Aws-sdk-android: Authentication by Cognito Hosted UI can not get token if my app killed

Created on 9 Apr 2019 · 13Comments · Source: aws-amplify/aws-sdk-android

Describe the bug
I am using Hosted UI AWSMobileClient.getInstance().showSignIn API to authenticate my users. I can not get user token if my app killed.

To Reproduce
Login by AWSMobileClient.getInstance().showSignIn API, the app can get token, identityId and userState is SIGNED_IN.
Kill the app and open again, the app can not get token (no callback return), but it still can get identityId and userState is SIGNED_IN. Even the app call getTokens many times, but no callback invoked. However, if I invoke signOut API, the onError callback of getTokens will be invoked with java.lang.Exception: getTokens does not support retrieving tokens while signed-out.

Which AWS service(s) are affected?
AWSMobileClient

Expected behavior
The app can get user access token as long as user session is valid (refresh token is valid) even if the app killed.

Screenshots
The following logs show logs after invoke getTokens and getIdentityId. As you can see, no getTokens callback return, but getIdentityId return a valid Id.

Click me to see logs

2019-04-09 12:28:12.603 21157-21174/com.abc.abc D/AWSMobileClient: Inspecting user state details
2019-04-09 12:28:12.605 21157-21174/com.abc.abc I/SplashScreenActivity: Result: SIGNED_IN
2019-04-09 12:28:16.254 21157-21208/com.abc.abc D/AWSMobileClient: Inspecting user state details
2019-04-09 12:28:16.364 21157-21208/com.abc.abc W/AWSMobileClient: Tokens are invalid, please sign-in again.
    java.lang.NullPointerException: Attempt to invoke virtual method 'void com.amazonaws.mobileconnectors.cognitoauth.Auth.setAuthHandler(com.amazonaws.mobileconnectors.cognitoauth.handlers.AuthHandler)' on a null object reference
        at com.amazonaws.mobile.client.AWSMobileClient$8.run(AWSMobileClient.java:1555)
        at com.amazonaws.mobile.client.internal.InternalCallback.await(InternalCallback.java:115)
        at com.amazonaws.mobile.client.AWSMobileClient.getTokens(AWSMobileClient.java:1517)
        at com.amazonaws.mobile.client.AWSMobileClient.getUserStateDetails(AWSMobileClient.java:1011)
        at com.amazonaws.mobile.client.AWSMobileClient.waitForSignIn(AWSMobileClient.java:904)
        at com.amazonaws.mobile.client.AWSMobileClient$8.run(AWSMobileClient.java:1533)
        at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
        at java.lang.Thread.run(Thread.java:764)
2019-04-09 12:28:16.364 21157-21208/com.abc.abc D/AWSMobileClient: waitForSignIn: userState:SIGNED_OUT_USER_POOLS_TOKENS_INVALID
2019-04-09 12:28:18.139 21157-21157/com.abc.abc D/MainActivity: getIdentity: ap-southeast-1:e65b4819-078b-495c-8041-73fe0e0d7bd1

If I try to call getTokens 5 times, then invoke signOut API, the onError callback of getTokens will be invoked 5 times.

Click me to see logs

2019-04-09 12:29:12.541 21157-21157/com.abc.abc D/CognitoCachingCredentialsProvider: Clearing credentials from SharedPreferences
2019-04-09 12:29:12.544 21157-21157/com.abc.abc D/CognitoCachingCredentialsProvider: Identity id is changed
2019-04-09 12:29:12.544 21157-21157/com.abc.abc D/CognitoCachingCredentialsProvider: Saving identity id to SharedPreferences
2019-04-09 12:29:12.545 21157-21157/com.abc.abc D/CognitoCachingCredentialsProvider: Clearing credentials from SharedPreferences
2019-04-09 12:29:12.547 21157-21157/com.abc.abc D/IdentityManager: Signing out...
2019-04-09 12:29:12.581 21157-21157/com.abc.abc D/AWSMobileClient: Inspecting user state details
2019-04-09 12:29:12.585 21157-21208/com.abc.abc D/AWSMobileClient: Inspecting user state details
2019-04-09 12:29:12.587 21157-21208/com.abc.abc E/MainActivity: onError: java.lang.Exception: getTokens does not support retrieving tokens while signed-out
2019-04-09 12:29:12.588 21157-21254/com.abc.abc D/AWSMobileClient: Inspecting user state details
2019-04-09 12:29:12.590 21157-21254/com.abc.abc D/AWSMobileClient: waitForSignIn: userState:SIGNED_OUT
2019-04-09 12:29:12.590 21157-21254/com.abc.abc E/MainActivity: onError: java.lang.Exception: getTokens does not support retrieving tokens while signed-out
2019-04-09 12:29:12.591 21157-21260/com.abc.abc D/AWSMobileClient: Inspecting user state details
2019-04-09 12:29:12.593 21157-21260/com.abc.abc D/AWSMobileClient: waitForSignIn: userState:SIGNED_OUT
2019-04-09 12:29:12.594 21157-21260/com.abc.abc E/MainActivity: onError: java.lang.Exception: getTokens does not support retrieving tokens while signed-out
2019-04-09 12:29:12.594 21157-21267/com.abc.abc D/AWSMobileClient: Inspecting user state details
2019-04-09 12:29:12.600 21157-21267/com.abc.abc D/AWSMobileClient: waitForSignIn: userState:SIGNED_OUT
2019-04-09 12:29:12.600 21157-21267/com.abc.abc E/MainActivity: onError: java.lang.Exception: getTokens does not support retrieving tokens while signed-out
2019-04-09 12:29:12.601 21157-21274/com.abc.abc D/AWSMobileClient: Inspecting user state details
2019-04-09 12:29:12.603 21157-21274/com.abc.abc D/AWSMobileClient: waitForSignIn: userState:SIGNED_OUT
2019-04-09 12:29:12.604 21157-21274/com.abc.abc E/MainActivity: onError: java.lang.Exception: getTokens does not support retrieving tokens while signed-out

Environment Information (please complete the following information):

AWS Android SDK Version: 2.13.1
Device: Nexus 5X
Android Version: 8.1.0

Additional context
I realized that every time the app initialize AWSMobileClient at the start up time, it print stack trace like the following logs.

2019-04-09 12:24:02.347 20262-20283/com.abc.abc D/AWSMobileClient: getHostedUIJSON: Failed to read config
    java.lang.NullPointerException: Attempt to invoke virtual method 'org.json.JSONObject com.amazonaws.mobile.config.AWSConfiguration.optJsonObject(java.lang.String)' on a null object reference
        at com.amazonaws.mobile.client.AWSMobileClient.getHostedUIJSONFromJSON(AWSMobileClient.java:636)
        at com.amazonaws.mobile.client.AWSMobileClient.getHostedUIJSON(AWSMobileClient.java:655)
        at com.amazonaws.mobile.client.AWSMobileClient$2.run(AWSMobileClient.java:569)
        at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
        at java.lang.Thread.run(Thread.java:764)

AWSMobileClient Bug Needs Info from Requester

Source

HayTran94

👍4

Most helpful comment

I am working on this issue and will have an update when the fix is released. Thank you for the patience.

kvasukib on 16 Aug 2019

👍3

All 13 comments

Is there any update. I have faced the same problem.

mdaslamHossin on 11 May 2019

I also have this issue, my understanding is that tokens shouldn't be removed by simply killing the app. Even if they were, surely this kind of error should result in the correct user state event being raised so it can be handled?

arcturial on 21 May 2019

I also have this issue.

nguyenxuantruong on 27 Jul 2019

sylvarant on 28 Jul 2019

JesusMartinAlonso on 16 Aug 2019

I am working on this issue and will have an update when the fix is released. Thank you for the patience.

kvasukib on 16 Aug 2019

👍3

The HostedUI (CognitoAuth) object has a lifecycle that starts from showSignIn and ends at signOut. However when getTokens() is called after initialize, the hostedUI object is null.

There are two objects for hostedUI (one through awsconfiguration.json and other through code). The AWSMobileClient.initialize always constructs hostedUI through awsconfiguration.json and does not construct the hostedUi object through code.

We are looking into a fix where we could construct one object for hostedUI during initialize which reads off the awsconfiguration.json and is useful for getTokens to work. When showSignIn is called, the same hostedUI object will be mutated to work for a signIn operation. The signOut method should not deallocate the hostedUI object.

I am working on the fix and testing for HostedUI through AWSMobileClient.

kvasukib on 19 Aug 2019

👍2

any idea when this fix will be released? This particular bug is a killer for our application.

Thanks!