Amplify-js: Server error when trying to login with Facebook federatedSignIn

Created on 19 Jun 2019 · 13Comments · Source: aws-amplify/amplify-js

Description

I had successfully setup Facebook and Google sign in using federatedSignIn method in the Auth module. However, recently the flow breaks returning a server error.

My Config

aws_config: {
    Auth: {
      identityPoolId: 'ap-southeast-1:my id',
      region: 'ap-southeast-1',
      userPoolId: 'ap-southeast-my id',
      userPoolWebClientId: 'my client id',
      mandatorySignIn: false,
    },
  },
  oauth: {
    domain: 'my domain.auth.ap-southeast-1.amazoncognito.com',
    scope: ['phone', 'email', 'profile', 'openid', 'aws.cognito.signin.user.admin'],
    redirectSignIn: 'http://localhost:4200/',
    redirectSignOut: 'http://localhost:4200/',
    responseType: 'code'
  }

Steps to reproduce the behavior:

In my authenticator service (As I am using angular) the method is as follows

  loginFacebook() {
    Auth.federatedSignIn({customProvider: 'Facebook'}).then(() => {

    }).catch(e => {
      console.log(e);
    });
  }

Expected behaviour

The redirect after user authorization should come with access code followed by login success event in the following handler.

Hub.listen('auth', (data) => {
        switch (data.payload.event) {
          case 'signIn':
            console.log('Login success');
            Auth.currentAuthenticatedUser().then((u) => {
              this.processUser(u);
              resolve(true);
            }).catch((e) => {
            });
            break;
          case 'signOut':
            console.log('Logout success');
            this.isLoggedIn = false;
            this.user = null;
            this.autoLogin = false;
            resolve(false);
            break;
        }
      });

Current behaviour

The user gets redirected to
https://www.vinyl.lk/?error_description=Exception%20processing%20authorization%20code&state=GiFNGdcwLTaut52DH6qsZWuSoMaQWPVH&error=server_error#_=_

Apparently, the code is retrieved. However, it is not processed by cognito for some reason. Google login works perfect and Facebook login tend to fail like this. (In rare cases the login happens as expected.)

The network calls relevant to the use case

Versions of SDK used

... "amazon-cognito-identity-js": "^3.0.12", "aws-amplify": "^1.1.29-unstable.0", "aws-sdk": "^2.466.0", ...
Note: I tried with stable version "1.1.29" still not luck (which used to work perfectly on either of version before sometime.

Auth Cognito Federation Service Team pending-close-response-required

Source

anuradhawick

👍7 😕1

Most helpful comment

Same issue... tbh, I'm glad it's not just me! Looking forward to a solution. I suspect it's a timing issue, when I set a breakpoint in the oauth response handler and pause before continuing then it seems to work more reliably (have not heavily tested this).

cliffordh on 20 Jun 2019

👍2

All 13 comments

Same observation on react native project.
Facebook login worked well last week. But now it fails sometimes with Error: Exception+processing+authorization+code while Google login works 100%
@powerful23 any idea about this?

malithjkmt on 19 Jun 2019

👍1

I am having the same issue

Damith2323 on 19 Jun 2019

👍1

cliffordh on 20 Jun 2019

👍2

I get this error when using a custom urlOpener on expo with facebook login, but I don't get the error with the default config that has app switching. Same as above, google login has no errors.

This is my urlOpener code:
```const urlOpener = async (url, redirectUrl) => {
// On Expo, use WebBrowser.openAuthSessionAsync to open the Hosted UI pages.
const { type, url: newUrl } = await WebBrowser.openAuthSessionAsync(
url,
redirectUrl
);

if (type === "success") {
await WebBrowser.dismissBrowser();

if (Platform.OS === "ios") {
  console.log(newUrl);
  return Linking.openURL(newUrl);
}

}
};```

iamdavidmartin on 20 Jun 2019

any update? We're close to launching our site and this core functionality is broken.

cliffordh on 26 Jun 2019

@cliffordh I think it's a server side error, will bring it to the service team. In the meantime, can you try using token as the responseType and enable Implicit grant in Allowed OAuth Flows in the app client setting? It's not going to fix the issue but if you can login with that flow, it could be a temporary work around for you.

powerful23 on 26 Jun 2019

This might be the same issue as https://forums.aws.amazon.com/thread.jspa?messageID=904500

I am getting it each time when using OpenID Connect Identity Provider defined in my Amplify User Pool.

@powerful23 I am not sure if I can change the responseType to token as the endpoints are called by Cognito with code response type even when I set it to token for Cognito OAuth configuration. Please let me know if there is a way to do it differently.

mmieszek on 18 Jul 2019

Getting the same error with Hosted UI. I am using Google and Facebook federated login with the userpool. Surprisingly previous users are getting the access tokens when they login-in with google/facebook but the new ones who are just signing up are getting the error. Please look into it asap.

gdsoumya on 21 Jul 2019

I had the same error but it turns out I had tried to map attributes that Google wasn't returning.

I found this helpful https://stackoverflow.com/a/56979795/10929504

deak-s on 25 Jul 2019

👍1

Same error here with hosted UI, error_description=Exception+processing+authorization+code&error=server_error

MatteoGioioso on 9 Aug 2019

Weirdly, I am getting this error only if I have a trailing / in the path. If I remove it from the url in the aws-exports.js and from the redirect_url parameter, the error does not occur.

Unfortunately in the amplify-cli the "/" is mandatory.

d0utone on 14 Aug 2019

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.