Aws-sdk-android: For Google Federated Signin: AWSMobileClient.getInstance().initialize returns userState SIGNED_IN but AWSMobileClient.getInstance().getIdentityId() is null
Describe the bug
For Google sign-in, AWSMobileClient.getInstance().initialize returns SIGNED_IN but AWSMobileClient.getInstance().getIdentityId() == null
This is related to a larger issue I am trying to resolve. Facebook federated sign-in via AWSMobileClient.getInstance().showSignIn works perfectly. But, Google does not.
With Google, if a user signs out then attempts to sign in again, the sign-in will fail. AWSMobileClient may not refresh the token. After a token expires, it is not refreshed. AWSMobileClient should be refreshing the token automatically? Details below.
To Reproduce
Sign-in by selecting the "Sign in with Google" button on the AWSMobileClient.getInstance().showSignIn view. The first time, this will work. Then, call AWSMobileClient.getInstance().signOut() followed by AWSMobileClient.getInstance().showSignIn. The second time, the sign-in claims to succeed but the identityId is returned as null.
What is the proper way or location to get the identityId by calling AWSMobileClient.getInstance().getIdentityId() ?
I suspect this may be a bug related to not refreshing the token properly for Google federated sign-in. Calling sign-out in the app has a similar effect as waiting for the token to expire. Both cases result in a call to AWSMobileClient.getInstance().getIdentityId() returning null. However, Facebook federated sign-in does not have this problem.
A code sample or steps:
AWSMobileClient.getInstance().initialize(getApplicationContext(), new Callback<UserStateDetails>() {
@Override
public void onResult(UserStateDetails userStateDetails) {
Log.d(TAG, "initializeAWSMobileClient() AWSMobileClient.getInstance().initialize() : userState: " + userStateDetails.getUserState());
registerUserStateListener();
switch (userStateDetails.getUserState()) {
case SIGNED_IN:
Log.d(TAG, "initializeAWSMobileClient() AWSMobileClient.getInstance().initialize(): userState: logged in!");
if (AWSMobileClient.getInstance().getIdentityId() == null) {
// THIS IS A BUG OR ?
Log.e(TAG, "initializeAWSMobileClient(): AWSMobileClient.getInstance().getIdentityId() == null.");
AWSMobileClient.getInstance().signOut();
initializeAWSMobileClient();
} else {
initializeAndLoadData();
}
break;
case SIGNED_OUT:
Log.d(TAG, "initializeAWSMobileClient() AWSMobileClient.getInstance().initialize(): userState: signed out!");
showSignIn();
break;
default:
Log.e(TAG, "initializeAWSMobileClient() AWSMobileClient.getInstance().initialize(): userState: case default!");
showSignIn();
break;
}
}
@Override
public void onError(Exception e) {
Log.e(TAG, "AWSMobileClient.getInstance().initialize() : Initialization error.", e);
AWSMobileClient.getInstance().signOut();
}
}
);
}
and the showSignIn() is contained in this method:
private void showSignIn() {
Log.d(TAG, "showSignIn()");
AWSMobileClient.getInstance().showSignIn(
MainActivity.this,
SignInUIOptions.builder()
.nextActivity(MainActivity.class)
.logo(R.drawable.ic_modlist_aws_signin_icon)
.backgroundColor(Color.parseColor("#7FA7BC"))
.canCancel(false)
.build(),
new Callback<UserStateDetails>() {
@Override
public void onResult(UserStateDetails result) {
Log.d(TAG, "showSignIn() onResult() result: userState: " + result.getUserState());
switch (result.getUserState()){
case SIGNED_IN:
Log.d(TAG, "showSignIn() callback: SIGNED_IN logged in!");
initializeAndLoadData();
break;
case SIGNED_OUT:
Log.d(TAG, "showSignIn() callback onResult: SIGNED_OUT ");
initializeAWSMobileClient();
break;
case SIGNED_OUT_FEDERATED_TOKENS_INVALID:
Log.d(TAG, "showSignIn() callback onResult: SIGNED_OUT_FEDERATED_TOKENS_INVALID");
initializeAWSMobileClient();
break;
case SIGNED_OUT_USER_POOLS_TOKENS_INVALID:
Log.d(TAG, "showSignIn() callback onResult: SIGNED_OUT_USER_POOLS_TOKENS_INVALID");
initializeAWSMobileClient();
break;
case GUEST:
Log.d(TAG, "showSignIn() callback onResult: GUEST");
initializeAWSMobileClient();
break;
case UNKNOWN:
Log.d(TAG, "showSignIn() callback onResult: UNKNOWN");
initializeAWSMobileClient();
break;
default:
Log.d(TAG, "showSignIn() callback onResult: default; Should not be possible.");
initializeAWSMobileClient();
break;
}
}
@Override
public void onError(Exception e) {
Log.e(TAG, "showSignIn().onError: ", e);
}
}
);
}
Which AWS service(s) are affected?
implementation 'com.amazonaws:aws-android-sdk-core:2.12.0'
implementation 'com.amazonaws:aws-android-sdk-auth-core:2.12.0@aar'
implementation('com.amazonaws:aws-android-sdk-mobile-client:2.12.0@aar') { transitive = true }
implementation('com.amazonaws:aws-android-sdk-auth-userpools:2.12.0@aar') { transitive = true }
implementation('com.amazonaws:aws-android-sdk-auth-ui:2.12.0@aar') { transitive = true }
implementation('com.amazonaws:aws-android-sdk-auth-facebook:2.12.0@aar') { transitive = true }
implementation('com.amazonaws:aws-android-sdk-auth-google:2.12.0@aar') { transitive = true }
implementation('com.amazonaws:aws-android-sdk-cognitoidentityprovider:2.12.0') {
transitive = true
}
Expected behavior
I would expect after a successful sign in for getIdentityId() to return the identity id.
Environment Information (please complete the following information):
- AWS Android SDK Version: 27
android {
compileSdkVersion 27 (or 28)
defaultConfig {
minSdkVersion 23
targetSdkVersion 27
multiDexEnabled = true
Device: Simulator or device
Android Version: various
- Specific to simulators: No
BillBunting
All 23 comments
Hi @BillBunting ,
Thanks for the report and details. I'll investigate and report back here.
minbi
on 14 Feb 2019
👍1
@minbi , I have very similar issues in the iPhone version of my app after upgrading from AWS-sdk-ios 2.8.2 to the current 2.9.0. A Google federated sign-in is not always able to refresh the token automatically. I'm going to upgrade the iOS version of the app to use 2.9.1 and also update the GoogleSignIn pod from 4.3.0 to 4.4.0 to see if that helps.
As far as Android is concerned, it seems the app has had issues refreshing tokens for Google federated sign in for several AWS SDK Android releases since 2.8, including the version I have in production at this time built on 2.11.0. I reverted back to prior versions without success.
I also attempted to turn on unauthenticated access by selecting "Enable access to unauthenticated identities" in the app's federated identity pool. With this enabled, anonymous, unauthenticated access was granted and a identityId was returned, but as it was an unauthenticated ID, all queries to DynamoDB, etc failed (as they should).
The documentation is unclear on how to configure the identity pool (since this app was not built with Amplify (old MobileHub generated product). Does the identity pool need to have unauthenticated access enabled? Is there any more documentation?
This problem remains specific to Google federated identities. Facebook works fine. Unfortunately, I'm blocked and my Google users are locked out of the app in some cases.
Thank you for your attention to this issue.
-Bill.
BillBunting
on 15 Feb 2019
@minbi Any update on this? I'd like to see a call to getIdentityId() with a callback when the identityId is available, similar to the iOS call. Since AWSMobileClient seems to function better for Facebook, I suspect a bug in the Goggle-related code.
BillBunting
on 20 Feb 2019
Hi @BillBunting ,
I'm looking at refreshing the code that we are using for Google and making sure that the refresh is working properly.
For the identity id being null, can you try making a getCredentials() call before retrieving the identity id? The sign-in does attempt to make this call, but in an async manner, so it may not be populating or potentially failing in the background.
I will discuss with the team whether we can add an async getIdentityId() call that does an online grab of the id if not available.
minbi
on 21 Feb 2019
@minbi Thank you for the suggestions. I will try the call to getCredentials() prior to getIdentityId() as a workaround. For consistency with the iOS version, it would be nice to have a callback on getIdentityId() rather than just returning null. Thank you for scheduling a review of the Google code.
BillBunting
on 25 Feb 2019
@minbi
I added a call to getCredentials() after AWSMobileClient.getInstance().initialize() and upon case SIGNED_IN. It works properly the first time (as it did prior) but when I call SignOut(), and call the below method again, the following exception is thrown. Using 2.12.0 still. (Upgrade to 2.12.1 caused a UI crash when attempting to use the SignIn UI for a Cognito user pool and/or providing invalid entries such as leaving the password blank upon submit.)
private void initializeAWSMobileClient() {
Log.d(TAG, "initializeAWSMobileClient() AWSMobileClient.getInstance().initialize() : calling...: ");
AWSMobileClient.getInstance().initialize(getApplicationContext(), new Callback<UserStateDetails>() {
@Override
public void onResult(UserStateDetails userStateDetails) {
Log.d(TAG, "initializeAWSMobileClient() AWSMobileClient.getInstance().initialize() : userState: " + userStateDetails.getUserState());
registerUserStateListener();
switch (userStateDetails.getUserState()) {
case SIGNED_IN:
Log.d(TAG, "initializeAWSMobileClient() AWSMobileClient.getInstance().initialize(): userState: logged in!");
if (AWSMobileClient.getInstance().getIdentityId() == null) {
Log.e(TAG, "initializeAWSMobileClient(): AWSMobileClient.getInstance().getIdentityId() == null.");
}
final AWSCredentials credentials = AWSMobileClient.getInstance().getCredentials();
Log.d(TAG, "initializeAndLoadData: Workaround to force getIdentityId to fetch the id from credentials : " + credentials.toString());
initializeAndLoadData();
break;
case SIGNED_OUT:
Log.d(TAG, "initializeAWSMobileClient() AWSMobileClient.getInstance().initialize(): userState: signed out!");
showSignIn();
break;
default:
Log.e(TAG, "initializeAWSMobileClient() AWSMobileClient.getInstance().initialize(): userState: case default!");
showSignIn();
break;
}
}
@Override
public void onError(Exception e) {
Log.e(TAG, "AWSMobileClient.getInstance().initialize() : Initialization error.", e);
AWSMobileClient.getInstance().signOut();
}
}
);
}
2019-02-24 22:48:41.658 17901-17991/com.buntingsoftware.modlist W/AWSMobileClient: Failed to federate the tokens.
com.amazonaws.services.cognitoidentity.model.NotAuthorizedException: Unauthenticated access is not supported for this identity pool. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: NotAuthorizedException; Request ID: 3c244481-38b0-11e9-9fdd-31fe70c5692c)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:1477)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getId(AmazonCognitoIdentityClient.java:757)
at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.getIdentityId(AWSAbstractCognitoIdentityProvider.java:172)
at com.amazonaws.auth.AWSEnhancedCognitoIdentityProvider.refresh(AWSEnhancedCognitoIdentityProvider.java:76)
at com.amazonaws.auth.CognitoCredentialsProvider.startSession(CognitoCredentialsProvider.java:678)
at com.amazonaws.auth.CognitoCredentialsProvider.getCredentials(CognitoCredentialsProvider.java:465)
at com.amazonaws.auth.CognitoCachingCredentialsProvider.getCredentials(CognitoCachingCredentialsProvider.java:499)
at com.amazonaws.mobile.client.AWSMobileClient.getUserStateDetails(AWSMobileClient.java:637)
at com.amazonaws.mobile.client.AWSMobileClient.waitForSignIn(AWSMobileClient.java:570)
at com.amazonaws.mobile.client.AWSMobileClient.getCredentials(AWSMobileClient.java:256)
at com.buntingsoftware.modlist.MainActivity$2.onResult(MainActivity.java:247)
at com.buntingsoftware.modlist.MainActivity$2.onResult(MainActivity.java:232)
at com.amazonaws.mobile.client.internal.InternalCallback.call(InternalCallback.java:75)
at com.amazonaws.mobile.client.internal.InternalCallback.onResult(InternalCallback.java:62)
at com.amazonaws.mobile.client.AWSMobileClient$2.run(AWSMobileClient.java:353)
at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
at java.lang.Thread.run(Thread.java:761)
@BillBunting , I'll need to dive into this exception, the signOut() should be clearing all tokens and therefore state from the client. Is signOut() being called from a different thread?
minbi
on 25 Feb 2019
👍1
@minbi , signOut() is called on the UI thread as follows, but for extra measure, I wrapped it runOnUIThread. Either way, I still get the same exception from Google federated sign-in if I sign-in then sign out, then sign in again. Facebook and the app's Cognito user pool do not have this issue. I can repeatedly sign in and out with both Facebook and the app's Cognito user pool.
private void appSignOut() {
runOnUiThread(new Runnable() {
@Override
public void run() {
AWSMobileClient.getInstance().signOut();
initializeAWSMobileClient();
}});
}
2019-02-25 14:45:42.392 11638-11638/com.buntingsoftware.modlist E/CognitoUserPoolsSignInProvider: valueOf: 16723
java.lang.RuntimeException:
at com.amazonaws.mobile.auth.userpools.CognitoUserPoolsSignInProvider$RequestCodes.valueOf(CognitoUserPoolsSignInProvider.java:133)
at com.amazonaws.mobile.auth.userpools.CognitoUserPoolsSignInProvider.isRequestCodeOurs(CognitoUserPoolsSignInProvider.java:395)
at com.amazonaws.mobile.auth.core.signin.SignInManager.handleActivityResult(SignInManager.java:291)
at com.amazonaws.mobile.auth.ui.SignInActivity.onActivityResult(SignInActivity.java:134)
at android.app.Activity.dispatchActivityResult(Activity.java:7247)
at android.app.ActivityThread.deliverResults(ActivityThread.java:4550)
at android.app.ActivityThread.handleSendResult(ActivityThread.java:4597)
at android.app.ActivityThread.-wrap22(ActivityThread.java)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1713)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:154)
at android.app.ActivityThread.main(ActivityThread.java:6732)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1520)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1410)
2019-02-25 14:45:42.392 11638-11638/com.buntingsoftware.modlist E/CognitoUserPoolsSignInProvider: valueOf: compare 10650
2019-02-25 14:45:42.392 11638-11638/com.buntingsoftware.modlist E/CognitoUserPoolsSignInProvider: valueOf: compare 10651
2019-02-25 14:45:42.392 11638-11638/com.buntingsoftware.modlist E/CognitoUserPoolsSignInProvider: valueOf: compare 10652
2019-02-25 14:45:42.392 11638-11638/com.buntingsoftware.modlist E/CognitoUserPoolsSignInProvider: valueOf: compare 10653
2019-02-25 14:45:42.392 11638-11638/com.buntingsoftware.modlist E/CognitoUserPoolsSignInProvider: valueOf: compare 10654
2019-02-25 14:45:42.392 11638-11638/com.buntingsoftware.modlist I/GoogleSignInProvider: Successful GoogleSignInResult, status=Status{statusCode=SUCCESS, resolution=null}
2019-02-25 14:45:42.393 11638-11932/com.buntingsoftware.modlist D/GoogleSignInProvider: Google provider getting token...
2019-02-25 14:45:42.393 11638-11932/com.buntingsoftware.modlist D/GoogleSignInProvider: Getting Google Client Id from AWSConfiguration...
2019-02-25 14:45:42.471 11638-11638/com.buntingsoftware.modlist D/MainActivity: onCreate()
2019-02-25 14:45:42.471 11638-11934/com.buntingsoftware.modlist E/CognitoCachingCredentialsProvider: Failure to get credentials
com.amazonaws.services.cognitoidentity.model.NotAuthorizedException: Unauthenticated access is not supported for this identity pool. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: NotAuthorizedException; Request ID: ed11d7be-3935-11e9-a4c1-c91965261c92)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:1477)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getId(AmazonCognitoIdentityClient.java:757)
at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.getIdentityId(AWSAbstractCognitoIdentityProvider.java:172)
at com.amazonaws.auth.AWSEnhancedCognitoIdentityProvider.refresh(AWSEnhancedCognitoIdentityProvider.java:76)
at com.amazonaws.auth.CognitoCredentialsProvider.startSession(CognitoCredentialsProvider.java:678)
at com.amazonaws.auth.CognitoCredentialsProvider.getCredentials(CognitoCredentialsProvider.java:465)
at com.amazonaws.auth.CognitoCachingCredentialsProvider.getCredentials(CognitoCachingCredentialsProvider.java:485)
at com.amazonaws.mobile.client.AWSMobileClient.getUserStateDetails(AWSMobileClient.java:637)
at com.amazonaws.mobile.client.AWSMobileClient$2$1$1.onResult(AWSMobileClient.java:376)
at com.amazonaws.mobile.client.AWSMobileClient$2$1$1.onResult(AWSMobileClient.java:373)
at com.amazonaws.mobile.client.internal.InternalCallback.call(InternalCallback.java:75)
at com.amazonaws.mobile.client.internal.InternalCallback.onResult(InternalCallback.java:62)
at com.amazonaws.mobile.client.AWSMobileClient$5.run(AWSMobileClient.java:916)
at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
at java.lang.Thread.run(Thread.java:761)
2019-02-25 14:45:42.471 11638-11934/com.buntingsoftware.modlist D/CognitoCachingCredentialsProvider: Identity id is changed
2019-02-25 14:45:42.471 11638-11934/com.buntingsoftware.modlist D/CognitoCachingCredentialsProvider: Saving identity id to SharedPreferences
2019-02-25 14:45:42.471 11638-11934/com.buntingsoftware.modlist D/CognitoCachingCredentialsProvider: Clearing credentials from SharedPreferences
2019-02-25 14:45:42.498 11638-11638/com.buntingsoftware.modlist D/MainActivity: initializeAWSMobileClient() AWSMobileClient.getInstance().initialize() : calling...:
2019-02-25 14:45:42.501 11638-11934/com.buntingsoftware.modlist W/AWSMobileClient: Failed to federate the tokens.
com.amazonaws.services.cognitoidentity.model.NotAuthorizedException: Unauthenticated access is not supported for this identity pool. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: NotAuthorizedException; Request ID: ed1643a6-3935-11e9-a9a7-df401a7cc1ef)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:1477)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getId(AmazonCognitoIdentityClient.java:757)
at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.getIdentityId(AWSAbstractCognitoIdentityProvider.java:172)
at com.amazonaws.auth.AWSEnhancedCognitoIdentityProvider.refresh(AWSEnhancedCognitoIdentityProvider.java:76)
at com.amazonaws.auth.CognitoCredentialsProvider.startSession(CognitoCredentialsProvider.java:678)
at com.amazonaws.auth.CognitoCredentialsProvider.getCredentials(CognitoCredentialsProvider.java:465)
at com.amazonaws.auth.CognitoCachingCredentialsProvider.getCredentials(CognitoCachingCredentialsProvider.java:499)
at com.amazonaws.mobile.client.AWSMobileClient.getUserStateDetails(AWSMobileClient.java:637)
at com.amazonaws.mobile.client.AWSMobileClient$2$1$1.onResult(AWSMobileClient.java:376)
at com.amazonaws.mobile.client.AWSMobileClient$2$1$1.onResult(AWSMobileClient.java:373)
at com.amazonaws.mobile.client.internal.InternalCallback.call(InternalCallback.java:75)
at com.amazonaws.mobile.client.internal.InternalCallback.onResult(InternalCallback.java:62)
at com.amazonaws.mobile.client.AWSMobileClient$5.run(AWSMobileClient.java:916)
at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
at java.lang.Thread.run(Thread.java:761)
2019-02-25 14:45:42.502 11638-11910/com.buntingsoftware.modlist D/AWSMobileClient: run: showSignIn completed
2019-02-25 14:45:42.502 11638-11937/com.buntingsoftware.modlist D/MainActivity: onUserStateChanged() userState() SIGNED_OUT_FEDERATED_TOKENS_INVALID
2019-02-25 14:45:42.502 11638-11937/com.buntingsoftware.modlist I/onUserStateChanged: SIGNED_OUT_FEDERATED_TOKENS_INVALID: need to login again.
@minbi ,
I'm confident there are bug in this release and possibly the prior release related specifically to Google federated sign-in.
You asked:
Is
signOut()being called from a different thread?
I have tried a lot of different things to work around the problem, but my current code is making all calls to SignOut and SignIn using runOnUIThread()
runOnUiThread(new Runnable() {
@Override
public void run() {
AWSMobileClient.getInstance().signOut();
initializeAWSMobileClient();
}});
the initializeAWSMobileClient() method is listed in a prior comment.
Unfortunately, I'm blocked by problems with AWSMobileClient.getInstance().showSignIn and issues with Google federated sign-in via showSignIn.
Is there a sample application to demonstrate the correct use of AWSMobileClient.getInstance().showSignIn() and the sign-in workflow and user state management including expired token management, etc?
Thank you for your attention in this matter.
BillBunting
on 28 Feb 2019
@minbi Any update on this bug. I tried 2.12.2 and have the same problem. If a user signs in then out and attempts to sign back in again they are unable (exceptions thrown). Likewise, after the federated token expires after 1 hour, the user is unable to sign back in again. The problem only exists for Google federated signing.
Stacktrace of error
2019-03-04 21:02:29.771 21779-21917/com.buntingsoftware.modlist D/AWSMobileClient: onUserSignedIn: Updating user state from drop-in UI
2019-03-04 21:02:29.771 21779-21917/com.buntingsoftware.modlist D/AWSMobileClient: _federatedSignIn: Putting provider and token in store
2019-03-04 21:02:29.779 21779-21920/com.buntingsoftware.modlist D/AWSMobileClient: Inspecting user state details
2019-03-04 21:02:29.779 21779-21920/com.buntingsoftware.modlist D/AWSMobileClient: Inspecting user state details
2019-03-04 21:02:29.779 21779-21921/com.buntingsoftware.modlist D/AWSMobileClient: hasFederatedToken: true provider: accounts.google.com
2019-03-04 21:02:29.780 21779-21920/com.buntingsoftware.modlist D/AWSMobileClient: hasFederatedToken: true provider: accounts.google.com
2019-03-04 21:02:29.780 21779-21920/com.buntingsoftware.modlist D/AWSMobileClient: getUserStateDetails: token already federated just fetch credentials
2019-03-04 21:02:29.855 21779-21779/com.buntingsoftware.modlist D/MainActivity: initializeAWSMobileClient() AWSMobileClient.getInstance().initialize() : calling...:
2019-03-04 21:02:29.859 21779-21920/com.buntingsoftware.modlist E/CognitoCachingCredentialsProvider: Failure to get credentials
com.amazonaws.services.cognitoidentity.model.NotAuthorizedException: Unauthenticated access is not supported for this identity pool. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: NotAuthorizedException; Request ID: bb2a6d8a-3eea-11e9-9ae8-951e455b58fa)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:1477)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getId(AmazonCognitoIdentityClient.java:757)
at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.getIdentityId(AWSAbstractCognitoIdentityProvider.java:172)
at com.amazonaws.auth.AWSEnhancedCognitoIdentityProvider.refresh(AWSEnhancedCognitoIdentityProvider.java:76)
at com.amazonaws.auth.CognitoCredentialsProvider.startSession(CognitoCredentialsProvider.java:678)
at com.amazonaws.auth.CognitoCredentialsProvider.getCredentials(CognitoCredentialsProvider.java:465)
at com.amazonaws.auth.CognitoCachingCredentialsProvider.getCredentials(CognitoCachingCredentialsProvider.java:485)
at com.amazonaws.mobile.client.AWSMobileClient.getUserStateDetails(AWSMobileClient.java:637)
at com.amazonaws.mobile.client.AWSMobileClient$2$1$1.onResult(AWSMobileClient.java:376)
at com.amazonaws.mobile.client.AWSMobileClient$2$1$1.onResult(AWSMobileClient.java:373)
at com.amazonaws.mobile.client.internal.InternalCallback.call(InternalCallback.java:75)
at com.amazonaws.mobile.client.internal.InternalCallback.onResult(InternalCallback.java:62)
at com.amazonaws.mobile.client.AWSMobileClient$5.run(AWSMobileClient.java:916)
at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
at java.lang.Thread.run(Thread.java:761)
2019-03-04 21:02:29.861 21779-21922/com.buntingsoftware.modlist D/AWSMobileClient: Inspecting user state details
2019-03-04 21:02:29.861 21779-21922/com.buntingsoftware.modlist D/MainActivity: initializeAWSMobileClient() AWSMobileClient.getInstance().initialize() : userState: SIGNED_IN
2019-03-04 21:02:29.861 21779-21922/com.buntingsoftware.modlist D/MainActivity: initializeAWSMobileClient() AWSMobileClient.getInstance().initialize(): userState: logged in!
2019-03-04 21:02:29.862 21779-21923/com.buntingsoftware.modlist D/AWSMobileClient: Inspecting user state details
2019-03-04 21:02:29.863 21779-21923/com.buntingsoftware.modlist D/AWSMobileClient: hasFederatedToken: true provider: accounts.google.com
2019-03-04 21:02:29.863 21779-21923/com.buntingsoftware.modlist D/AWSMobileClient: getUserStateDetails: token already federated just fetch credentials
2019-03-04 21:02:29.917 21779-21920/com.buntingsoftware.modlist W/AWSMobileClient: Failed to federate the tokens.
com.amazonaws.services.cognitoidentity.model.NotAuthorizedException: Unauthenticated access is not supported for this identity pool. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: NotAuthorizedException; Request ID: bb33479d-3eea-11e9-a218-a9d259f2c9c2)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:1477)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getId(AmazonCognitoIdentityClient.java:757)
at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.getIdentityId(AWSAbstractCognitoIdentityProvider.java:172)
at com.amazonaws.auth.AWSEnhancedCognitoIdentityProvider.refresh(AWSEnhancedCognitoIdentityProvider.java:76)
at com.amazonaws.auth.CognitoCredentialsProvider.startSession(CognitoCredentialsProvider.java:678)
at com.amazonaws.auth.CognitoCredentialsProvider.getCredentials(CognitoCredentialsProvider.java:465)
at com.amazonaws.auth.CognitoCachingCredentialsProvider.getCredentials(CognitoCachingCredentialsProvider.java:499)
at com.amazonaws.mobile.client.AWSMobileClient.getUserStateDetails(AWSMobileClient.java:637)
at com.amazonaws.mobile.client.AWSMobileClient$2$1$1.onResult(AWSMobileClient.java:376)
at com.amazonaws.mobile.client.AWSMobileClient$2$1$1.onResult(AWSMobileClient.java:373)
at com.amazonaws.mobile.client.internal.InternalCallback.call(InternalCallback.java:75)
at com.amazonaws.mobile.client.internal.InternalCallback.onResult(InternalCallback.java:62)
at com.amazonaws.mobile.client.AWSMobileClient$5.run(AWSMobileClient.java:916)
at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
at java.lang.Thread.run(Thread.java:761)
2019-03-04 21:02:29.917 21779-21894/com.buntingsoftware.modlist D/AWSMobileClient: run: showSignIn completed
2019-03-04 21:02:29.974 21779-21923/com.buntingsoftware.modlist E/CognitoCachingCredentialsProvider: Failure to get credentials
com.amazonaws.services.cognitoidentity.model.NotAuthorizedException: Unauthenticated access is not supported for this identity pool. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: NotAuthorizedException; Request ID: bb3f54e4-3eea-11e9-a1f4-519114a87d8e)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:1477)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getId(AmazonCognitoIdentityClient.java:757)
at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.getIdentityId(AWSAbstractCognitoIdentityProvider.java:172)
at com.amazonaws.auth.AWSEnhancedCognitoIdentityProvider.refresh(AWSEnhancedCognitoIdentityProvider.java:76)
at com.amazonaws.auth.CognitoCredentialsProvider.startSession(CognitoCredentialsProvider.java:678)
at com.amazonaws.auth.CognitoCredentialsProvider.getCredentials(CognitoCredentialsProvider.java:465)
at com.amazonaws.auth.CognitoCachingCredentialsProvider.getCredentials(CognitoCachingCredentialsProvider.java:485)
at com.amazonaws.mobile.client.AWSMobileClient.getUserStateDetails(AWSMobileClient.java:637)
at com.amazonaws.mobile.client.AWSMobileClient.waitForSignIn(AWSMobileClient.java:570)
at com.amazonaws.mobile.client.AWSMobileClient.getCredentials(AWSMobileClient.java:256)
at com.amazonaws.mobile.client.AWSMobileClient$1.run(AWSMobileClient.java:307)
at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
at java.lang.Thread.run(Thread.java:761)
2019-03-04 21:02:30.029 21779-21923/com.buntingsoftware.modlist W/AWSMobileClient: Failed to federate the tokens.
com.amazonaws.services.cognitoidentity.model.NotAuthorizedException: Unauthenticated access is not supported for this identity pool. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: NotAuthorizedException; Request ID: bb47447f-3eea-11e9-9c90-9f6e0106b5d2)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:1477)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getId(AmazonCognitoIdentityClient.java:757)
at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.getIdentityId(AWSAbstractCognitoIdentityProvider.java:172)
at com.amazonaws.auth.AWSEnhancedCognitoIdentityProvider.refresh(AWSEnhancedCognitoIdentityProvider.java:76)
at com.amazonaws.auth.CognitoCredentialsProvider.startSession(CognitoCredentialsProvider.java:678)
at com.amazonaws.auth.CognitoCredentialsProvider.getCredentials(CognitoCredentialsProvider.java:465)
at com.amazonaws.auth.CognitoCachingCredentialsProvider.getCredentials(CognitoCachingCredentialsProvider.java:499)
at com.amazonaws.mobile.client.AWSMobileClient.getUserStateDetails(AWSMobileClient.java:637)
at com.amazonaws.mobile.client.AWSMobileClient.waitForSignIn(AWSMobileClient.java:570)
at com.amazonaws.mobile.client.AWSMobileClient.getCredentials(AWSMobileClient.java:256)
at com.amazonaws.mobile.client.AWSMobileClient$1.run(AWSMobileClient.java:307)
at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
at java.lang.Thread.run(Thread.java:761)
2019-03-04 21:02:30.029 21779-21923/com.buntingsoftware.modlist D/AWSMobileClient: waitForSignIn: userState:SIGNED_OUT_FEDERATED_TOKENS_INVALID
Hi @BillBunting , we did not address this issue in the 2.12.2 release. This is still in my queue.
minbi
on 5 Mar 2019
@minbi Google Federated sign-in with the drop in UI has not worked since 2.12.0, 27 days ago. This issue has blocked future releases on my app. When will this issue get some attention?
I upgraded to 2.12.5. For Google, I still get the series of errors mentioned above. Facebook and Cognito username/password login work well.
Thank you.
BillBunting
on 13 Mar 2019
@minbi , please help. Other issues and people seem to be suggesting the same or very similar bug. Google federated sign-in user tokens appear to expire and AWSMobileClient fails to refresh them after 1 hour (or after two immediate sign-out/sign-ins). This bug is only occurring for Google sign-in (via the drop in UI). Facebook and Cognito User Pool users do not have this issue (for me). Possibly related to users using multiple sign-in methods on the same device. I have been unable to release a new version of my app since early Feb. due to this issue. Please give it a bump in priority; thank you.
BillBunting
on 2 Apr 2019
Hi,
Please see if SDK release 2.12.7 fixes this issue for you. We have added the following enhancements:
Fix Google or Facebook refresh when using the drop-in UI.
You may see all changes in the changelog
minbi
on 3 Apr 2019
👍1
@minbi,
After upgrading to 2.12.7, AWSMobileClient fails to initialize properly and shows these errors when the app starts.The app calls AWSMobileClient.getInstance().initialize(this, new Callback
2019-04-03 09:12:24.095 19887-19887/com.buntingsoftware.modlist D/MainActivity: onCreate(): savedInstanceState: null
2019-04-03 09:12:24.136 19887-19887/com.buntingsoftware.modlist D/MainActivity: onStart()
2019-04-03 09:12:24.149 19887-19887/com.buntingsoftware.modlist D/MainActivity: onResume()
2019-04-03 09:12:24.149 19887-19887/com.buntingsoftware.modlist D/MainActivity: onResume() with mBio: null
2019-04-03 09:12:24.154 19887-20003/com.buntingsoftware.modlist D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_screen_class(_sc)=MainActivity, firebase_screen_id(_si)=xxxx}]
2019-04-03 09:12:24.173 19887-19887/com.buntingsoftware.modlist D/MainActivity: onResume(): calling initializeAWSMobileClient()
2019-04-03 09:12:24.173 19887-19887/com.buntingsoftware.modlist D/MainActivity: initializeAWSMobileClient() AWSMobileClient.getInstance().initialize() : calling...: appInitDone=false
2019-04-03 09:12:24.278 19887-19887/com.buntingsoftware.modlist D/ViewRootImpl@d76f698[MainActivity]: ThreadedRenderer.create() translucent=false
2019-04-03 09:12:24.293 19887-20078/com.buntingsoftware.modlist D/AWSMobileClient: Using the SignInProviderConfig from `awsconfiguration.json`.
2019-04-03 09:12:24.293 19887-20078/com.buntingsoftware.modlist D/AWSMobileClient: CognitoUserPool not found in `awsconfiguration.json`
2019-04-03 09:12:24.293 19887-20078/com.buntingsoftware.modlist D/AWSMobileClient: FacebookSignIn not found in `awsconfiguration.json`
2019-04-03 09:12:24.293 19887-20078/com.buntingsoftware.modlist D/AWSMobileClient: GoogleSignIn not found in `awsconfiguration.json`
2019-04-03 09:12:24.299 19887-19887/com.buntingsoftware.modlist D/ViewRootImpl@d76f698[MainActivity]: setView = DecorView@62eaad6[MainActivity] touchMode=true
2019-04-03 09:12:24.500 19887-20078/com.buntingsoftware.modlist D/AWSMobileClient: getHostedUIJSON: Failed to read config
java.lang.NullPointerException: Attempt to invoke virtual method 'org.json.JSONObject com.amazonaws.mobile.config.AWSConfiguration.optJsonObject(java.lang.String)' on a null object reference
at com.amazonaws.mobile.client.AWSMobileClient.getHostedUIJSONFromJSON(AWSMobileClient.java:632)
at com.amazonaws.mobile.client.AWSMobileClient.getHostedUIJSON(AWSMobileClient.java:647)
at com.amazonaws.mobile.client.AWSMobileClient$2.run(AWSMobileClient.java:568)
at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
at java.lang.Thread.run(Thread.java:761)
Then, the initialize returns SIGNED_OUT so the app calls AWSMobileClient.getInstance().showSignIn followed by unauthorized exceptions.
2019-04-03 09:12:24.501 19887-20078/com.buntingsoftware.modlist D/AWSMobileClient: Inspecting user state details
2019-04-03 09:12:24.501 19887-20078/com.buntingsoftware.modlist D/MainActivity: initializeAWSMobileClient() AWSMobileClient.getInstance().initialize() : userState: SIGNED_OUT
2019-04-03 09:12:24.502 19887-20078/com.buntingsoftware.modlist D/MainActivity: registerUserStateListener() called.
2019-04-03 09:12:24.503 19887-20078/com.buntingsoftware.modlist D/MainActivity: initializeAWSMobileClient() AWSMobileClient.getInstance().initialize(): userState: signed out!
2019-04-03 09:12:24.505 19887-20088/com.buntingsoftware.modlist D/MainActivity: onUserStateChanged() userState() SIGNED_OUT
2019-04-03 09:12:24.505 19887-20088/com.buntingsoftware.modlist D/MainActivity: showSignIn()
2019-04-03 09:12:24.729 19887-20115/com.buntingsoftware.modlist D/AWSMobileClient: Inspecting user state details
2019-04-03 09:12:24.778 19887-20115/com.buntingsoftware.modlist D/AWSMobileClient: Retrieving the client instance for class: class com.amazonaws.mobile.auth.ui.SignInUI
2019-04-03 09:12:24.781 19887-20115/com.buntingsoftware.modlist D/AWSMobileClient: Created the new client: com.amazonaws.mobile.auth.ui.SignInUI@c42e440
2019-04-03 09:12:25.155 19887-19887/com.buntingsoftware.modlist D/ViewRootImpl@d76f698[MainActivity]: MSG_WINDOW_FOCUS_CHANGED 0
2019-04-03 09:12:25.392 19887-20003/com.buntingsoftware.modlist D/FA: Logging event (FE): user_engagement(_e), Bundle[{firebase_event_origin(_o)=auto, engagement_time_msec(_et)=1238, firebase_screen_class(_sc)=MainActivity, firebase_screen_id(_si)=2630582811840258657}]
2019-04-03 09:12:25.580 19887-20003/com.buntingsoftware.modlist D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_previous_class(_pc)=MainActivity, firebase_previous_id(_pi)=2630582811840258657, firebase_screen_class(_sc)=SignInActivity, firebase_screen_id(_si)=2630582811840258658}]
2019-04-03 09:12:25.898 19887-19887/com.buntingsoftware.modlist D/ViewRootImpl@d76f698[MainActivity]: mHardwareRenderer.destroy()#1
2019-04-03 09:12:25.902 19887-19887/com.buntingsoftware.modlist D/ViewRootImpl@d76f698[MainActivity]: Relayout returned: oldFrame=[0,0][720,1280] newFrame=[0,0][720,1280] result=0x5 surface={isValid=false 0} surfaceGenerationChanged=true
2019-04-03 09:12:26.272 19887-19887/com.buntingsoftware.modlist D/MainActivity: onSaveInstanceState() mBio is null
2019-04-03 09:12:26.274 19887-19887/com.buntingsoftware.modlist D/MainActivity: onStop()
2019-04-03 09:12:26.402 19887-20258/com.buntingsoftware.modlist D/AWSMobileClient: Inspecting user state details
2019-04-03 09:12:26.403 19887-20258/com.buntingsoftware.modlist D/AWSMobileClient: waitForSignIn: userState:SIGNED_OUT
2019-04-03 09:12:26.408 19887-19887/com.buntingsoftware.modlist D/MainActivity: Pinpoint: stop session and submit events.
2019-04-03 09:12:26.434 19887-20261/com.buntingsoftware.modlist D/AWSMobileClient: Inspecting user state details
2019-04-03 09:12:26.435 19887-20261/com.buntingsoftware.modlist D/AWSMobileClient: waitForSignIn: userState:SIGNED_OUT
2019-04-03 09:12:26.680 19887-20258/com.buntingsoftware.modlist E/CognitoCachingCredentialsProvider: Failure to get credentials
com.amazonaws.services.cognitoidentity.model.NotAuthorizedException: Unauthenticated access is not supported for this identity pool. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: NotAuthorizedException; Request ID: 1efba8d6-5612-11e9-a5dd-13153c2e1ce7)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:1658)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getId(AmazonCognitoIdentityClient.java:739)
at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.getIdentityId(AWSAbstractCognitoIdentityProvider.java:172)
at com.amazonaws.mobile.client.AWSMobileClientCognitoIdentityProvider.refresh(AWSMobileClient.java:3541)
at com.amazonaws.auth.CognitoCredentialsProvider.startSession(CognitoCredentialsProvider.java:678)
at com.amazonaws.auth.CognitoCredentialsProvider.getCredentials(CognitoCredentialsProvider.java:465)
at com.amazonaws.auth.CognitoCachingCredentialsProvider.getCredentials(CognitoCachingCredentialsProvider.java:481)
at com.amazonaws.mobile.client.AWSMobileClient.getCredentials(AWSMobileClient.java:363)
at com.amazonaws.services.pinpoint.AmazonPinpointClient.invoke(AmazonPinpointClient.java:4024)
at com.amazonaws.services.pinpoint.AmazonPinpointClient.updateEndpoint(AmazonPinpointClient.java:3731)
at com.amazonaws.mobileconnectors.pinpoint.targeting.TargetingClient$1.run(TargetingClient.java:198)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607)
at java.lang.Thread.run(Thread.java:761)
Hi @BillBunting ,
I found the bug, stay tuned for a fix.
minbi
on 3 Apr 2019
@minbi , I found a bug too - I bet it is the same one.
line 3171 AWSMobileClient.java
private boolean isConfigurationKeyPresent(final String configurationKey) uses this.awsConfiguration before it has been set causing registerConfigSignInProviders() to not add the sign in providers.
possible solution : set AWSMobileClient.this.awsConfiguration = awsConfiguration; sooner and before the call to identityManager.addSignInStateChangeListener(new SignInStateChangeListener() in _initialize OR pass the awsConfiguration to isConfigurationKeyPresent so it will not use this.awsConfiguration.
BillBunting
on 3 Apr 2019
Please see if SDK release 2.13.0 fixes this issue for you.
minbi
on 3 Apr 2019
@minbi , I started testing 2.13.0. At least one of the two issues remains a problem. If a Google user is signed in, then signs out and back in again, errors are generated as follows when the activity resumes after the Google button is selected.
I am testing the token timeout (1 hour) now also.
CognitoCachingCredentialsProvider: Failure to get credentials
com.amazonaws.services.cognitoidentity.model.NotAuthorizedException: Unauthenticated access is not supported for this identity pool. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: NotAuthorizedException; Request ID: f8abb502-5647-11e9-88f1-111427ea4e36)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
Logging
2019-04-03 15:37:55.027 4174-4174/com.buntingsoftware.modlist D/MainActivity: onCreate(): savedInstanceState: null
2019-04-03 15:37:55.030 4174-4174/com.buntingsoftware.modlist D/MainActivity: onStart()
2019-04-03 15:37:55.032 4174-4174/com.buntingsoftware.modlist D/MainActivity: onResume()
2019-04-03 15:37:55.032 4174-4174/com.buntingsoftware.modlist D/MainActivity: onResume() with mBio: null
2019-04-03 15:37:55.034 4174-4174/com.buntingsoftware.modlist D/MainActivity: onResume(): calling initializeAWSMobileClient()
2019-04-03 15:37:55.034 4174-4174/com.buntingsoftware.modlist D/MainActivity: initializeAWSMobileClient() AWSMobileClient.getInstance().initialize() : calling...: appInitDone=false
2019-04-03 15:37:55.034 4174-4761/com.buntingsoftware.modlist D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_previous_class(_pc)=SignInActivity, firebase_previous_id(_pi)=8326260297624472475, firebase_screen_class(_sc)=MainActivity, firebase_screen_id(_si)=8326260297624472477}]
2019-04-03 15:37:55.042 4174-4174/com.buntingsoftware.modlist D/ViewRootImpl@5160824[MainActivity]: ThreadedRenderer.create() translucent=false
2019-04-03 15:37:55.045 4174-4174/com.buntingsoftware.modlist D/ViewRootImpl@5160824[MainActivity]: setView = DecorView@b49f8d[MainActivity] touchMode=true
2019-04-03 15:37:55.047 4174-4174/com.buntingsoftware.modlist D/ViewRootImpl@5160824[MainActivity]: dispatchAttachedToWindow
2019-04-03 15:37:55.060 4174-4773/com.buntingsoftware.modlist D/AWSMobileClient: Inspecting user state details
2019-04-03 15:37:55.060 4174-4773/com.buntingsoftware.modlist D/MainActivity: initializeAWSMobileClient() AWSMobileClient.getInstance().initialize() : userState: SIGNED_IN
2019-04-03 15:37:55.060 4174-4773/com.buntingsoftware.modlist D/MainActivity: registerUserStateListener() called.
2019-04-03 15:37:55.060 4174-4773/com.buntingsoftware.modlist D/MainActivity: initializeAWSMobileClient() AWSMobileClient.getInstance().initialize(): userState: logged in!
2019-04-03 15:37:55.060 4174-4773/com.buntingsoftware.modlist D/MainActivity: initializeAndLoadData()
2019-04-03 15:37:55.073 4174-4174/com.buntingsoftware.modlist D/ViewRootImpl@5160824[MainActivity]: Relayout returned: oldFrame=[0,0][0,0] newFrame=[0,0][720,1280] result=0x27 surface={isValid=true 547856171520} surfaceGenerationChanged=true
2019-04-03 15:37:55.073 4174-4174/com.buntingsoftware.modlist D/ViewRootImpl@5160824[MainActivity]: mHardwareRenderer.initialize() mSurface={isValid=true 547856171520} hwInitialized=true
2019-04-03 15:37:55.083 4174-4174/com.buntingsoftware.modlist D/ViewRootImpl@5160824[MainActivity]: MSG_RESIZED_REPORT: ci=Rect(0, 48 - 0, 0) vi=Rect(0, 48 - 0, 0) or=1
2019-04-03 15:37:55.083 4174-4174/com.buntingsoftware.modlist D/ViewRootImpl@5160824[MainActivity]: MSG_WINDOW_FOCUS_CHANGED 1
2019-04-03 15:37:55.083 4174-4174/com.buntingsoftware.modlist D/ViewRootImpl@5160824[MainActivity]: mHardwareRenderer.initializeIfNeeded()#2 mSurface={isValid=true 547856171520}
2019-04-03 15:37:55.173 4174-4771/com.buntingsoftware.modlist E/CognitoCachingCredentialsProvider: Failure to get credentials
com.amazonaws.services.cognitoidentity.model.NotAuthorizedException: Unauthenticated access is not supported for this identity pool. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: NotAuthorizedException; Request ID: f8abb502-5647-11e9-88f1-111427ea4e36)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.invoke(AmazonCognitoIdentityClient.java:1658)
at com.amazonaws.services.cognitoidentity.AmazonCognitoIdentityClient.getId(AmazonCognitoIdentityClient.java:739)
at com.amazonaws.auth.AWSAbstractCognitoIdentityProvider.getIdentityId(AWSAbstractCognitoIdentityProvider.java:172)
at com.amazonaws.mobile.client.AWSMobileClientCognitoIdentityProvider.refresh(AWSMobileClient.java:3565)
at com.amazonaws.auth.CognitoCredentialsProvider.startSession(CognitoCredentialsProvider.java:678)
at com.amazonaws.auth.CognitoCredentialsProvider.getCredentials(CognitoCredentialsProvider.java:465)
at com.amazonaws.auth.CognitoCachingCredentialsProvider.getCredentials(CognitoCachingCredentialsProvider.java:481)
at com.amazonaws.mobile.client.AWSMobileClient.getUserStateDetails(AWSMobileClient.java:990)
at com.amazonaws.mobile.client.AWSMobileClient$2$1$1.onResult(AWSMobileClient.java:497)
at com.amazonaws.mobile.client.AWSMobileClient$2$1$1.onResult(AWSMobileClient.java:493)
at com.amazonaws.mobile.client.internal.InternalCallback.call(InternalCallback.java:75)
at com.amazonaws.mobile.client.internal.InternalCallback.onResult(InternalCallback.java:62)
at com.amazonaws.mobile.client.AWSMobileClient$7.run(AWSMobileClient.java:1437)
at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
at java.lang.Thread.run(Thread.java:761)
@minbi , 2.13.0 has not resolved the problem. The app performs the same; after 1 hour, the token fails to federate Google sign-in, the sign-in dialog appears, the app main activity resumes, the sign-in onResult returns SIGNED_IN, app calls AWSMobileClient.getInstance().getAWSCredentials(new Callback
Stacktrace and code
2019-04-03 16:56:56.383 4855-7569/? I/AWSMobileClient: Token was refreshed using drop-in UI internal mechanism
2019-04-03 16:56:56.383 4855-7569/? D/AWSMobileClient: hasFederatedToken: true provider: accounts.google.com
2019-04-03 16:56:56.383 4855-7569/? D/AWSMobileClient: getUserStateDetails: token already federated just fetch credentials
2019-04-03 16:56:56.383 4855-7569/? D/MainActivity: showSignIn() onResult() result: userState: SIGNED_IN
2019-04-03 16:56:56.383 4855-7569/? D/MainActivity: showSignIn() callback: SIGNED_IN logged in!
2019-04-03 16:56:56.383 4855-7569/? D/MainActivity: initializeAndLoadData()
2019-04-03 16:56:56.384 4855-7569/? D/AWSMobileClient: run: showSignIn completed
2019-04-03 16:57:01.078 4855-7642/? V/FA: Inactivity, disconnecting from the service
2019-04-03 16:57:05.962 4855-4855/? D/Graph: removeVertex() : insertDummyVertex, because there is no ancestor.
2019-04-03 16:57:05.963 4855-4855/? D/ViewRootImpl@a7118b[SignInActivity]: mHardwareRenderer.destroy()#4
2019-04-03 16:57:05.963 4855-4855/? D/ViewRootImpl@a7118b[SignInActivity]: dispatchDetachedFromWindow
2019-04-03 16:57:05.967 4855-4855/? D/InputTransport: Input channel destroyed: fd=103
@Override
protected void onResume() {
super.onResume();
Log.d(TAG, "onResume()");
if (mBio != null && appInitDone) {
Log.d(TAG, "onResume(): mBio exists and appInitDone is true.");
} else if (mBio == null && appInitDone) {
Log.e(TAG, "onResume(): mBio null and appInitDone is true.");
initializeAndLoadData();
} else {
Log.d(TAG, "onResume(): calling initializeAWSMobileClient()");
initializeAWSMobileClient();
}
}
private void registerUserStateListener() {
Log.d(TAG, "registerUserStateListener() called.");
UserStateListener listener = ((ModListApplication) getApplication()).userStateListener;
if ( listener != null ) {
AWSMobileClient.getInstance().removeUserStateListener(listener);
listener = null;
}
listener = new UserStateListener() {
@Override
public void onUserStateChanged(UserStateDetails userStateDetails) {
Log.d(TAG, "onUserStateChanged() userState() " + userStateDetails.getUserState());
switch (userStateDetails.getUserState()){
case SIGNED_IN:
Log.i("onUserStateChanged", "SIGNED_IN: ");
initializeAndLoadData();
break;
case SIGNED_OUT:
Log.i("onUserStateChanged", "SIGNED_OUT:");
showSignIn();
break;
case SIGNED_OUT_USER_POOLS_TOKENS_INVALID:
Log.i("onUserStateChanged", "SIGNED_OUT_USER_POOLS_TOKENS_INVALID: need to login again.");
showSignIn();
break;
case SIGNED_OUT_FEDERATED_TOKENS_INVALID:
Log.i("onUserStateChanged", "SIGNED_OUT_FEDERATED_TOKENS_INVALID: need to login again.");
showSignIn();
break;
case GUEST:
Log.i("onUserStateChanged", "GUEST.");
showSignIn();
break;
default:
Log.i("onUserStateChanged", "unsupported, default.");
showSignIn();
break;
}
}
};
AWSMobileClient.getInstance().addUserStateListener(listener);
((ModListApplication) getApplication()).userStateListener = listener;
}
private void initializeAWSMobileClient() {
Log.d(TAG, "initializeAWSMobileClient() AWSMobileClient.getInstance().initialize() : calling...: appInitDone=" + appInitDone);
if (appInitDone == true) {
Log.d(TAG, "initializeAWSMobileClient() called when appInitDone true. Do nothing and return");
return;
}
AWSMobileClient.getInstance().initialize(this, new Callback<UserStateDetails>() {
@Override
public void onResult(UserStateDetails userStateDetails) {
Log.d(TAG, "initializeAWSMobileClient() AWSMobileClient.getInstance().initialize() : userState: " + userStateDetails.getUserState());
AWSHelper.initialize(MainActivity.this);
registerUserStateListener();
appInitDone = true;
switch (userStateDetails.getUserState()) {
case SIGNED_IN:
Log.d(TAG, "initializeAWSMobileClient() AWSMobileClient.getInstance().initialize(): userState: logged in!");
initializeAndLoadData(); // When mBio was saved with instance state but appInitDone false, state listener will not be called.
break;
case SIGNED_OUT:
Log.d(TAG, "initializeAWSMobileClient() AWSMobileClient.getInstance().initialize(): userState: signed out!");
//showSignIn();
break;
default:
Log.e(TAG, "initializeAWSMobileClient() AWSMobileClient.getInstance().initialize(): userState: case default!");
//showSignIn();
break;
}
}
@Override
public void onError(Exception e) {
Log.e(TAG, "AWSMobileClient.getInstance().initialize() : Initialization error.", e);
appInitDone = false;
//autoModListSignOut();
}
}
);
}
private void showSignIn() {
Log.d(TAG, "showSignIn()");
runOnUiThread(new Runnable() {
@Override
public void run() {
AWSMobileClient.getInstance().showSignIn(
MainActivity.this,
SignInUIOptions.builder()
.nextActivity(MainActivity.class)
.logo(R.drawable.ic_modlist_aws_signin_icon)
.backgroundColor(Color.parseColor("#7FA7BC"))
.canCancel(false)
.build(),
new Callback<UserStateDetails>() {
@Override
public void onResult(UserStateDetails result) {
Log.d(TAG, "showSignIn() onResult() result: userState: " + result.getUserState());
switch (result.getUserState()) {
case SIGNED_IN:
Log.d(TAG, "showSignIn() callback: SIGNED_IN logged in!");
initializeAndLoadData();
break;
case SIGNED_OUT:
Log.d(TAG, "showSignIn() callback onResult: SIGNED_OUT ");
//showSignIn();
break;
case SIGNED_OUT_FEDERATED_TOKENS_INVALID:
Log.d(TAG, "showSignIn() callback onResult: SIGNED_OUT_FEDERATED_TOKENS_INVALID");
//showSignIn();
break;
case SIGNED_OUT_USER_POOLS_TOKENS_INVALID:
Log.d(TAG, "showSignIn() callback onResult: SIGNED_OUT_USER_POOLS_TOKENS_INVALID");
//showSignIn();
break;
case GUEST:
Log.d(TAG, "showSignIn() callback onResult: GUEST");
//showSignIn();
break;
case UNKNOWN:
Log.d(TAG, "showSignIn() callback onResult: UNKNOWN");
//showSignIn();
break;
default:
Log.d(TAG, "showSignIn() callback onResult: default; Should not be possible.");
//showSignIn();
break;
}
}
@Override
public void onError(Exception e) {
Log.e(TAG, "showSignIn().onError: ", e);
// If this is ever called when the user is already signed in, need to load the data.
// But, for other errors, best to just start over and call initializeAWSMobileClient
// initializeAndLoadData();
}
}
);
}});
}
volatile boolean initializeAndLoadDataActive = false;
private void initializeAndLoadData() {
Log.d(TAG, "initializeAndLoadData()");
if (initializeAndLoadDataActive == true) {
Log.e(TAG, "initializeAndLoadData() called when already in progress. return.");
return;
}
initializeAndLoadDataActive = true;
AWSMobileClient.getInstance().getAWSCredentials(new Callback<AWSCredentials>() {
@Override
public void onResult(AWSCredentials result) {
Log.d(TAG, "initializeAndLoadData() success getting AWSCredentials: continue to load data.");
Log.d(TAG, "initializeAndLoadData() Workaround to force getIdentityId to fetch the id from credentials, access key : " + result.getAWSAccessKeyId());
Log.d(TAG, "initializeAndLoadData(): called for userId: " + AWSMobileClient.getInstance().getIdentityId());
if (AWSMobileClient.getInstance().getIdentityId() == null) {
Log.e(TAG, "initializeAndLoadData: No userId ! ");
initializeAndLoadDataActive = false;
return;
}
Log.d(TAG, "initializeAndLoadData() : Start LoadDataTask() to initialize app data.");
mGetUserInfoTask = new GetUserInfoTask();
mGetUserInfoTask.execute();
if (modCategories == null) getModCategories();
initializeAndLoadDataActive = false;
}
@Override
public void onError(Exception e) {
Log.e(TAG, "initializeAndLoadData() failed to get AWSCredentials: " + e.getLocalizedMessage());
initializeAndLoadDataActive = false;
// showSignIn();
}
});
}
@BillBunting , Thanks for the verification. I have a fix for the Google sign-in, sign-out, sign-in again problem. Still looking at the refresh issue.
minbi
on 4 Apr 2019
@BillBunting , This issue should have been fixed in the 2.13.1 release as well. Please let us know if it persists.
minbi
on 8 Apr 2019
@minbi - appears to be fixed. Thank you.
BillBunting
on 8 Apr 2019
Was this page helpful?
0 / 5 - 0 ratings
Related issues
yairkukielka
路
3Comments
shabana0508
路
3Comments
amadeu01
路
3Comments
mbk820
路
4Comments
HayTran94
路
4Comments