Amplify-js: CUSTOM_AUTH error when using USER_SRP_AUTH
aws-amplify / auth with cognito user pool
I using a aws-amplify manual config (without using cli) and withAuthenticator HOC in a react web app for authentication. In my user pool app client settings, I have _Enable SRP (secure remote password) protocol based authentication (ALLOW_USER_SRP_AUTH)_ checked.
However, when I attempt to sign in providing a username but not providing a password (leave password field blank) I get an error saying CUSTOM_AUTH is not enabled for the client instead of a password is required error.
I inspected the network request and noticed that the AuthFlow is CUSTOM_AUTH in spite of my config / settings.
In my index.tsx file, I have:
import Amplify from 'aws-amplify';
Amplify.configure({
Auth: {
region: 'XX-XXXX-X',
userPoolId: 'XX-XXXX-X_XXXX',
userPoolWebClientId: 'XXX',
authenticationFlowType: 'USER_SRP_AUTH',
mandatorySignIn: true
}
});
I'm using aws-amplify version 2.2.4 and aws-amplify-react 3.1.5
rfakoya
All 6 comments
I have the same issue with the following version:
"aws-amplify": "^2.2.6",
"aws-amplify-react": "^3.1.7",
When the password is missing on the login page the error shows up.
deekay00
on 17 Mar 2020
Hello, I'm having the same issue after following this post on your docs:
https://serverlessrepo.aws.amazon.com/applications/arn:aws:serverlessrepo:us-east-1:520945424137:applications~amazon-cognito-passwordless-email-auth
I can't sign in without a password.
ObedAmpah
on 28 Apr 2020
To elaborate...
let cognitoUser: CognitoUser; // Track authentication flow state in this object
My signup:
` const signUp = async (e: NativeSyntheticEvent
if (!text) { return null; }
// console.log('e: ', e.target)
const params = {
username: text,
password: currentPassword,
attributes: {
name: text,
},
}
if (e.target) {
return await Auth.signUp(params)
// .then((data:any) => console.log('data: ', data))
.catch((err:any) => console.log('error: ', err))
// userNavigation();
}
}`
My signIn:
` const signInCog = async (e: NativeSyntheticEvent
if (!text) { return null; }
// console.log('e: ', e.target)
console.log('cognitoUser: ', cognitoUser)
if (e.target) {
console.log('e: ', text)
cognitoUser = await Auth.signIn(text);
}
}`
My returned error message from signIn (I am using the sample passwordless auth deployment listed in the link above):
"CreateAuthChallenge failed with error 2020-04-29T15:32:36.320Z 92a989ac-5f4e-45dd-9e0a-0717aa1ac8cb Task timed out after 3.00 seconds."
Event: "signIn_failure"
*Also, my cognitoUser comes back as defined (I am logging it to the console prior to the Auth.signIn request)
Any suggestions?
ObedAmpah
on 29 Apr 2020
@rfakoya, @deekay00 this is currently expected behavior. Amplify library doesn't require the config property authenticationFlowType on AuthConfig and is set on CognitoUser when provided by the client. However amplify doesn't validate it or make validations based on it.
If the password field is empty, it's expected that the client wants a passwordless signin and so it follows the custom_auth flow
which then sets the authentication flow to be of Custom_Type
This validation is expected to happen in the client with appropriate error messages to the user.
Amplifiyer
on 29 Apr 2020
I get the same error message. How are we supposed to enforce a required password error message ?
This is the default behavior of the sign-in component: password field is marked as required*
antoinebrault
on 23 Jun 2020
Work around I am using:
import Amplify, { I18n } from 'aws-amplify';
const authLabels = {
en: {
'CUSTOM_AUTH is not enabled for the client.': 'Password cannot be empty.',
},
};
I18n.setLanguage('en');
I18n.putVocabularies(authLabels);
cbishop-fv
on 29 Sep 2020
Related issues
ddemoll
路
3Comments
epicfaace
路
3Comments
simon998yang
路
3Comments
josoroma
路
3Comments
lucasmike
路
3Comments