amplify-android: Timed out sign-out redirect response while trying to log out

Before opening, please confirm:

I have searched for duplicate or closed issues and discussions.

Language and Async Model

Kotlin

Amplify Categories

Authentication

Gradle script dependencies

// Put output below this line
implementation 'com.amplifyframework:aws-auth-cognito:1.31.2'

Environment information

# Put output below this line
------------------------------------------------------------
Gradle 7.4.2
------------------------------------------------------------

Build time:   2022-03-31 15:25:29 UTC
Revision:     540473b8118064efcc264694cbcaa4b677f61041

Kotlin:       1.5.31
Groovy:       3.0.9
Ant:          Apache Ant(TM) version 1.10.11 compiled on July 10 2021
JVM:          15.0.1 (Oracle Corporation 15.0.1+9-18)
OS:           Mac OS X 10.16 x86_64

Please include any relevant guides or documentation you’re referencing

No response

Describe the bug

Hey! We’ve been facing an issue with a timed out redirect response quite a long time (and it’s present not only in this version). We’ve got Hosted UI for the social sign in, and when we’re trying to log out from the app, we’re getting this error:

AuthException{message=Failed to sign out, cause=com.amazonaws.mobileconnectors.cognitoauth.exceptions.AuthServiceException: Timed out while waiting for sign-out redirect response., recoverySuggestion=See attached exception for more details}
                                                                                                    	at com.amplifyframework.auth.cognito.AWSCognitoAuthPlugin$21.onError(AWSCognitoAuthPlugin.java:1158)
                                                                                                    	at com.amazonaws.mobile.client.internal.ReturningRunnable$1.run(ReturningRunnable.java:47)
                                                                                                    	at java.lang.Thread.run(Thread.java:1012)
                                                                                                    Caused by: com.amazonaws.mobileconnectors.cognitoauth.exceptions.AuthServiceException: Timed out while waiting for sign-out redirect response.
                                                                                                    	at com.amazonaws.mobileconnectors.cognitoauth.AuthClient.endSession(AuthClient.java:358)
                                                                                                    	at com.amazonaws.mobileconnectors.cognitoauth.AuthClient.signOut(AuthClient.java:333)
                                                                                                    	at com.amazonaws.mobileconnectors.cognitoauth.AuthClient.signOut(AuthClient.java:317)
                                                                                                    	at com.amazonaws.mobileconnectors.cognitoauth.Auth.signOut(Auth.java:718)

It applies to 30-50% of all sessions, and we’re getting an annoying blink of a browser. Recently we started developing a logging out functionality for the blocked users and it occurs all the time for all sessions, so it became more crucial. So we’re getting Unathorized:

NotAuthorizedException{message=Failed since user is not authorized., cause=com.amazonaws.services.cognitoidentityprovider.model.NotAuthorizedException: User is disabled.

Then it seems like Cognito tries to open CustomTabsManagerActivity:

START u0 {flg=0x50000000 cmp=com.xxxx/com.amazonaws.mobileconnectors.cognitoauth.activities.CustomTabsManagerActivity (has extras)} from uid 10161

And after 10 seconds it just fails with the exception:

AuthException{message=Failed to sign out, cause=com.amazonaws.mobileconnectors.cognitoauth.exceptions.AuthServiceException: Timed out while waiting for sign-out redirect response.

What I’ve tried so far:

Remove a part with <activity android:name="com.amplifyframework.auth.cognito.activities.HostedUIRedirectActivity" android:exported="true">. Everything works great in terms of log out, no issues or timeouts, but SSO redirects obviously don’t work at all also, so it’s not a suitable option 😄
Change ‘Allowed sign-out URLs’ in console to “[name_of_my_app]😕/signout” and assign it to a separate activity as it described here - https://docs.amplify.aws/lib/auth/social/q/platform/android/#update-androidmanifestxml. Currently we have the same URL for Allowed callback URLs and Allowed sign-out URLs in the console, so I thought that maybe creating a new one and assigning to a separate, not CustomTabsManagerActivity, activity would work. Nothing changed, timeouts are still with us.

It seems like it log outs normally, so it’s rather the issue with the redirect. But there is no problem with the redirect from SSO, while they have the same URL… Console is configured, Amplify configuration file is present and it has the same links as in the console, so I’m pretty sure that I didn’t miss something.

So what can I do with it?

Reproduction steps (if applicable)

No response

Code Snippet

Manifest file:

<queries>
        <intent>
            <action android:name=
                "android.support.customtabs.action.CustomTabsService" />
        </intent>
    </queries>

<activity
            android:name="com.amplifyframework.auth.cognito.activities.HostedUIRedirectActivity"
            android:exported="true">
            <intent-filter>
                <action android:name="android.intent.action.VIEW" />
                <category android:name="android.intent.category.DEFAULT" />
                <category android:name="android.intent.category.BROWSABLE" />
                <data android:scheme="@string/app_callback_scheme" />
            </intent-filter>
        </activity>

Log output

// Put your logs below this line

amplifyconfiguration.json

No response

GraphQL Schema

// Put your schema below this line

Additional information and screenshots

No response

About this issue

Original URL
State: closed
Created 2 years ago
Reactions: 4
Comments: 15 (6 by maintainers)

Most upvoted comments

@tylerjroach hey! I’ve migrated the project to v2 and now it works awesome! 🥇 No timeouts for usual sign outs and for blocked/removed users as well, so I can confirm your words about not buggy behaviour! Thank you so much for the updates and support in this issue 😃

PineapplePie on Dec 9, 2022

Hi @PineapplePie thank you for posting this issue. I will be in touch once I have been to reproduce this. Thank you.

gpanshu on Oct 28, 2022

@PineapplePie Can you describe the flash/blink you are seeing?

What I describe as a flash on the screen is a rapid creation and destruction of the CustomTab immediately after initiating the signOutcall. This indicates the sign out successfully completed on the browser, and redirected back into the activity to continue the rest of the sign out flow.

We have a similar report where signOut timeouts were occurring due to the CustomTab not automatically closing. I’ve verified this as a potential bug with Firefox and will continue to look into this.

However, we just released v2 of Amplify Library for Android. Web authentication has been rewritten with significant changes, and I do not see the buggy behavior with our updated library. If upgrading is an option for you, please let me know if the issue is resolved with v2.0.0.

tylerjroach on Nov 18, 2022

I am having the same issue… is there any workdaround to sign out user for now?

zeroarst on Oct 14, 2022