Amplify-js: Social Federation Not Working
Describe the bug
I am unable to get the signIn method of the hub listener to fire upon signin via Auth.federatedSignin().
Expected behavior
When a user signs in via Google or Facebook (i.e. Auth.federatedSignin({provider: 'facebook/google'})) they should be redirected back to my app (e.g. customdomain.com) and the signIn method of the hub listener should fire.
*Screenshots *
Here is a log that shows what happens when I log in Auth.federatedSignin({provider: 'google'}):
As you can see, there are only two instances when an auth event is being dispatched, and it is only during initialization (on event parsingCallbackUrl). A subsequent auth event 'signIn' should be fired, but it is not.
What is Configured?
I have oauth configured using @dabit3 's wonderful tutorial on social federation with amplify. I am using Cognito User Pools for authentication which allows social federation via Amazon, Google, and Facebook. I have a custom domain set up with route 53 and it has a hosted zone.
My exports file looks like the following:
const awsmobile = {
"aws_project_region": "us-west-2",
"aws_cognito_identity_pool_id": "us-west-2:xxx,
"aws_cognito_region": "us-west-2",
"aws_user_pools_id": "us-west-2_2MMItODxV",
"aws_user_pools_web_client_id": "xxx",
"oauth": {
"domain": "xxx-master.auth.us-west-2.amazoncognito.com",
"scope": [
"phone",
"email",
"openid",
"profile",
"aws.cognito.signin.user.admin"
],
"redirectSignIn": "https://mydomain.net/",
"redirectSignOut": "https://mydomain.net/",
"responseType": "code"
},
"federationTarget": "COGNITO_USER_POOLS",
"aws_appsync_graphqlEndpoint": "https://xxx.appsync-api.us-west-2.amazonaws.com/graphql",
"aws_appsync_region": "us-west-2",
"aws_appsync_authenticationType": "AMAZON_COGNITO_USER_POOLS",
"aws_user_files_s3_bucket": "xxx-master",
"aws_user_files_s3_bucket_region": "us-west-2"
};
Additional context
When I was following the aforementioned tutorial it worked like a charm in my dev environment. However, now that I have changed the redirect urls (via the amplify cli and on the google/facebook oauth accounts) the feature does not work. In face when I sign in, the google oauth redirects to mydomain.com/#, as opposed to the expected redirect: mydomain.com/. Facebook also redirects in a strange way by forwarding to mydomain.com/#_=_, as opposed to mydomain.com/. I'm not sure if this is significant or not. As far as I can tell, the oauth providers have been set up properly (on the facebook/google dev sites). I have pasted the oauth endpoints (e.g. xxx-master.auth.com) in the correct places and I am really frustrated that I can't get this thing to work :/
I should also mention that this feature was working before I tried setting up my custom domain.
edit: After doing some testing I found that this feature works on my dev environment which is hosted with the amplify console. With this setup my auth resources and storage (hosting) resources match up nicely (e.g. xxx-amplifydev.auth.com & xxx-amplifydev.com). However, on my master environment the resources do not match up (e.g. mydomain.com & xxx-amplifymaster.auth.com). I have a feeling that the error lies in this discrepancy. Is there anything special I have to setup when using a custom domain and social federation?
karrettgelley
All 6 comments
same error
VTSingle
on 28 Apr 2020
Hi @karrettgelley / @VTSingle - sorry for the delay here. I was able to replicate this issue. I then did some digging and found this issue. It looks like when it's hosted with a custom domain via Amplify Console Amplify.configure(config); doesn't have the redirect variables, so in the proposed solution the dev manually overrides them. This solution. This works but isn't a good developer experience and this needs to be fixed. I agree the docs should reflect this as well. I've marked this as a bug and will have this prioritized.
mauerbac
on 15 May 2020
@mauerbac Can you confirm that this is a custom domain bug and not merely a multi-env issue? I've ran across #5127 before when I was trying to set up multi-env auth, but that is _not_ my problem at the moment. Surely I'm missing something trivial like a configuration step unless everyone is just using the amplify default url (i.e. xxx-amplifymaster.com) for social federation
karrettgelley
on 16 May 2020
I am experiencing the same behavior, and had to implement the hack in this issue.
mrichman
on 17 May 2020
hi @karrettgelley - The issue seems to be a multiple URL problem - not necessarily an issue with custom domains itself. Amplify initially gives you a pre-generated URL, so adding the custom domain causes you to have two URLs, which triggers this. The SDK doesn't support multiple URLs today. When I used the "hack" it essentially overrides which URL i want to use in the Config allowing redirects to work. A fix would allow for the dev to specify which URL they want to use per env. Does this make sense?
mauerbac
on 18 May 2020
@mauerbac Makes sense. I'll see if the hack works for me. Like I said I've used to hack before to get around multiple environments, but I haven't tried to use it for a custom domain. I never would have thought that using a custom domain would trigger the same issue. I'll report back on the update
karrettgelley
on 19 May 2020
Related issues
guanzo
路
3Comments
benevolentprof
路
3Comments
oste
路
3Comments
josoroma
路
3Comments
rygo6
路
3Comments
Most helpful comment
I am experiencing the same behavior, and had to implement the hack in this issue.