Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Custom auth flow not working
See original GitHub issueDescribe the bug
Hello,
Right now I am using passwordless login in my app. This one: https://github.com/mobilequickie/amplify-passwordless-sms-auth Works properly. The problem is that to deploy that flow (cognito, lambdas…) I use AWS Serverless Repository. That’s a problem because when I use “amplify push”, I overwrite the configuration, and I have to update all the time awsconfiguration.json manually, moreover, amplify does not see I am using cognito, it thinks I am using api key for auth, which is a problem with S3.
So, I decided adapt that serverless repository to my amplify template files.
After doing “amplify auth add”, selecting cognito and custom auth flow, I modify the files created by amplify to look like: https://github.com/mobilequickie/amplify-passwordless-sms-auth/blob/master/backend/template.yaml
Seems it is working, in the aws console I see my 2 cognito pools and clients are identical, same for the 4 lambda functions, code and triggers setup properly (actually, I had to add pre sign up manually, but not a big deal). When I run everything, I see the lambda functions are called (I see that in cloudwatch),
When I call
AWSMobileClient.default().signUp
works fine, I receive “confirmed”, the user was created.
But when I call:
AWSMobileClient.default().signIn
I receive:
Printing description of error:
▿ Optional<Error>
▿ some : AWSMobileClientError
▿ notAuthorized : 1 element
- message : "Incorrect username or password."
This does not make any sense, because in theory there is no password involved here. We should receive customChallenge and a text message with a code, that we use with AWSMobileClient.default().confirmSignIn to complete the sign in/up.
(when I deploy this using the serverless repository, it works)
There is only one thing that I cannot move to my amplify configuration, and perhaps it is related. This one, in the UserPoolClient section: https://github.com/mobilequickie/amplify-passwordless-sms-auth/blob/master/backend/template.yaml#L130 That is:
ExplicitAuthFlows:
- CUSTOM_AUTH_FLOW_ONLY
It appears amplify is not adding that or something similar to the generated scaffolding, and perhaps that is a bug in the code generator that is inside amplify.
If I add those 2 lines manually into the amplify yaml, then I receive a very strange error when I try to deploy that using “amplify push” or “amplify auth push”. This error:
UPDATE_FAILED authXXXXXtestcd6454bd AWS::CloudFormation::Stack Sun Feb 16 2020 22:42:00 GMT+0000 (Greenwich Mean Time) Embedded stack arn:aws:cloudformation:eu-west-1:186370713163:stack/amplify-XXXXXX-test-dev-191117-authXXXXXXtestcd6454bd-1X33N78FAPZR8/ddf2fa10-5047-11ea-af0c-06d4f42323aa was not successfully updated. Currently in UPDATE_ROLLBACK_IN_PROGRESS with reason: CustomResource attribute error: Vendor response doesn't contain appSecret key in object arn:aws:cloudformation:eu-west-1:186370713163:stack/amplify-XXXXX-test-dev-191117-authXXXXXXtestcd6454bd-1X33N78FAPZR8/ddf2fa10-5047-11ea-af0c-06d4f42323aa|UserPoolClientInputs|784192e0-9301-480c-8a71-50159b86ead0 in S3 bucket cloudformation-custom-resource-storage-euwest1
I don’t see the relationship between “CUSTOM_AUTH_FLOW_ONLY” and “appSecret key”.
Apart from that, I also see something unusal.
When I use the pool that works (serverless repository), between AWSMobileClient.default().signUp and AWSMobileClient.default().signIn there is only 2 seconds, but when I use the pool I created with amplify manually, there are like 5 or 6 seconds. Is it possible that something else is not working and in that case, there is a default timeout that returns a generic error? (invalid username or password)?
Can you help me with that? How should I debug this issue? in cloudwatch I don’t see cognito (only the lambda triggers). Any help to try to debug this problem?
Thanks a lot for your time.
Amplify CLI Version 4.13.3
To Reproduce amplify auth add select custom auth flow. try to setup the passwordless login flow already explained.
Expected behavior Login should happen.
Desktop (please complete the following information):
- OS: Catalina 10.15.3
- Node Version. v13.2.0
Issue Analytics
- State:
- Created 4 years ago
- Comments:5
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@ammarkarachi OK, I think there are several different issues involved in the default structure generated by amplify.
if you change userpoolClientGenerateSecret (parameters.json) from true to false, push, and then from false to true, then you see this error: “CustomResource attribute error: Vendor response doesn’t contain appSecret key in object” but you can fix it removing:
from the yml template.
This issue has been automatically locked since there hasn’t been any recent activity after it was closed. Please open a new issue for related bugs.
Looking for a help forum? We recommend joining the Amplify Community Discord server
*-helpchannels for those types of questions.