Aws-sdk-android: Throwing a NotAuthorizedException instead of LimitExceededException on getSession
Describe the bug
I'm implementing the Cognito User Pool on my project, and I'm in the step to handle the common exceptions on Cognito calls. When I tried too many times to call the changePassword() method, it raised a LimitExceededException. When I reproduced it on getSession(), it raised a NotAuthorizedException, with the same error message (Too many attempts, I think). The point is: Should getSession() method also raise a LimitExceededException, right?
To Reproduce
Call getSession() and changePassword() from CognitoUser a lot. Both will raise different exception types with the same message
Expected behavior
Both raise LimitExceededException
Environment(please complete the following information):
- SDK Version: 2.8.4
Device Information (please complete the following information):
- Device: Pixel XL and Samsung J3
- Android Version: 9.0 and 5.1
- Specific to simulators:
luanalbineli
All 8 comments
Hi @luanalbineli ,
I will raise this concern with the service team and post an update here.
minbi
on 27 Dec 2018
Hi @luanalbineli ,
I'm able to receive LimitExceededException for change password.
com.amazonaws.services.cognitoidentityprovider.model.LimitExceededException: Attempt limit exceeded, please try after some time.
And NotAuthorizedException for failed sign-in now.
com.amazonaws.services.cognitoidentityprovider.model.NotAuthorizedException: Incorrect username or password.
Do you see the same behavior now?
If not can you provide the request id, and the timestamp of the request?
com.amazonaws.services.cognitoidentityprovider.model.NotAuthorizedException: Incorrect username or password. (Service: AmazonCognitoIdentityProvider; Status Code: 400; Error Code: NotAuthorizedException; Request ID: d7453663-19f5-11e9-b516-3fdea6374573)
^^^^^^^
Hi @minbi ,
Here is the raised exception:
2019-01-21 10:29:58.485 - com.amazonaws.services.cognitoidentityprovider.model.NotAuthorizedException: Password attempts exceeded (Service: AmazonCognitoIdentityProvider; Status Code: 400; Error Code: NotAuthorizedException; Request ID: 4150401e-1d78-11e9-a15b-3d35ecadad5f)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.invoke(AmazonCognitoIdentityProviderClient.java:5203)
at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.initiateAuth(AmazonCognitoIdentityProviderClient.java:3581)
at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.startWithUserPasswordAuth(CognitoUser.java:2578)
at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.initiateUserAuthentication(CognitoUser.java:778)
at com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.AuthenticationContinuation.continueTask(AuthenticationContinuation.java:115)
...
luanalbineli
on 21 Jan 2019
Thanks, following up with service team
minbi
on 22 Jan 2019
Hi @luanalbineli ,
The service team is asking for the region that you are using. Can you provide that detail?
minbi
on 28 Jan 2019
Hi @minbi ,
Since the Cognito service is not available for Brazil, we are currently using US_EAST_1("us-east-1")
Regards,
Luan.
luanalbineli
on 28 Jan 2019
Hi @luanalbineli ,
The service team has provided that this is consistent behavior since the authentication flow will throw this if there are too many password unsuccessful attempts. During your testing, are you trying incorrect passwords before hitting this exception?
minbi
on 5 Feb 2019
This issue has been automatically closed because of inactivity. Please open a new issue if are still encountering problems.
![stale[bot] picture](https://avatars3.githubusercontent.com/in/1724?v=4&s=40)
stale[bot]
on 15 Feb 2019
Related issues
chorniyn
路
3Comments
yairkukielka
路
3Comments
HayTran94
路
4Comments
mbk820
路
4Comments
amadeu01
路
3Comments