown local user

[malkovro]

Issue

Currently the LocalUserMapper will fail if provided an idToken and if the callback find_by_cognito_attribute on the UserRepository returned nil.

This is because the gem is trying to fetch the CognitoUser using the token as an accessToken to provide it as input of the after_local_user_not_found callback.

[malkovro]

Potential Solution

Prevent the call to Cognito and returned an error before hand. We can check if the token passed is an idToken by looking at the token_use attribute on it.

Ref: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html#amazon-cognito-user-pools-using-the-id-token

Maybe we should change the input of the callback after_local_user_not_found to accept a PORO representing the user because the id token is supposed to contain all user attributes and such object could be hydrated without having to call Cognito.