Aws-sdk-android: Enable custom auth flow on demand

Created on 25 Feb 2020 · 8Comments · Source: aws-amplify/aws-sdk-android

State your question
Our default configuration in the config file is set to use OAuth, we use this to handle most of the authentication flows on our app, however we provide a password less flow that needs to be handled using custom auth. The problem is that if I initialise the client with custom auth flows enabled, regular OAuth flows won't work and if I initialise the client with out custom auth our password less flow always triggers and exception:

NoAuthorizedException: Incorrect username or password

My question then is: is possible to enable/disable custom auth flow on demand and if so, how? Or re-initialise the client so it will load the desired config?

Which AWS Services are you utilizing?
Cognito User Pools through the AWSMobileClient

Device Information (please complete the following information):

Device: Pixel 3
Android Version: Android 10
Specific to simulators: No

Environment (please complete the following information):
SDK Version: 2.16.7

AWSMobileClient Cognito Usage Question

Source

cyn-ph

Most helpful comment

Yes, and that is what we are doing at the moment (initialise the client depending on the flow) but there is a case that is giving us trouble:

User try to use social log in (we are using hosted UI to present) the UI before showing the hosted UI I need to initialise with OAuth
Our data suggests that people decide not to continue with this option and right after try to use the password less flow (which requieres Custom Auth)
At this point we are not able to re-initialise to be able to use Custom Auth unless the user kills the app

Do you know any work around?

cyn-ph on 28 Mar 2020

👍3

All 8 comments

Is there any update on this one?

cyn-ph on 9 Mar 2020

There is not a way to enable/disable custom auth after initialization and there's currently no way to reinitialize AWSMobileClient while the app is running.

It sounds like you know how to initialize it differently for the different flows on startup, correct? You're just asking if you can change from Oauth to custom during runtime? If so, currently not.

TrekSoft on 20 Mar 2020

Yes, and that is what we are doing at the moment (initialise the client depending on the flow) but there is a case that is giving us trouble:

User try to use social log in (we are using hosted UI to present) the UI before showing the hosted UI I need to initialise with OAuth
Our data suggests that people decide not to continue with this option and right after try to use the password less flow (which requieres Custom Auth)
At this point we are not able to re-initialise to be able to use Custom Auth unless the user kills the app

Do you know any work around?

cyn-ph on 28 Mar 2020

👍3

Yeah sadly not at this time - we are working on an improved auth API at the moment and will consider this issue during the design of that.

TrekSoft on 30 Mar 2020

Hi @TrekSoft, any news on this issue? I know you recently launched the Amplify sdk and I was wondering if this is something you took into consideration there or if new versions of the AWSMobile SDK provides a fix?

cyn-ph on 17 Jun 2020

Hey, yeah the new Amplify Auth category doesn't support this yet but we have an open feature request here to support reconfiguration: https://github.com/aws-amplify/amplify-android/issues/560

TrekSoft on 17 Jun 2020

And will it be only available on Amplify? or will the feature be available on AWS SDK as well?

cyn-ph on 17 Jun 2020

Yeah I don't know of any plan to enable that on AWSMobileClient - just Amplify.

TrekSoft on 22 Jun 2020

Was this page helpful?

0 / 5 - 0 ratings