amplify-cli icon indicating copy to clipboard operation
amplify-cli copied to clipboard
verified publisher icon aws-amplify

Imported auth has incomplete username_attributes in frontend config file

Open edwardfoyle opened this issue 1 year ago • 1 comments

How did you install the Amplify CLI?

npm

If applicable, what version of Node.js are you using?

20

Amplify CLI Version

12.12.4

What operating system are you using?

Mac

Did you make any manual changes to the cloud resources managed by Amplify? Please describe the changes made.

N/A

Describe the bug

When importing a Cognito User Pool that contains user attributes as email and phone number, the amplifyconfiguration.json file shows email only:

  "aws_cognito_username_attributes": [
    "EMAIL"
  ],

Expected behavior

Importing auth with email and phone username attributes should include both values in frontend config output.

Reproduction steps

Create Amplify-generated User Pool with user attributes.

amplify init
amplify add auth
a. Ensure that How do you want users to be able to sign in? Email or Phone Number is selected.
amplify push -y

Observe amplifyconfiguration.json as

{
  "aws_project_region": "us-east-1",
  "aws_cognito_region": "us-east-1",
  "aws_user_pools_id": "us-east-1_64iSuUnbm",
  "aws_user_pools_web_client_id": "7ec82dck4mlai0bf43c5dlvupt",
  "oauth": {},
  "aws_cognito_username_attributes": [
    "EMAIL",
    "PHONE_NUMBER"
  ],
  "aws_cognito_social_providers": [],
  "aws_cognito_signup_attributes": [
    "EMAIL"
  ],
  "aws_cognito_mfa_configuration": "OFF",
  "aws_cognito_mfa_types": [
    "SMS"
  ],
  "aws_cognito_password_protection_settings": {
    "passwordPolicyMinLength": 8,
    "passwordPolicyCharacters": []
  },
  "aws_cognito_verification_mechanisms": [
    "EMAIL"
  ]
}

Create another Amplify application with imported User Pool:

amplify init
amplify import auth
a. Use User Pool only (no identiity pool)
Select the Amplify-generated User Pool and client ID from the previous steps.
amplify push -y

Observe amplifyconfiguration.json file

{
  "aws_project_region": "us-east-1",
  "aws_cognito_region": "us-east-1",
  "aws_user_pools_id": "us-east-1_64iSuUnbm",
  "aws_user_pools_web_client_id": "7ec82dck4mlai0bf43c5dlvupt",
  "oauth": {},
  "aws_cognito_username_attributes": [
    "EMAIL"
  ],
  "aws_cognito_social_providers": [],
  "aws_cognito_signup_attributes": [
    "EMAIL"
  ],
  "aws_cognito_mfa_configuration": "OFF",
  "aws_cognito_mfa_types": [],
  "aws_cognito_password_protection_settings": {
    "passwordPolicyMinLength": 8,
    "passwordPolicyCharacters": []
  },
  "aws_cognito_verification_mechanisms": [
    "EMAIL"
  ]
}

Specifically noting that one has aws_cognito_username_attributes as EMAIL and the other has it set as EMAIL, PHONE_NUMBER

Project Identifier

No response

Log output

# Put your logs below this line

Additional information

No response

Before submitting, please confirm:

  • [X] I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.
  • [X] I have removed any sensitive information from my code snippets and submission.

edwardfoyle avatar Jul 11 '24 22:07 edwardfoyle

I was able to work around the issue by creating a post-push script to override the output content.

amplify/hooks/post-push.sh:

tmp=$(mktemp)
jq '.aws_cognito_username_attributes = ["EMAIL", "PHONE_NUMBER"]' src/amplifyconfiguration.json > "$tmp"
mv "$tmp" src/amplifyconfiguration.json

edwardfoyle avatar Jul 12 '24 19:07 edwardfoyle