amplify-flutter icon indicating copy to clipboard operation
amplify-flutter copied to clipboard
verified publisher icon aws-amplify

Amplify.Auth.SignIn fails -- after Amplify.Auth.SignOut

Open sk92129 opened this issue 5 months ago • 11 comments

Description

After version amplify_auth_cognito and amplify_flutter 2.6.2, the signIn fails indicating that I am still signed in, despite having already invoked signOut.

When I roll back the plugin back to 2.6.2 instead of ^2.6.2, those functions work as before.

Categories

  • [ ] Analytics
  • [ ] API (REST)
  • [ ] API (GraphQL)
  • [x] Auth
  • [x] Authenticator
  • [ ] DataStore
  • [ ] Notifications (Push)
  • [ ] Storage

Steps to Reproduce

1.) invoke Amplify.Auth.signOut() 2.) invoke Amplify.Auth.signIn() - get already signed in exception. 3.) I cleared cache and storage, deleted the app, and re-installed the app. Error still persist.

Screenshots

can be provided if needed

Platforms

  • [x] iOS
  • [x] Android
  • [ ] Web
  • [ ] macOS
  • [ ] Windows
  • [ ] Linux

Flutter Version

3.32.6

Amplify Flutter Version

^2.6.3 or higher

Deployment Method

Amplify CLI (Gen 1)

Schema

I think I used gen 1 CLI to initialize the flutter configuration.
Inside the flutter project, amplify/backend/auth/myappXYZ/cli-inputs.json contains   "version": "1" at the top.

sk92129 avatar Jul 12 '25 17:07 sk92129

This looks slightly related to my problem, but i am not sure. https://github.com/aws-amplify/amplify-flutter/issues/6205

sk92129 avatar Jul 12 '25 21:07 sk92129

When I use the amplify UI, it also gives me the similar errors

import 'package:amplify_authenticator/amplify_authenticator.dart';
import 'package:flutter/material.dart';
import 'package:go_router/go_router.dart';

class AmplifySignInSignUpScreen extends StatefulWidget {
  const AmplifySignInSignUpScreen({super.key});

  @override
  State<AmplifySignInSignUpScreen> createState() => _MyAppState();
}

class _MyAppState extends State<AmplifySignInSignUpScreen> {
  @override
  void initState() {
    super.initState();
  }

  @override
  Widget build(BuildContext context) {
    return Authenticator(
      child: MaterialApp(
        builder: Authenticator.builder(),
        home: Scaffold(
          body: Center(
            child: Column(
              mainAxisAlignment: MainAxisAlignment.center,
              children: [
                const Text('You are signed in'),
                const SizedBox(height: 20),
                ElevatedButton(
                  onPressed: () => context.go('/dashboard'),
                  child: const Text('Go to Dashboard'),
                ),
              ],
            ),
          ),
        ),
      ),
    );
  }
}

sk92129 avatar Jul 13 '25 04:07 sk92129

Image

sk92129 avatar Jul 13 '25 04:07 sk92129

And it seems to be a problem on iOS26 ONLY. The app running on android 15 seems to be working correctly.

--Correction: The faulty behavior is happening on both iOS and Android

sk92129 avatar Jul 13 '25 04:07 sk92129

I got the same problem, but I didn't use amplify_authenticator and I don't think its because the OS version https://github.com/aws-amplify/amplify-flutter/issues/6205

AntoniKwok avatar Jul 14 '25 01:07 AntoniKwok

@AntoniKwok I started a new app using GEN2. It does not seem to be a problem with GEN2. I assume you are using gen1?

sk92129 avatar Jul 14 '25 01:07 sk92129

I have 2 apps, 1 with Gen 1 and the other one using Gen 2, and both got the same problem...

AntoniKwok avatar Jul 14 '25 01:07 AntoniKwok

I have started from scratch and removed amplify completely from my flutter AWS cognito solution. I saw 4 lambda functions, 2 s3 buckets, and who knows what else - created from the gen2 command line tool. I am weary about what else I might face.

sk92129 avatar Jul 14 '25 05:07 sk92129

Hello @sk92129, I have not been able to reproduce the issue on gen1 iOS26 using Amplify Flutter yet 2.6.4. I'm running a few more tests related to expired refresh/access tokens and will get back to you with my findings.

Are you also enabling refresh token rotation as mentioned in the linked issue? Or are doing any other manual configuration of your Cognito backend?

tyllark avatar Jul 14 '25 14:07 tyllark

@tyllark I havent gotten to using the refresh token yet. I am doing the login immediately after a signOut, so I dont think the refresh token comes into play yet. And I havent done any manual configuration on my backend.

Can you tell me what amplify creates on the backend besides the cognito user pool? I think I see a aws lambda and a s3 bucket. Is there anything else that gets created by the CLI?

sk92129 avatar Jul 14 '25 16:07 sk92129

Hello @sk92129, the expired refresh/access tokens tests did not reproduce the issue which makes sense given the login/signOut timings you described. As for backend resources:

  1. The resources defined within your amplify/backend.ts such as Cognito, S3, and AppSync will be provisioned along with any lambda functions referenced there.

  2. Amplify CLI Gen2 use AWS Cloud Development Kit (CDK) for provisioning resources such as Cognito. CDK requires bootstrapping which will create the following resources to manage your CDK projects: a. Amazon Simple Storage Service (Amazon S3) bucket b. Amazon Elastic Container Registry (Amazon ECR) repository c. AWS Identity and Access Management (IAM) roles.

  3. AWS Amplify will create an S3 bucket along with lambda functions to manage your Amplify deployment. To see these lambda functions navigate to AWS Console -> Lambda -> Application -> [YOUR_APPLICATION_NAME].

Please let us know if you have any additional questions!

tyllark avatar Jul 14 '25 23:07 tyllark