Amplify-js: TypeError: callback.totpRequired is not a function thrown by completeNewPassword()

Created on 17 Jun 2020 · 6Comments · Source: aws-amplify/amplify-js

Describe the bug
If a user has MFA enabled and their password is reset by an admin, on login the call to completeNewPassword() will throw the error TypeError: "callback.totpRequired is not a function"

To Reproduce
Custom UI calling the Auth component from @aws-amplify/auth.

Setup Software Token MFA for a user in a Cognito User Pool
Reset the user's password and make it expired (I've done this via the CLI)
Login as that user and the response to Auth.signIn() will contain a challengeName of "NEW_PASSWORD_REQUIRED".
Make a call to Auth.completeNewPassword() with the parameters
user (as returned by the Auth.signIn() response)
new password
{} for the required attributes (none, in this case)
The Auth code will throw the error TypeError: "callback.totpRequired is not a function"

Expected behavior
The call to Auth.completeNewPassword() should return a CognitoUser object with a challengeName of "SOFTWARE_TOKEN_MFA"

Code Snippet

    const {password} = formData;
    Auth.completeNewPassword(
        this.user,
        password,
        { }
      ).then( async (response) => {
        console.log('change password response', response)
        if (response && response.challengeName) {
          this.authService.setUser(response);
          if (response.challengeName === 'SMS_MFA' || response.challengeName === 'SOFTWARE_TOKEN_MFA') {
              this.router.navigate(['../totp'], { relativeTo: this.route });
          }
        } else {
          this.router.navigate(['/']);
        }

    }).catch(err => {
      console.log('change password error: ', err);
      this.errorMessage = err.message;
      this.ref.markForCheck();

    });

What is Configured?

```

If applicable, please provide your manual configuration example:
{ Auth: { region: 'eu-west-1', userPoolId: 'eu-west-1_xxxxxx', userPoolWebClientId: '20mqad8uu2nqqqi0ef3345678', } }
- If applicable, provide more configuration data, for example for Amazon Cognito, run aws cognito-idp describe-user-pool --user-pool-id us-west-2_xxxxxx (Be sure to remove any sensitive data)

Environment

npx: installed 1 in 1.267s

  System:
    OS: macOS 10.15.4
    CPU: (8) x64 Intel(R) Core(TM) i7-4980HQ CPU @ 2.80GHz
    Memory: 21.34 MB / 16.00 GB
    Shell: 5.7.1 - /bin/zsh
  Binaries:
    Node: 12.12.0 - ~/homebrew/bin/node
    Yarn: 1.21.1 - ~/.yarn/bin/yarn
    npm: 6.14.5 - ~/homebrew/bin/npm
  Browsers:
    Chrome: 83.0.4103.97
    Edge: 83.0.478.50
    Firefox: 77.0.1
    Safari: 13.1
  npmPackages:
    @angular-builders/jest: ^9.0.0 => 9.0.1
    @angular-devkit/build-angular: ~0.901.4 => 0.901.8
    @angular/animations: ~9.1.4 => 9.1.11
    @angular/cli: ~9.1.4 => 9.1.8
    @angular/common: ~9.1.4 => 9.1.11
    @angular/compiler: ~9.1.4 => 9.1.11
    @angular/compiler-cli: ~9.1.4 => 9.1.11
    @angular/core: ~9.1.4 => 9.1.11
    @angular/forms: ~9.1.4 => 9.1.11
    @angular/language-service: ~9.1.4 => 9.1.11
    @angular/localize: ^9.1.4 => 9.1.11
    @angular/platform-browser: ~9.1.4 => 9.1.11
    @angular/platform-browser-dynamic: ~9.1.4 => 9.1.11
    @angular/router: ~9.1.4 => 9.1.11
    @aws-amplify/auth: ^3.2.6 => 3.2.13
    @aws-amplify/core: ^3.2.6 => 3.3.3
    @babel/core: ^7.9.6 => 7.10.2
    @babel/plugin-transform-regenerator: ^7.8.3 => 7.10.1
    @babel/plugin-transform-runtime: ^7.9.6 => 7.10.1
    @babel/runtime: ^7.9.6 => 7.10.2
    @clr/angular: ^3.1.1 => 3.1.3
    @clr/core: ~3.1.1 => 3.1.3
    @clr/icons: ~3.1.1 => 3.1.3
    @clr/ui: ~3.1.1 => 3.1.3
    @ngxs/devtools-plugin: ^3.6.2 => 3.6.2
    @ngxs/logger-plugin: ^3.6.2 => 3.6.2
    @ngxs/store: ^3.6.2 => 3.6.2
    @types/jasmine: ~3.5.0 => 3.5.10
    @types/jasminewd2: ~2.0.3 => 2.0.8
    @types/jest: ^25.1.3 => 25.2.3
    @types/node: ^13.13.4 => 13.13.12
    @webcomponents/custom-elements: ^1.0.0 => 1.4.1
    @webcomponents/webcomponentsjs: ^2.0.0 => 2.4.3
    angularx-qrcode: ^2.1.1 => 2.3.4
    babel-jest: ^25.5.1 => 25.5.1
    codelyzer: ^5.1.2 => 5.2.2
    jasmine-core: ~3.5.0 => 3.5.0
    jasmine-spec-reporter: ~5.0.2 => 5.0.2
    jest: ^25.5.4 => 25.5.4
    jest-canvas-mock: ^2.2.0 => 2.2.0
    jest-preset-angular: ^8.1.3 => 8.2.0
    protractor: ~5.4.4 => 5.4.4
    rxjs: ~6.5.5 => 6.5.5
    ts-node: ~8.10.1 => 8.10.2
    tslib: ^1.10.0 => 1.13.0
    tslint: ~6.1.2 => 6.1.2
    typescript: 3.8 => 3.8.3
    zone.js: ~0.10.2 => 0.10.3
  npmGlobalPackages:
    @angular/cli: 9.1.0
    @aws-amplify/cli: 4.18.0
    @aws-cdk/aws-events-targets: 1.15.0
    @aws-cdk/aws-events: 1.15.0
    @aws-sdk/xml-body-parser: 0.1.0-preview.9
    @vue/cli: 4.0.5
    asar: 2.0.3
    eslint-plugin-vue: 6.0.1
    eslint: 6.6.0
    http-server: 0.12.1
    node-gyp: 6.0.1
    nodemon: 2.0.4
    npm: 6.14.5
    yarn: 1.22.4

Smartphone (please complete the following information):

Browser: Firefox, Chrome

_You can turn on the debug mode to provide more info for us by setting window.LOG_LEVEL = 'DEBUG'; in your app._

[DEBUG] 16:51.352 AuthClass - signIn failure 
Object { code: "NotAuthorizedException", name: "NotAuthorizedException", message: "Incorrect username or password." }
ConsoleLogger.js:107
[DEBUG] 16:51.354 Hub - Dispatching to auth with  
Object { event: "signIn_failure", data: {…}, message: "xxxxxx failed to signin" }
ConsoleLogger.js:107
err 
Object { code: "NotAuthorizedException", name: "NotAuthorizedException", message: "Incorrect username or password." }
login.component.ts:89:14
[DEBUG] 16:55.984 AuthClass - signIn totpRequired ConsoleLogger.js:97

Auth bug

Source

GrahamFord

All 6 comments

Hey @GrahamFord I just wanted to follow up and see if you're still experiencing this issue with the latest version on aws-amplify. We're looking into another issue that could be related to this.