AWS Amplify Auth v1 to v2 migration fails 5-10% of the time, logs user out

[camhart]

Before opening, please confirm:

• [X] I have searched for duplicate or closed issues and discussions.

Language and Async Model

Java

Amplify Categories

Authentication

Gradle script dependencies

// Put output below this line

implementation 'com.amplifyframework:aws-auth-cognito:2.21.0'

Environment information

# Put output below this line
C:\Users\Cam\projects\project-android>gradlew --version

------------------------------------------------------------
Gradle 8.7
------------------------------------------------------------

Build time:   2024-03-22 15:52:46 UTC
Revision:     650af14d7653aa949fce5e886e685efc9cf97c10

Kotlin:       1.9.22
Groovy:       3.0.17
Ant:          Apache Ant(TM) version 1.10.13 compiled on January 4 2023
JVM:          20.0.2 (Oracle Corporation 20.0.2+9-78)
OS:           Windows 10 10.0 amd64

Please include any relevant guides or documentation you're referencing

No response

Describe the bug

I've updated my Android app to use AWS Amplify V2. I deployed it to beta users, and ~5-10% of them had issues with the data migration. Essentially they ended up logged out of the app after their app updated and migrated from v1 to v2. This shouldn't happen. If I have those customers uninstall/reinstall the android app, and login, everything works moving forward, however this isn't an acceptable solution.

I created a ticket with AWS support and they told me to create a github issue. See case 172444220700816.

Here's an example log output when the app attempts to make API calls but is unable to due to being logged out.

D/ 09-23 15:31:15.551 BackendCallTask( 5715): AUTH fetchAuthSessionRequest D/ 09-23 15:31:16.729 BackendCallTask( 5715): AUTH fetchAuthSessionRequest result, isSignedIn=true D/ 09-23 15:31:16.729 BackendCallTask( 5715): AUTH exception: SessionExpiredException{message=Your session has expired., cause=NotAuthorizedException(message=Invalid Refresh Token.), recoverySuggestion=Please sign in and reattempt the operation.} W/ 09-23 15:31:16.732 System.err( 5715): SessionExpiredException{message=Your session has expired., cause=NotAuthorizedException(message=Invalid Refresh Token.), recoverySuggestion=Please sign in and reattempt the operation.} W/ 09-23 15:31:16.732 System.err( 5715):  at com.amplifyframework.auth.cognito.actions.FetchAuthSessionCognitoActions$refreshUserPoolTokensAction$$inlined$invoke$1.execute(SourceFile:48) W/ 09-23 15:31:16.732 System.err( 5715):  at com.amplifyframework.auth.cognito.actions.FetchAuthSessionCognitoActions$refreshUserPoolTokensAction$$inlined$invoke$1$1.invokeSuspend(Unknown Source:12) W/ 09-23 15:31:16.733 System.err( 5715): Caused by: NotAuthorizedException(message=Invalid Refresh Token.) W/ 09-23 15:31:16.733 System.err( 5715):  at aws.sdk.kotlin.services.cognitoidentityprovider.model.NotAuthorizedException$Builder.a(SourceFile:4) W/ 09-23 15:31:16.733 System.err( 5715):  at aws.sdk.kotlin.services.cognitoidentityprovider.serde.NotAuthorizedExceptionDeserializer.c(SourceFile:27) W/ 09-23 15:31:16.733 System.err( 5715):  at aws.sdk.kotlin.services.cognitoidentityprovider.serde.InitiateAuthOperationDeserializerKt.d(SourceFile:344) W/ 09-23 15:31:16.733 System.err( 5715):  at aws.sdk.kotlin.services.cognitoidentityprovider.serde.InitiateAuthOperationDeserializerKt.b(SourceFile:1) W/ 09-23 15:31:16.733 System.err( 5715):  at aws.sdk.kotlin.services.cognitoidentityprovider.serde.InitiateAuthOperationDeserializer.c(SourceFile:43) W/ 09-23 15:31:16.733 System.err( 5715):  at aws.sdk.kotlin.services.cognitoidentityprovider.serde.InitiateAuthOperationDeserializer.b(SourceFile:1) D/ 09-23 15:31:28.709 BackendCallTask( 5715): AUTH fetchAuthSessionRequest D/ 09-23 15:31:28.963 BackendCallTask( 5715): AUTH fetchAuthSessionRequest result, isSignedIn=true D/ 09-23 15:31:28.963 BackendCallTask( 5715): AUTH exception: SessionExpiredException{message=Your session has expired., cause=NotAuthorizedException(message=Invalid Refresh Token.), recoverySuggestion=Please sign in and reattempt the operation.} W/ 09-23 15:31:28.963 System.err( 5715): SessionExpiredException{message=Your session has expired., cause=NotAuthorizedException(message=Invalid Refresh Token.), recoverySuggestion=Please sign in and reattempt the operation.} W/ 09-23 15:31:28.963 System.err( 5715):  at com.amplifyframework.auth.cognito.actions.FetchAuthSessionCognitoActions$refreshUserPoolTokensAction$$inlined$invoke$1.execute(SourceFile:48) W/ 09-23 15:31:28.963 System.err( 5715):  at com.amplifyframework.auth.cognito.actions.FetchAuthSessionCognitoActions$refreshUserPoolTokensAction$$inlined$invoke$1$1.invokeSuspend(Unknown Source:12) W/ 09-23 15:31:28.963 System.err( 5715): Caused by: NotAuthorizedException(message=Invalid Refresh Token.) W/ 09-23 15:31:28.963 System.err( 5715):  at aws.sdk.kotlin.services.cognitoidentityprovider.model.NotAuthorizedException$Builder.a(SourceFile:4) W/ 09-23 15:31:28.963 System.err( 5715):  at aws.sdk.kotlin.services.cognitoidentityprovider.serde.NotAuthorizedExceptionDeserializer.c(SourceFile:27) W/ 09-23 15:31:28.963 System.err( 5715):  at aws.sdk.kotlin.services.cognitoidentityprovider.serde.InitiateAuthOperationDeserializerKt.d(SourceFile:344) W/ 09-23 15:31:28.963 System.err( 5715):  at aws.sdk.kotlin.services.cognitoidentityprovider.serde.InitiateAuthOperationDeserializerKt.b(SourceFile:1) W/ 09-23 15:31:28.963 System.err( 5715):  at aws.sdk.kotlin.services.cognitoidentityprovider.serde.InitiateAuthOperationDeserializer.c(SourceFile:43) W/ 09-23 15:31:28.963 System.err( 5715):  at aws.sdk.kotlin.services.cognitoidentityprovider.serde.InitiateAuthOperationDeserializer.b(SourceFile:1) D/ 09-23 15:31:3

I'd like to request a feature addition to this library, where the migration creates persistent migration logs that the app developer can request to help troubleshoot issues like this. Also, it'd be able to be able to retry the migration. Right now it seems to destroy all the old v1 data and just assumes everything worked when it doesn't. The migration fails sporadically and I have no clue why, with no recourse for troubleshooting. I have to wait for a customer support ticket complaining about the problem in order to get logs, but they aren't really too helpful as they just show the user was signed out for some reason. I've been using aws amplify auth v1 for several years without any issue keeping users logged in.

Reproduction steps (if applicable)

I've been unable to reproduce the issue myself.

Code Snippet

// Put your code below this line.

Log output

// Put your logs below this line

amplifyconfiguration.json

{ "auth": { "plugins": { "awsCognitoAuthPlugin": { "IdentityManager": { "Default": {} }, "CredentialsProvider": { "CognitoIdentity": { "Default": { "PoolId": "us-west-2:xxxxxxxxxxxx", "Region": "us-west-2" } } }, "CognitoUserPool": { "Default": { "PoolId": "us-west-2_xxxxxxxxx", "AppClientId": "xxxxxxxxx", "AppClientSecret": "xxxxxxxxx", "Region": "us-west-2" } }, "Auth": { "Default": { "OAuth": { "WebDomain": "cognitoauth.xxxxxxxxx.io", "AppClientId": "xxxxxxxx", "AppClientSecret": "xxxxxxxxx", "SignInRedirectURI": "xxxxxxxx://callback/", "SignOutRedirectURI": "xxxxxxxx://signout/", "Scopes": [ "email", "openid", "profile", "aws.cognito.signin.user.admin" ] }, "authenticationFlowType": "USER_SRP_AUTH" } } } } } }

GraphQL Schema

// Put your schema below this line

Additional information and screenshots

One more detail. V1 of the amplify auth library has code that Google Play throws big warnings about and claims it'll stop accepting app updates that use it. Fixing this issue with the v1 -> v2 migration should be a top priority, as continuing to use v1 in the interim isn't an option. I essentially can't update my app unless it's using amplify v2.

[mattcreaser]

Sorry to hear you're having issues @camhart. Can you please confirm that you updated directly to 2.21.1 and did not first try to use an older version of v2? There was a known issue in the migration code that was fixed in version 2.16.1.

Is reinstalling the app the only solution? What about calling Amplify.Auth.fetchAuthSession with options specifying forceRefresh = true?

Are there any obvious similarities between the affected users?

[camhart]

Can you please confirm that you updated directly to 2.21.1 and did not first try to use an older version of v2? There was a known issue in the migration code that was fixed in version 2.16.1.

Yes, we went direct from v1 to v2.21.1.

Is reinstalling the app the only solution? What about calling Amplify.Auth.fetchAuthSession with options specifying forceRefresh = true?

I haven't tried this, but didn't think it would be needed. The SDK is supposed to detect when credentials are expired and handle refreshing them automatically isn't it?

[mattcreaser]

That's correct, it should - I only suggested trying to force refresh the tokens as a way to gather more information about what is going wrong. Another thought is to try catching the exception and invoking signOut.

We will need to investigate this issue to see what's going on - unfortunately it sounds like it will be difficult to reproduce. Any additional details about the affected users would be beneficial.

[camhart]

unfortunately it sounds like it will be difficult to reproduce

Ideally you can add more tools to the library so I can better troubleshoot the issue to provide more info. I'm confident if I release the app to another 1% of my customers, I'll get a few emails about it. But I don't want to do that until there's some ability to troubleshoot. We need some sort of migration record to indicate what happened to the migration and to understand why it failed. I'm not asking for you to solve it immediately. But adding some support for better troubleshooting migration issues seems like a low hanging fruit that moves the needle forward.

[harsh62]

@camhart Can you please share the code snippets so that we can try to reproduce the issue in a local environment.. Snippets of how Auth category is being used from from both V1 and V2 will be really helpful to isolate how we investigate the issue. Please share any other details you think will help us isolate the issue.

[camhart]

@harsh62 I don't have code snippets to share that can reproduce the issue. I've tried multiple times with my entire app to replicate the problem and can't replicate it locally, but it is happening. This is why I'm arguing for better tools to investigate/troubleshoot problems relating to the migration.

Here are all the Amplify method calls I use:

• Amplify.Auth.signIn
• Amplify.Auth.fetchAuthSession
• Amplify.Auth.signUp
• Amplify.Auth.signInWithWebUI
• Amplify.Auth.fetchUserAttributes
• Amplify.Auth.confirmSignUp
• Amplify.Auth.signOut

V1 used the same method calls but adjusted for the api changes between the two. I don't use Amplify for anything else--only Auth.

Please share any other details you think will help us isolate the issue.

My app is a long running background app that stays running 24/7 in the background on the device (it's a parental control app). It automatically launches itself after an app update has occurred.

[harsh62]

Are you able to isolate if the issue is happening with customers using Amplify.Auth.signInWithWebUI compared to Amplify.Auth.signIn? Another follow up to that would be, if your customers are able to use Amplify.Auth.signIn and Amplify.Auth.signInWithWebUI interchangeably? i.e. customer could be using Amplify.Auth.signInWithWebUI in Amplify V1 and decided to use Amplify.Auth.signIn in Amplify V2.

If you could answer this, it would greatly narrow down our reproduction codepath.

[camhart]

Are you able to isolate if the issue is happening with customers using Amplify.Auth.signInWithWebUI compared to Amplify.Auth.signIn?

Not easily. If the problem is happening to customers logged in via one of those calls, it's not happening 100% of the time. I can release the app to another 1% of customers and wait for the support tickets to come in, but I'm really hoping to avoid doing that without having better tools in place to troubleshoot the migration.

Another follow up to that would be, if your customers are able to use Amplify.Auth.signIn and Amplify.Auth.signInWithWebUI interchangeably?

They can use one or the other, but not both. Once logged in one way, we don't give them the option to login again without signing out first.

i.e. customer could be using Amplify.Auth.signInWithWebUI in Amplify V1 and decided to use Amplify.Auth.signIn in Amplify V2.

We don't give customers the ability to logout once the device is setup (there's additional steps they have to take after logging in to set the device up with my app). There's only a very brief window where they can logout where the customer has logged in but not setup the device. Once the device is setup, if they want to logout they need to uninstall/reinstall the app. The customers who've reported the issue to me have all had their device setup fully, so there is no longer an option for them to logout at that point. So, long story short, it's not possible for them to use Amplify.Auth.signIn and then use Amplify.Auth.signInWithWebUI (or vice versa). Does that make sense?

[harsh62]

@camhart This is good information. Another question I have is that has your amplifyconfiguration.json file changed in anyway from Amplify V1 to V2?

From the issues reported, are you able to see if anything common in the affected users, device types, OS versions, manufacturer type, or anything else?

[camhart]

Another question I have is that has your amplifyconfiguration.json file changed in anyway from Amplify V1 to V2?

No it hasn't changed.

From the issues reported, are you able to see if anything common in the affected users, device types, OS versions, manufacturer type, or anything else?

I haven't kept track of this. However, I do recall Samsung being one of the devices and it was on OS version 13. I have multiple samsung test devices though and I haven't been able to replicate the issue on any of them. When I release the app update to more customers, we get reports of customers having issues, but I can guarantee many have the issue but never report it. They'll just cancel their subscription with us or try and resolve it on their own.

[harsh62]

Thanks for providing all the information, one of our engineers will try to reproduce this issue locally by trying out different codepaths.. Will get back to you when we have more updates.

[tylerjroach]

@camhart One more question that would help in our research. Can you post all of the AWS dependencies you are using in Gradle? Ex Amplify as well as any other AWS SDKs.

[camhart]

    implementation 'com.amplifyframework:aws-auth-cognito:2.21.0'
    coreLibraryDesugaring 'com.android.tools:desugar_jdk_libs:2.0.3'

    implementation 'com.amazonaws:aws-android-sdk-apigateway-core:2.16.1'

Those are the only dependencies being used. Let me know if you need anything else!

[tylerjroach]

Api Gateway core is likely pulling in AWS Android SDK MobileClient transitively, which will overwrite Amplify v2 credentials. Please ensure to use a custom credentials provider, such as the one shown on our migration guide. https://docs.amplify.aws/gen1/android/sdk/configuration/amplify-compatibility/#android-sdk-generated-by-api-gateway-aws-android-sdk-apigateway-core

[camhart]

I've replaced the CognitoCredentialsProvider with the AmplifyCredentialsProvider indicated in the article mentioned. I'm still doing some testing but it's functioning as expected so far. I'm not able to do the full test until I release to a new % of production users.

However, I use Api Gateway's auto-generated SDK. Do I need to figure out how to remove com.amazonaws:aws-android-sdk-apigateway-core as a dependency completely? These are classes my app currently uses that come from that library I believe. Here are a few:

import com.amazonaws.AmazonClientException;
import com.amazonaws.mobileconnectors.apigateway.ApiClientException;
import com.amazonaws.mobileconnectors.apigateway.ApiClientFactory;

Edit: Also thanks for the help. Very much appreciated.

[tylerjroach]

That looks ok. As long as you aren't using mobile client, you should not run into any issues.

[camhart]

I've released to another chunk of my users and given it some time. Unfortunately, support emails are coming in indicating it's still a problem.

I'd really prefer we had some option to debug the actual migration and troubleshoot when something goes wrong. What we're doing right now is a painful and expensive way to troubleshoot.

Any ideas what we can try next?

Edit: I've asked my support rep to start tracking device and OS version info with the issue. So far samsung devices on android 14 have reported issues. However, my personal device is a samsung on 14 and it hasn't had any problem.

Edit 2: Pixel 7 had the issue, as well as an LG G8X. I don't know the OS version of these.

Edit 3: I've been going through granting customer credits to everyone of my customers who's been impacted. So far they've all been using our app for 1 year or longer. It doesn't appear to be impacting new customers. This could just be a coincidence, but perhaps the age of the v1 tokens has something to do with it (and maybe that's why I can't replicate the problem).

[tylerjroach]

I apologize if this was already asked elsewhere, but how long do you have refresh tokens set to last in Cognito? Access token's are refreshed with the refresh token, but if a refresh token expires, that sign in is no longer valid. Once the refresh token has expired, a new sign in is necessary. While you may not expose a way for customers to signOut, you may have to handle this scenario internally. For example, if there are legitimate cases of SessionExpiredException{message=Your session has expired., cause=NotAuthorizedException(message=Invalid Refresh Token.) you should sign the user out yourself and prompt them to sign in again.

[camhart]

Refresh tokens are set to expire after 3650 days, or 10 years. There's no chance the tokens are expiring. If this was the cause it wouldn't be happening only when migrating to V2 but would be an ongoing issue (which it isn't).

[camhart]

If it's helpful, I can provide the following info going forward for impacted devices: cognito-idp.us-west-2.amazonaws.com/us-west-2_XXXXXX,cognito-idp.us-west-2.amazonaws.com/us-west-2_XXXXXX:CognitoSignIn:829593e9-633d-4b71-afef-a017ca455d8d

I removed the client Id for privacy reasons. Would prefer to send via AWS support (or some other non public way).

[tylerjroach]

Hi @camhart Could you run this command ./gradlew app:androidDependencies and provide the list of all dependencies containing "aws" or "amplify"?

There appeared to be a pretty clear issue from when we first worked on attempting to fix migrations, and I believe we had solved that. Are you still having about the same failure rate?

We will look through the migration code again to see if we can think of any edge case that the user (especially those signed in for a long period) could be running into.

It may also be useful to provide the code that you use to configure Amplify, and then additionally APIGateway.

Thank you for your patience. We will keep investigating this with you to get to the bottom of the issue.

[camhart]

Here's the output from the gradlew command:

gradlew app:androidDependencies | grep -F aws
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-json-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-xml-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-protocol-core-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-okhttp-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-defaults-jvm:1.2.2@jar
+--- aws.smithy.kotlin:logging-slf4j2-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-json-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-xml-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-form-url-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-json-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-xml-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-protocol-core-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-okhttp-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-defaults-jvm:1.2.2@jar
+--- aws.smithy.kotlin:logging-slf4j2-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-json-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-xml-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-form-url-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-json-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-xml-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-protocol-core-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-okhttp-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-defaults-jvm:1.2.2@jar
+--- aws.smithy.kotlin:logging-slf4j2-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-json-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-xml-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-form-url-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-json-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-xml-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-protocol-core-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-okhttp-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-defaults-jvm:1.2.2@jar
+--- aws.smithy.kotlin:logging-slf4j2-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-json-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-xml-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-form-url-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-json-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-xml-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-protocol-core-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-okhttp-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-defaults-jvm:1.2.2@jar
+--- aws.smithy.kotlin:logging-slf4j2-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-json-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-xml-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-form-url-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-json-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-xml-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-protocol-core-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-okhttp-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-defaults-jvm:1.2.2@jar
+--- aws.smithy.kotlin:logging-slf4j2-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-json-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-xml-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-form-url-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-json-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-xml-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-protocol-core-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-okhttp-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-defaults-jvm:1.2.2@jar
+--- aws.smithy.kotlin:logging-slf4j2-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-json-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-xml-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-form-url-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-json-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-xml-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-protocol-core-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-okhttp-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-defaults-jvm:1.2.2@jar
+--- aws.smithy.kotlin:logging-slf4j2-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-json-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-xml-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-form-url-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-json-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-xml-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-protocol-core-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-okhttp-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-defaults-jvm:1.2.2@jar
+--- aws.smithy.kotlin:logging-slf4j2-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-json-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-xml-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-form-url-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-json-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-xml-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-protocol-core-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-okhttp-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-defaults-jvm:1.2.2@jar
+--- aws.smithy.kotlin:logging-slf4j2-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-json-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-xml-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-form-url-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-json-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-xml-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-protocol-core-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-okhttp-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-defaults-jvm:1.2.2@jar
+--- aws.smithy.kotlin:logging-slf4j2-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-json-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-xml-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-form-url-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar
+--- com.amplifyframework:aws-auth-cognito:2.21.0@aar
+--- com.amplifyframework:aws-auth-plugins-core:2.21.0@aar
+--- com.amplifyframework:aws-core:2.21.0@aar
+--- aws.sdk.kotlin:cognitoidentity-jvm:1.2.8@jar
+--- aws.sdk.kotlin:cognitoidentityprovider-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-config-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-http-jvm:1.2.8@jar
+--- aws.sdk.kotlin:aws-endpoint-jvm:1.2.8@jar
+--- aws.smithy.kotlin:http-auth-aws-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-signing-common-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-credentials-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-json-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-xml-protocols-jvm:1.2.2@jar
+--- aws.smithy.kotlin:aws-protocol-core-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-default-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-engine-okhttp-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-client-jvm:1.2.2@jar
+--- aws.sdk.kotlin:aws-core-jvm:1.2.8@jar
+--- aws.smithy.kotlin:smithy-client-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-auth-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:http-jvm:1.2.2@jar
+--- aws.smithy.kotlin:identity-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-defaults-jvm:1.2.2@jar
+--- aws.smithy.kotlin:logging-slf4j2-jvm:1.2.2@jar
+--- aws.smithy.kotlin:telemetry-api-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-json-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-xml-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-form-url-jvm:1.2.2@jar
+--- aws.smithy.kotlin:serde-jvm:1.2.2@jar
+--- aws.smithy.kotlin:runtime-core-jvm:1.2.2@jar
+--- com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar
+--- com.amazonaws:aws-android-sdk-core:2.16.1@jar

Are you still having about the same failure rate?

My best guess is it's still the same failure rate. I can't tell for sure because I'm not sure how Google Play does subsequent rollouts (do they roll out to the same devices or new ones). I did the earlier releases and ran into issues. I forget what percent of customers I had released to--my guess is 1-3%. With this most recent release, I released On Nov 20th to 1% of customers. Didn't have any reported issues. Increased to 2% on November 26th, no reported issues. I started to get some confidence, so then I released to 3% on Nov 27th, 4% on Dec 3rd, then 6% on Dec 4th. Within the last 2 days we've gotten a bunch of emails regarding the problem. It takes time for the update to hit client devices too.

We will look through the migration code again to see if we can think of any edge case that the user (especially those signed in for a long period) could be running into.

Thank you, I'd very much appreciate this.

It may also be useful to provide the code that you use to configure Amplify, and then additionally APIGateway.

//MyApplication.java (class extends Application)
    @Override
    public void onCreate() {
        super.onCreate();
        AmplifyHelper.init(getApplicationContext());
       //..
       }

//AmplifyHelper.java
    public static void init(Context ac) {
        try {
            Amplify.addPlugin(new AWSCognitoAuthPlugin());
            Amplify.configure(ac);
        } catch(AmplifyException | IllegalStateException e) {
            e.printStackTrace();
        }
    }

ApiGateway is built using the AutoGenerated Api's. Here's the code used for it:

    //The init method below is called after calling Amplify.Auth.fetchAuthSession.  The call to Amplify.Auth.fetchAuthSession is done in a background thread anytime the app is launched).
    public static void init(AmplifyCredentialsProvider credentialsProvider) {
        cognitoCredentialsProvider = credentialsProvider;
        apiClientFactory = new ApiClientFactory();
        apiClientFactory.credentialsProvider(credentialsProvider).region(BuildConfig.AWS_REGION);

        myApplicationClient = apiClientFactory.build(MyApplicationClient.class);
        myApplicationTamperClient = apiClientFactory.build(MyApplicationTamperClient.class);
        myApplicationAccountClient = apiClientFactory.build(MyApplicationAccountClient.class);
        myApplicationImagesClient = apiClientFactory.build(MyApplicationImagesClient.class);
        myApplicationEventsClient = apiClientFactory.build(MyApplicationEventsClient.class);
        myApplicationChargeClient = apiClientFactory.build(MyApplicationChargeClient.class);
    }

Let me know if you need anything else.

[tylerjroach]

What is the purpose of the cognitoCredentialsProvider variable? Is it being used elsewhere?

Do you have device tracking enabled on Cognito side? I'm just trying to think of any additional areas we would need to look into.

With this seemingly being an edge case type of scenario you are running into, please keep us updated if you notice any patterns (ex: sign ins over a year, etc).

[camhart]

What is the purpose of the cognitoCredentialsProvider variable? Is it being used elsewhere?

No it's not. It's left over from the refactor I made previously and can be removed without impacting anything.

Do you have device tracking enabled on Cognito side? I'm just trying to think of any additional areas we would need to look into.

It's likely set to the default. How do I check? I don't believe I intentionally use it in anyway (outside what the SDK would do by default).

With this seemingly being an edge case type of scenario you are running into, please keep us updated if you notice any patterns (ex: sign ins over a year, etc).

So far today the trend has continued to hold true--all impacted devices have been for long term customers of ours created at least a year or more ago. I'm assuming these are all long term logins as a result of that. I don't keep track of the logins though, so I can't tell you for certain. I'll be sure to let you know if I find anything contrary to this trend, but based on the number of customers I've already worked with, I'm 95% confident the trend is going to hold. We have lots of new customers, so it'd be really strange at this point if it doesn't hold.

[tylerjroach]

@camhart What version of Amplify v1 were you using before bumping to v2. I'm slightly concerned about the API Gateway version of 2.16.1. com.amazonaws:aws-android-sdk-apigateway-core:2.16.1@jar transitively pulls in com.amazonaws:aws-android-sdk-core:2.16.1@jar.

v2.16.1 was released on October 2019. The last Amplify v1 release was using v2.73.0 of the AWS SDK, released in 2023. This means com.amazonaws:aws-android-sdk-core:2.73.0@jar would have been transitively pulled in your code. API Gateway would have been best to match this version #. By dropping the Amplify v1 dependency, it is now actually downgrading API Gateway to this 2019 version.

Earlier in this thread you stated

I've replaced the CognitoCredentialsProvider with the AmplifyCredentialsProvider indicated in the article mentioned.

With this type of downgrade, this could have also been a major problem, as it looks like there were some keystore changes that had happened between 2019 and 2023. A CognitoCredentialsProvider from the 2019 may fail to read (and possibly corrupt) a keystore from 2023.

---

With all this said, Amplify v2 attempts to open the old Amplify v1 / AWS SDK credentials, and migrate to the v2 format, without any dependency on the AWS Android SDK to do so. Since you are no longer using CognitoCredentialsProvider, I don't believe AWS Core and AWS Gateway have any codepaths that would attempt to write credentials in the old format (which would interfere with Amplify v2).

Are you sure that these log out reports are from users that were actively using a version with Amplify v1, and upon recently being added to the rollout, begun having refresh token issues with Amplify v2. Is it possible that any of these reports are delayed? We know that the old implementation with CognitoCredentialsProvider (and MobileClient if it was present) would have corrupted the credential storage. Is it possible some of these customers are just now noticing? I know you said this issue was sporadic originally, but given what we know, I would have expected the initial implementation to fail 100% of the time.

[camhart]

I'm eating my words here. We just had a customer report the issue who's account was created on October, 15th 2024. I apologize for the misdirection--age of tokens may not be a factor. I did say 95% confident and not 100% :D.

What version of Amplify v1 were you using before bumping to v2.

implementation 'com.amplifyframework:aws-auth-cognito:1.37.4'

For some reason, Android studio doesn't indicate updates are available for apigateway core (notice the missing highlighting). This is most likely why I haven't been upgrading it.

Are you sure that these log out reports are from users that were actively using a version with Amplify v1, and upon recently being added to the rollout, begun having refresh token issues with Amplify v2

Yes, I'm 100% positive this is the case. I release the update and then emails come in within a few days indicating the app just stopped working. I track the last recorded app version for each of these devices, and they were all working on the prior major release (the one that still used amplify v1). Customers send in screenshots of the page the app gets stuck on, which shows the current app version and it's the one where the amplify v2 upgrade occurred.

Is it possible that any of these reports are delayed?

Not like what I think you're indicating. Delayed 1 or 2 days yes. Delayed for months, no. I go from 0 reports of issues ever to a handful of issues within a few days (it takes time for their device to update the app) once I increase the rollout % via Google Play.

Is it possible some of these customers are just now noticing? I know you said this issue was sporadic originally, but given what we know, I would have expected the initial implementation to fail 100% of the time.

I've tested the implementation many many times myself and it works fine. We have tons of customers using it without issue as is. It's just an estimated 5-10% that run into the problem.

Should I simply upgrade com.amazonaws:aws-android-sdk-apigateway-core to the latest version (2.77.1)? Would that potentially stop transitively calling code and wiping out credentials? How confident are you that it'll fix the problem I'm facing?

I'd still prefer some sort of migration logging and migration retry ability be added to the SDK. I can't help but fear even after upgrading aws-android-sdk-apigateway-core to the latest version that the underlying issue still won't be discovered. Beggars can't be choosers but this is painful. It's damaging our companies relationship with customers and our brand (we're known for being extremely reliable, so this is a direct hit against that). I've proactively granted customers impacted by it credits which will impact revenue. Thankfully it's only 5-10% of the 1% impacted, so it's not the end of the world. But even if I'd handled the rollout perfectly, having to pay the price of rolling out to 1% of customers to try each new iteration of a fix isn't great.

[camhart]

I do want to add--thank you for your help. I'm not trying to be a complainer here, but I do want to pass the pain that I'm feeling along so you have an appropriate understanding of the impact this troubleshooting experience has had.

[tylerjroach]

Hi @camhart, I understand your frustrations. Thank you for quickly answering all of the questions sent your way. I know it has been a lot, but these types of edge cases are always difficult to figure out with lack of logs that highlight the problem. It's especially hard considering our team members, and yourself, have been unable to replicate the failure.

There could be something unique about these 5-10% of users that we haven't yet tracked down (ex: sign in method, device type, device OS, etc). We are continuing to look at any failure paths on our end.

---

Should I simply upgrade com.amazonaws:aws-android-sdk-apigateway-core to the latest version (2.77.1)? Would that potentially stop transitively calling code and wiping out credentials? How confident are you that it'll fix the problem I'm facing?

I don't believe this would directly fix the problem, but it is always best to try and keep up to date with our latest versions. You are using a version of API Gateway that is 5 years old, which means it is missing 5 years of any bug fixes that would have possibly been added along the way. Given that you are confident the issues are happening with each rollout, and CognitoCachingCredentials provider is no longer being used, I do not expect this cause the invalid refresh token error you are seeing.

[camhart]

Sounds good, I'll wait to hear further instruction from you then before trying anything. Getting this fixed is top priority on my end, so I'll respond quickly and as clearly as possible.

[tylerjroach]

@camhart If you wouldn't mind, join our discord channel https://discord.com/invite/amplify and you can reach out to me @tylerjroach. We can dm and set up a screenshare call.