amplify-js: `PASSWORD_VERIFIER` challenge fails if `Auth` uses the default authentication flow: `USER_SRP_AUTH`
Before opening, please confirm:
- I have searched for duplicate or closed issues and discussions.
- I have read the guide for submitting bug reports.
- I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.
JavaScript Framework
Solid JS
Amplify APIs
Authentication
Amplify Categories
auth
Environment information
# Put output below this line
System:
OS: macOS 13.2.1
CPU: (8) arm64 Apple M1
Memory: 1.16 GB / 16.00 GB
Shell: 5.8.1 - /bin/zsh
Binaries:
Node: 19.7.0 - /opt/homebrew/bin/node
npm: 9.5.0 - /opt/homebrew/bin/npm
Browsers:
Chrome: 110.0.5481.77
Firefox: 110.0
Safari: 16.3
npmPackages:
@aws-amplify/auth: ^5.1.10 => 5.1.10
@aws-amplify/core: ^5.0.16 => 5.0.16
@babel/core: ^7.20.2 => 7.21.0 (7.12.9)
@halo-lab/future: ^0.0.5 => 0.0.5
@okikio/sharedworker: ^1.0.4 => 1.0.4
@solid-primitives/intersection-observer: ^2.0.3 => 2.0.6
@solid-primitives/resize-observer: ^2.0.7 => 2.0.9
@solid-primitives/scroll: ^2.0.6 => 2.0.8
@solidjs/meta: ^0.28.2 => 0.28.2
@solidjs/router: ^0.6.0 => 0.6.0
@storybook/addon-actions: ^6.5.16 => 6.5.16
@storybook/addon-essentials: ^6.5.16 => 6.5.16
@storybook/addon-interactions: ^6.5.16 => 6.5.16
@storybook/addon-links: ^6.5.16 => 6.5.16
@storybook/builder-vite: ^0.4.2 => 0.4.2
@storybook/html: ^6.5.16 => 6.5.16
@storybook/testing-library: ^0.0.13 => 0.0.13
@types/sharedworker: ^0.0.91 => 0.0.91
amazon-cognito-identity-js: ^6.1.2 => 6.1.2
autoprefixer: ^10.4.13 => 10.4.13 (9.8.8)
babel-loader: ^8.3.0 => 8.3.0
bowser: ^2.11.0 => 2.11.0
jwt-decode: ^3.1.2 => 3.1.2
postcss: ^8.4.19 => 8.4.21 (7.0.39)
prettier: ^2.7.1 => 2.8.4 (2.3.0)
rxjs: ^7.8.0 => 7.8.0
rxjs/ajax: undefined ()
rxjs/fetch: undefined ()
rxjs/operators: undefined ()
rxjs/testing: undefined ()
rxjs/webSocket: undefined ()
solid-js: ^1.6.11 => 1.6.11
solid-js/h: undefined ()
solid-js/h/jsx-dev-runtime: undefined ()
solid-js/h/jsx-runtime: undefined ()
solid-js/html: undefined ()
solid-js/store: undefined ()
solid-js/universal: undefined ()
solid-js/web: undefined ()
tailwind-scrollbar: ^2.1.0 => 2.1.0
tailwindcss: ^3.2.4 => 3.2.7
ts-brand: ^0.0.2 => 0.0.2
tslib: ^2.4.1 => 2.5.0 (1.14.1)
typescript: ^4.9.3 => 4.9.5
vite: ^4.0.0 => 4.1.4
vite-plugin-solid: ^2.5.0 => 2.5.0
vite-plugin-solid-svg: ^0.6.0 => 0.6.0
zustand: ^4.3.2 => 4.3.4
npmGlobalPackages:
npm: 9.5.0
Describe the bug
By using the Auth.signIn method the first request InitiateAuth succeeds and the next PASSWORD_VERIFIER fails with NotAuthorizedException. When I provide config for the Auth module:
Auth.configure({
authenticationFlowType: 'USER_PASSWORD_AUTH',
});
the Auth.signIn succeeds and the signIn event is fired.
Federated login (Google, Facebook) works as expected.
Expected behavior
I expect the USER_SRP_AUTH flow to work correctly without triggering error.
Reproduction steps
I don’t have special reproduction steps. You can bootstrap a simple application and try to login with email and password.
Code Snippet
// Put your code below this line.
Log output
// Put your logs below this line
[Log] [DEBUG] 28:28.459 Amplify - amplify config (chunk-Y37TKAW5.js, line 4532)
{
Auth: {
oauth: {
domain: "e*********.amazoncognito.com"
redirectSignIn: "https://localhost:3000/account/external"
redirectSignOut: "https://localhost:3000/my"
responseType: "code"
},
region: "u********"
userPoolId: "u**********"
userPoolWebClientId: "1************l"
}
}
[Log] [DEBUG] 28:28.460 I18n - configure I18n (chunk-Y37TKAW5.js, line 4522)
[Log] [DEBUG] 28:28.460 I18n - create I18n instance (chunk-Y37TKAW5.js, line 4522)
[Log] [DEBUG] 28:28.461 AuthClass - configure Auth (chunk-Y37TKAW5.js, line 4522)
[Log] [DEBUG] 28:28.461 Parser - parse config – [Object, "to amplifyconfig", Object] (3) (chunk-Y37TKAW5.js, line 4532)
[Object, "to amplifyconfig", Object]Array (3)
[Log] [DEBUG] 28:28.462 Hub - Dispatching to auth with – {event: "parsingCallbackUrl", data: {url: "https://localhost:3000/my"}, message: "The callback url is being parsed"} (chunk-Y37TKAW5.js, line 4532)
[Log] [DEBUG] 28:28.463 Hub - Dispatching to auth with – {event: "parsingCallbackUrl", data: {url: "https://localhost:3000/my"}, message: "The callback url is being parsed"} (chunk-Y37TKAW5.js, line 4532)
[Log] [DEBUG] 28:28.465 Hub - Dispatching to auth with – {event: "configured", data: null, message: "The Auth category has been configured successfully"} (chunk-Y37TKAW5.js, line 4532)
[Log] [DEBUG] 28:28.465 Hub - Dispatching to auth with – {event: "configured", data: null, message: "The Auth category has been configured successfully"} (chunk-Y37TKAW5.js, line 4532)
[Log] [DEBUG] 28:28.466 AuthClass - configure Auth (chunk-Y37TKAW5.js, line 4522)
[Log] [DEBUG] 28:28.466 Parser - parse config – [{}, "to amplifyconfig", Object] (3) (chunk-Y37TKAW5.js, line 4532)
[{}, "to amplifyconfig", Object]Array (3)
[Log] [DEBUG] 28:28.466 Hub - Dispatching to auth with – {event: "parsingCallbackUrl", data: {url: "https://localhost:3000/my"}, message: "The callback url is being parsed"} (chunk-Y37TKAW5.js, line 4532)
[Log] [DEBUG] 28:28.467 Hub - Dispatching to auth with – {event: "parsingCallbackUrl", data: {url: "https://localhost:3000/my"}, message: "The callback url is being parsed"} (chunk-Y37TKAW5.js, line 4532)
[Log] [DEBUG] 28:28.467 Hub - Dispatching to auth with – {event: "configured", data: null, message: "The Auth category has been configured successfully"} (chunk-Y37TKAW5.js, line 4532)
[Log] [DEBUG] 28:28.467 Hub - Dispatching to auth with – {event: "configured", data: null, message: "The Auth category has been configured successfully"} (chunk-Y37TKAW5.js, line 4532)
[Error] Failed to load resource: the server responded with a status of 400 () (cognito-idp.u********.amazonaws.com, line 0)
[Log] [DEBUG] 28:52.810 AuthClass - signIn failure – NotAuthorizedException: Incorrect username or password. (chunk-Y37TKAW5.js, line 4532)
NotAuthorizedException: Incorrect username or password.
[Log] [DEBUG] 28:52.811 Hub - Dispatching to auth with – {event: "signIn_failure", data: NotAuthorizedException: Incorrect username or password., message: "4c9508e7-c5ca-497f-9898-122a6befab8f failed to signin"} (chunk-Y37TKAW5.js, line 4532)
{event: "signIn_failure", data: NotAuthorizedException: Incorrect username or password., message: "4c9508e7-c5ca-497f-9898-122a6befab8f failed to signin"}
[Log] [DEBUG] 28:52.812 Hub - Dispatching to auth with – {event: "signIn_failure", data: NotAuthorizedException: Incorrect username or password., message: "4c9508e7-c5ca-497f-9898-122a6befab8f failed to signin"} (chunk-Y37TKAW5.js, line 4532)
{event: "signIn_failure", data: NotAuthorizedException: Incorrect username or password., message: "4c9508e7-c5ca-497f-9898-122a6befab8f failed to signin"}
aws-exports.js
No response
Manual configuration
Amplify.configure({
Auth: {
region:"u********",
userPoolId: "u********",
userPoolWebClientId: "1************l",
oauth: {
domain: "e*********.amazoncognito.com",
responseType: 'code',
redirectSignIn: `${location.origin}/account/external`,
redirectSignOut: `${location.origin}/my`,
},
},
});
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response
About this issue
- Original URL
- State: closed
- Created a year ago
- Comments: 28 (13 by maintainers)
The problem was with incorrect environment variable which contained incorrect user pool ID. This is very stupid mistake from my side. Everything works correctly now. @nadetastic thanks for your investigations and trying to help 😊 I may not like amplify that much but I can say that I love the team behind it, because every tool has bugs but not every team strives to help users with their problems 👍
Received - will work to reproduce and follow here with my findings
Hello. @nadetastic @ak-en I have sent you an invitation to the repo.
@nadetastic Thanks. Got it, will do.