Amplify-js: ResourceNotFoundException after deleting anonymous identity from Cognito.

Created on 11 Dec 2018 · 12Comments · Source: aws-amplify/amplify-js

My Expo/React Native app supports both signed-in and anonymous users. I have this code to get the user's IdentityId:

    const userCredentials = await Auth.currentUserCredentials();
    const id = userCredentials.data.IdentityId;
    let name = "anonymous";

    if (userCredentials.authenticated) {
      const userInfo = await Auth.currentUserInfo();
      name = userInfo.attributes.email;
    }

This works fine and I've been using it to test my Expo app (expo v31.0.4) on the iOS Simulator. So here are the steps that caused the problem:

Open a browser and login to AWS.
Go to Cognito/Manage Identity Pools.
Select your identity pool.
Click the "Identity browser" menu item on the left.
Select the anonymous user with the same ID created by the iOS Simulator.
Click the "Delete identity" button on that page.

So I deleted the identity, but in theory this shouldn't be an issue. It's just the anonymous identity -- my expectation is that Amplify will just recreate it if it doesn't exist. But it doesn't. Instead the above code throws an exception when I call Auth.currentUserCredentials():

ResourceNotFoundException: Identity 'us-west-2:b3149f7c-57a8-480b-a97d-95e6582ca370' not found.

Here are some [DEBUG] lines:

[DEBUG] 29:20.721 AuthClass - Getting current user credentials
[DEBUG] 29:20.722 AuthClass - failed to get or parse item aws-amplify-federatedInfo SyntaxError: Unexpected token u in JSON at position 0
    at JSON.parse (<anonymous>)
    at AuthClass.currentUserCredentials (blob:http://127.0.0.1:19001/ff59e96d-d7ba-48a6-8508-2a1cc23b2bbd:183830:30)
    at App.componentWillMount$ (blob:http://127.0.0.1:19001/ff59e96d-d7ba-48a6-8508-2a1cc23b2bbd:144677:68)
    at tryCatch (blob:http://127.0.0.1:19001/ff59e96d-d7ba-48a6-8508-2a1cc23b2bbd:21886:19)
    at Generator.invoke [as _invoke] (blob:http://127.0.0.1:19001/ff59e96d-d7ba-48a6-8508-2a1cc23b2bbd:22061:24)
    at Generator.prototype.(anonymous function) [as next] (blob:http://127.0.0.1:19001/ff59e96d-d7ba-48a6-8508-2a1cc23b2bbd:21929:23)
    at tryCatch (blob:http://127.0.0.1:19001/ff59e96d-d7ba-48a6-8508-2a1cc23b2bbd:21886:19)
    at invoke (blob:http://127.0.0.1:19001/ff59e96d-d7ba-48a6-8508-2a1cc23b2bbd:21962:22)
    at blob:http://127.0.0.1:19001/ff59e96d-d7ba-48a6-8508-2a1cc23b2bbd:21992:13
    at tryCallTwo (blob:http://127.0.0.1:19001/ff59e96d-d7ba-48a6-8508-2a1cc23b2bbd:4209:7)
[DEBUG] 29:20.727 AuthClass - Getting current session
[DEBUG] 29:22.443 AuthClass - Failed to get user from user pool
[DEBUG] 29:22.446 AuthClass - Failed to get the current user No current user
[DEBUG] 29:22.449 AuthClass - getting session failed No current user
[DEBUG] 29:22.451 Credentials - setting credentials for guest
[DEBUG] 29:22.802 Credentials - Failed to load credentials 
[DEBUG] 29:22.819 Credentials - Failed to load credentials CognitoIdentityCredentials {expired: true, expireTime: null, accessKeyId: undefined, sessionToken: undefined, params: {…}, …}
[DEBUG] 21:22.195 AWSPinpointProvider - ensure credentials error Error: Identity 'us-west-2:b3149f7c-57a8-480b-a97d-95e6582ca370' not found.
    at Request.extractError (aws-sdk-core-react-native.js:1854)
    at Request.callListeners (aws-sdk-core-react-native.js:3610)
    at Request.emit (aws-sdk-core-react-native.js:3582)
    at Request.emit (aws-sdk-core-react-native.js:7723)
    at Request.transition (aws-sdk-core-react-native.js:7062)
    at AcceptorStateMachine.runTo (aws-sdk-core-react-native.js:7867)
    at aws-sdk-core-react-native.js:7879
    at Request.<anonymous> (aws-sdk-core-react-native.js:7078)
    at Request.<anonymous> (aws-sdk-core-react-native.js:7725)
    at Request.callListeners (aws-sdk-core-react-native.js:3620)
[DEBUG] 29:22.826 AWSPinpointProvider - cannot send events without credentials, applicationId or region

What's the solution to this problem?

Thanks,
Alvaro

Auth bug

Source

alvaro1728

Most helpful comment

@alvaro1728 - Thanks for digging into this. I'm marking this as a bug and we are investigating further.

haverchuck on 12 Dec 2018

👍2

All 12 comments

@alvaro1728 - Did you manually update the aws-export file or custom Auth config object (whichever you're using)? I''m just wondering what the malformed JSON error might be pointing at.

haverchuck on 11 Dec 2018

@haverchuck - Yes, I've been using my own export file but it was working fine until I deleted that identity from Cognito. (BTW, my own file is an exact copy of the one generated by Amplify with just a few of the IDs changed to point to resources I created manually. Specifically, it points to my own aws_cognito_identity_pool_id, aws_user_pools_id, and aws_user_pools_web_client_id. Those are the only differences.)

Have you been able to duplicate this problem?

Thanks,
Alvaro

alvaro1728 on 11 Dec 2018

@alvaro1728 - I wonder if you still have credentials related to the deleted identity cached in your app?

haverchuck on 11 Dec 2018

@haverchuck Yeah, that's what it looks like. So how do I clear it from the cache programmatically? (Cache.getAllKeys() returns an empty array, BTW.)

alvaro1728 on 11 Dec 2018

@alvaro1728 An easy quick-and-dirty way to do this might be Auth.signOut? I'm assuming this is just one test user.

haverchuck on 11 Dec 2018

@haverchuck Yep, fortunately it's just a test user. But now I'm stuck. I tried putting an await Auth.signOut(); before my code and it didn't make a difference. I've also tried await Auth._storage.clear(); and it doesn't fix it. (I appreciate your help with this, BTW.)

alvaro1728 on 11 Dec 2018

@haverchuck FYI, I drilled down into the Amplify code and found the root of the problem. It tries to login with the identityId previously stored on the device storage (AsyncStorage). I tried clearing that via Auth._storage but it doesn't work so I ended up removing it from AsyncStorage directly and then restarting the whole app!

      const key = "@MemoryStorage:CognitoIdentityId-" + Auth._config.identityPoolId;
      await AsyncStorage.removeItem(key);
      Updates.reload();

It's dirty but it works. One thing I did notice is that when it goes to recreate the anonymous user in Cognito, it actually creates two of them -- one is left abandoned. I guess it's not a big deal but it seems like a bug in the Amplify code which I don't intend to research. I've wasted enough time on this problem, which should have been handled automatically by Amplify.

Cheers,
Alvaro

alvaro1728 on 12 Dec 2018

@alvaro1728 - Thanks for digging into this. I'm marking this as a bug and we are investigating further.

haverchuck on 12 Dec 2018

👍2

Well @alvaro1728 - I've replicated the issue on my side. Seeing the same behavior you described.

haverchuck on 12 Dec 2018

👍1

@alvaro1728 - We are working on a solution. Please stay tuned.

haverchuck on 13 Dec 2018

@alvaro1728 We merged a fix for this. It should be available on our unstable tag ('npm i aws-amplify@unstable') shortly.

haverchuck on 28 Dec 2018

Hi, which version need to use for fix. I am facing the same issue.
"aws-amplify": "3.0.17-unstable.2",
"aws-amplify-react": "^4.1.15",

need to get a new credential or refresh the existing one
ConsoleLogger.ts:91
[DEBUG] 02:46.218 AuthClass - Getting current user credentials
ConsoleLogger.ts:99
[DEBUG] 02:46.221 AuthClass - failed to get or parse item aws-amplify-federatedInfo SyntaxError: Unexpected token u in JSON at position 0
at JSON.parse ()
at e. (Auth.ts:1350)

checked the cookie, all token are available. Interesting that, If I refresh the entire page, I can see the logged in user name, but when click on button of the page, it is not able to find the name.