amplify-flutter
amplify-flutter copied to clipboard
aws-amplify
DataStore sync fails on iOS with OIDC when IAM is specified as an additional provider
Description
When starting the app I get:
Unable to find suitable Auth plugin for syncEngine. Models require auth`
This issue occurs only on iOS, on Android it is working as expected. The API works fine, so when requesting the same data via the API plugin everything works, so it seams to be DataStore related.
This is how I configure Amplify before runApp in my main.dart:
Future<void> _configureAmplify() async {
final api = AmplifyAPI(
modelProvider: ModelProvider.instance,
authProviders: [
OIDFirebaseTokenProvider(),
],
);
final datastorePlugin = AmplifyDataStore(
modelProvider: ModelProvider.instance,
);
await Amplify.addPlugins([api, datastorePlugin]);
try {
await Amplify.configure(amplifyconfig);
} on Exception catch (e) {
safePrint('An error occurred configuring Amplify: $e');
}
}
and my amplifyconfiguration.dart:
const amplifyconfig = ''' {
"UserAgent": "aws-amplify-cli/2.0",
"Version": "1.0",
"api": {
"plugins": {
"awsAPIPlugin": {
PROJECT_NAME: {
"endpointType": "GraphQL",
"endpoint": ENDPOINT,
"region": "eu-central-1",
"authorizationType": "OPENID_CONNECT"
}
}
}
}
}''';
I have also followed the guide on Getting started with Amplify and Flutter and have completed all the steps mentioned.
Categories
- [ ] Analytics
- [ ] API (REST)
- [ ] API (GraphQL)
- [ ] Auth
- [ ] Authenticator
- [X] DataStore
- [ ] Notifications (Push)
- [ ] Storage
Steps to Reproduce
- Specifiy OIDC and IAM as authorization providers for a model
- Only configure OICD for the app and no Cognito plugin
Screenshots
No response
Platforms
- [X] iOS
- [ ] Android
- [ ] Web
- [ ] macOS
- [ ] Windows
- [ ] Linux
Flutter Version
3.13.7
Amplify Flutter Version
1.4.1
Deployment Method
Amplify CLI
Schema
type User @model @auth(
rules:[
{ allow: owner,
provider: oidc,
ownerField: "id",
identityClaim: "sub",
},
{ allow: private, provider: iam }
]
)
{
id: ID! @primaryKey
name: String
birthday: AWSDate
}
I found the issue, because we specified IAM as an additional provider, the iOS Plugin expects Cognito to be configured and available to the app. However on Android this is not required and it shouldn't be, because our app only uses OICD for authorization and IAM is only used by server side functions. So my question is if this is intended behavior and if there is a different way to specify which authorization modes are actually relevant for the client side.
Hi @thoschwa, I'm glad your issue is resolved. I will look into whether or not this is expected behavior on the iOS side and get back to you.
Hi @thoschwa, thanks for the details. DataStore supports multi-auth which is enabled through the configuration flag
final datastorePlugin = AmplifyDataStore(
modelProvider: ModelProvider.instance,
authModeStrategy: AuthModeStrategy.multiAuth,
);
Since you do not have it enabled, it should do its determination based on the API's default authorization type in the configuration. Since your configuration's default authorization is "authorizationType": "OPENID_CONNECT", it will check that you have an auth provider on the API plugin, and not require you to have the auth plugin.
So my question is if this is intended behavior and if there is a different way to specify which authorization modes are actually relevant for the client side.
I think it's a bug that it's requiring you to have auth plugin despite not having multiauth enabled on the DataStore configuration. Currently it should use the default authorization mode on the API which is OIDC. I'm working on a fix that should work with your current set up.
It would be a feature request for selecting which auth modes to use on the client side, since the generated file has all the relevant auth rules for that model. A workaround would be to manually remove the auth rule from the generated file that you don't want the client to know about. Multi-auth flag should be set to true if you have more than one auth mode you want enabled on the client side.
the fix has been released in Amplify Swift 1.30.7. https://github.com/aws-amplify/amplify-swift/releases/tag/1.30.7