amplify-js: Error: Native crypto module could not be used to get secure random number.

Describe the bug I’m using the serverless.com framework together with: "amazon-cognito-identity-js": "^4.5.2" and I still get the error: Error: Native crypto module could not be used to get secure random number. even though it was supposed to be fixed in version 3.2.0.

It happens when I use the CognitoUser.authenticateUser method. Any updates on this issue?

About this issue

Original URL
State: closed
Created 4 years ago
Reactions: 18
Comments: 64 (25 by maintainers)

Commits related to this issue

build: fix Amazon issue #7098. Use aws-amplify@unstable, and include global.crypto = require('crypto') at the top of signin modules. https://github.com/aws-amplify/amplify-js/issues/7098 — committed to JimStockwell/rebalance by JimStockwell 4 years ago

Most upvoted comments

I am still experiencing this error with Angular 11 when running ng-serve, and @aws-amplify/auth.

Warning: ./node_modules/amazon-cognito-identity-js/es/utils/cryptoSecureRandomInt.js
Module not found: Error: Can't resolve 'crypto' in '/Users/mattijs/www/earnr/earnr-dashboard/node_modules/amazon-cognito-identity-js/es/utils'

I have tried installing "amazon-cognito-identity-js": "^4.5.4-unstable.6",

"compilerOptions": {
    "baseUrl": "./",
    "paths": {
      "crypto": [
        "../../node_modules/crypto-js"
      ]
    },

and installing latest ampliy/core, auth and pubsub. Nothing works.

I can’t use require, TS compiler is freaking out.

mattiLeBlanc on Nov 26, 2020

Thanks again for the reproduction sample @Ladvace! I have made a small adjustment in this PR that should fix the behavior you’re seeing. It is available to use now with the unstable tag, and we will likely have a release to latest next week.

Can you verify that unstable works for you?

Also, with that fix, it is no longer required to add global.crypto = require('crypto') in your code, as this will handle that automatically.

amhinson on Nov 6, 2020

@mjpaton I fixed/hacked it by doing the following: Adding to polyfill.ts

// Amplify polyfill
(window as any).global = window;
(window as any).process = {};

Adding the following packages to my package.json:

    "@aws-amplify/auth": "^3.4.13",
    "@aws-amplify/core": "^3.8.5",
    "@aws-amplify/pubsub": "^3.2.11",
    "amazon-cognito-identity-js": "^4.5.4-unstable.6",

and added to tsconfig:

"compilerOptions": {
    "baseUrl": "./",
    "paths": {
      "crypto": [
        "../../node_modules/crypto-js"
      ]
    },

I am still getting warnings:

but Auth seems to be working. What is the proper solution for Angular 11?

mattiLeBlanc on Nov 28, 2020

+1 for mattiLeBlanc - starting a new vanilla Angular 11 project, installing Amplify and Auth

mjpaton on Nov 27, 2020

Same issue was coming to me, it was not getting reproduced on my local dev machine, was coming only on my deployed containers. I also upgraded my amazon-cognito-identity-js to 4.5.3. but no luck but finally added global.crypto = require(‘crypto’) in my code resolved the issue. Thanks.

bhavesh-pandey on Nov 3, 2020

Ok will do. Thanks for the follow up! I will update the issue once it is released to latest.

For anyone seeing the same issue using Node, you can get around it by using amazon-cognito-identity-js@unstable and/or aws-amplify@unstable and setting global.crypto = require('crypto') at the top of the file before any imports.

amhinson on Nov 2, 2020

@amhinson Thanks so much Great Help !! I figured out where to add global.crypto = require(‘crypto’) . We have to added this to top of the very first test file in the test folder .

pathiyilnaveen on Nov 3, 2020

No, you shouldn’t have to add crypto, as it is included with Node by default now.

What version of Node are you using?
Just to verify, did you add global.crypto = require('crypto') above all of the require on line 1?
Could you try updating to the latest version (3.3.7) of Amplify?

amhinson on Nov 3, 2020