amplify-hosting
amplify-hosting copied to clipboard
aws-amplify
amplify import auth causes build failure - auth headless init is missing the following inputParams userPoolId, webClientId, nativeClientId
Hi,
I used amplify import auth to import an existing Cognito UserPool into my project. I committed my code to git and pushed, which kicked off an Amplify Console pipeline, the build of the backend failed with the following error message.
Error: auth headless init is missing the following inputParams userPoolId, webClientId, nativeClientId
Since amplify push worked fine from the local machine, I expected the build and deployment in the amplify console to work fine as well.
In this Issue, you will see similar errors for parameters such as facebookAppId, amazonAppId, googleClientId, etc. They had added these parameters as environment variables to amplifyPush.sh. So I added error inputParams as environment variables and the build was successful.
This problem occurs only when I do amplify import auth (not amplify add auth).
Is it because the environment variables in the shell script are missing, i.e., the shell script does not yet support import auth? Or are there other possible causes?
Here is the actual script (myamplifyPush.sh) that I used.
#!/usr/bin/env bash
set -e
IFS='|'
help_output () {
echo "usage: amplify-push <--environment|-e <name>> <--simple|-s>"
echo " --environment The name of the Amplify environment to use"
echo " --simple Optional simple flag auto-includes stack info from env cache"
exit 1
}
init_env () {
ENV=$1
AMPLIFY=$2
PROVIDERS=$3
CODEGEN=$4
AWSCONFIG=$5
CATEGORIES=$6
echo "# Start initializing Amplify environment: ${ENV}"
if [[ -z ${STACKINFO} ]];
then
echo "# Initializing new Amplify environment: ${ENV} (amplify init)"
[[ -z ${CATEGORIES} ]] && amplify init --amplify ${AMPLIFY} --providers ${PROVIDERS} --codegen ${CODEGEN} --yes || amplify init --amplify ${AMPLIFY} --providers ${PROVIDERS} --codegen ${CODEGEN} --categories ${CATEGORIES} --yes
echo "# Environment ${ENV} details:"
amplify env get --name ${ENV}
else
echo "STACKINFO="${STACKINFO}
echo "# Importing Amplify environment: ${ENV} (amplify env import)"
amplify env import --name ${ENV} --config "${STACKINFO}" --awsInfo ${AWSCONFIG} --yes;
echo "# Initializing existing Amplify environment: ${ENV} (amplify init)"
[[ -z ${CATEGORIES} ]] && amplify init --amplify ${AMPLIFY} --providers ${PROVIDERS} --codegen ${CODEGEN} --yes || amplify init --amplify ${AMPLIFY} --providers ${PROVIDERS} --codegen ${CODEGEN} --categories ${CATEGORIES} --yes
echo "# Environment ${ENV} details:"
amplify env get --name ${ENV}
fi
echo "# Done initializing Amplify environment: ${ENV}"
}
ENV=""
IS_SIMPLE=false
POSITIONAL=()
while [[ $# -gt 0 ]]
do
key="$1"
case ${key} in
-e|--environment)
ENV=$2
shift
;;
-r|--region)
REGION=$2
shift
;;
-s|--simple)
IS_SIMPLE=true
shift
;;
*)
POSITIONAL+=("$1")
shift
;;
esac
done
set -- "${POSITIONAL[@]}"
# if no provided environment name, use default env variable, then user override
if [[ ${ENV} = "" ]];
then
ENV=${AWS_BRANCH}
fi
if [[ ${USER_BRANCH} != "" ]];
then
ENV=${USER_BRANCH}
fi
# strip slashes, limit to 10 chars
ENV=$(echo ${ENV} | sed 's;\\;;g' | sed 's;\/;;g' | cut -c -10)
# Check valid environment name
if [[ -z ${ENV} || "${ENV}" =~ [^a-zA-Z0-9\-]+ ]] ; then help_output ; fi
AWSCONFIG="{\
\"configLevel\":\"project\",\
\"useProfile\":true,\
\"profileName\":\"default\",\
\"AmplifyAppId\":\"${AWS_APP_ID}\"\
}"
AMPLIFY="{\
\"envName\":\"${ENV}\",\
\"appId\":\"${AWS_APP_ID}\"\
}"
PROVIDERS="{\
\"awscloudformation\":${AWSCONFIG}\
}"
CODEGEN="{\
\"generateCode\":false,\
\"generateDocs\":false\
}"
CATEGORIES=""
if [[ -z ${AMPLIFY_FACEBOOK_CLIENT_ID} && -z ${AMPLIFY_GOOGLE_CLIENT_ID} && -z ${AMPLIFY_AMAZON_CLIENT_ID} ]]; then
- CATEGORIES=""
+ AUTHCONFIG="{\
+ \"userPoolId\":\"${AMPLIFY_USERPOOL_ID}\",\
+ \"webClientId\":\"${AMPLIFY_WEBCLIENT_ID}\",\
+ \"nativeClientId\":\"${AMPLIFY_NATIVECLIENT_ID}\"\
+ }"
+ CATEGORIES="{\
+ \"auth\":$AUTHCONFIG\
+ }"
else
AUTHCONFIG="{\
\"facebookAppIdUserPool\":\"${AMPLIFY_FACEBOOK_CLIENT_ID}\",\
\"facebookAppSecretUserPool\":\"${AMPLIFY_FACEBOOK_CLIENT_SECRET}\",\
\"googleAppIdUserPool\":\"${AMPLIFY_GOOGLE_CLIENT_ID}\",\
\"googleAppSecretUserPool\":\"${AMPLIFY_GOOGLE_CLIENT_SECRET}\",\
\"amazonAppIdUserPool\":\"${AMPLIFY_AMAZON_CLIENT_ID}\",\
\"amazonAppSecretUserPool\":\"${AMPLIFY_AMAZON_CLIENT_SECRET}\"\
}"
CATEGORIES="{\
\"auth\":$AUTHCONFIG\
}"
fi
# Handle old or new config file based on simple flag
if [[ ${IS_SIMPLE} ]];
then
echo "# Getting Amplify CLI Cloud-Formation stack info from environment cache"
export STACKINFO="$(envCache --get stackInfo)"
init_env ${ENV} ${AMPLIFY} ${PROVIDERS} ${CODEGEN} ${AWSCONFIG} ${CATEGORIES}
echo "# Store Amplify CLI Cloud-Formation stack info in environment cache"
STACKINFO="$(amplify env get --json --name ${ENV})"
envCache --set stackInfo ${STACKINFO}
echo "STACKINFO="${STACKINFO}
else
# old config file, above steps performed outside of this script
init_env ${ENV} ${AMPLIFY} ${PROVIDERS} ${CODEGEN} ${AWSCONFIG} ${CATEGORIES}
fi
In addition, I added three environment variables to the Amplify Console (AMPLIFY_USERPOOL_ID, AMPLIFY_WEBCLIENT_ID, and AMPLIFY_NATIVECLIENT_ID) and wrote amplify.yml as follows
backend:
phases:
build:
commands:
- - '# Execute Amplify CLI with the helper script'
- - amplifyPush --simple
+ - chmod u+x ./myamplifyPush.sh
+ - ./myamplifyPush.sh
frontend:
phases:
preBuild:
commands:
- yarn install
build:
commands:
- yarn run build
artifacts:
baseDirectory: dist
files:
- '**/*'
cache:
paths:
- node_modules/**/*
Any insight is always appreciated.
I have the same issue with importing auth. I get it working with the script. It saved me.
Thanks for the script. Unfortunately it didn't work for me (my AMPLIFY_USERPOOL_ID and so on are still empty).
I hope the Amplify console team can adopt the CI/CD soon to the new amplify import auth feature.
Just hit this issue as well. Two weeks and not even an acknowledgement from the AWS Amplify team?
@fujiwaka2408 @tfmorris @davegravy @morgler @patrickcze @marcioibm @OsenLiu @fujiwaka2408 apologies for the delayed response.
Have you followed these instructions: https://docs.aws.amazon.com/amplify/latest/userguide/environment-variables.html#creating-a-new-backend-environment-with-authentication-parameters
I have followed this one :
https://docs.amplify.aws/cli/auth/import
And all worked well except deployment in Amplify console as mentioned in this issue
I did the same as @mlecoq. I'm importing/reusing a Cognito user pool defined in a different Amplify app.
@tfmorris @mlecoq could you please follow these instructions as well: https://docs.aws.amazon.com/amplify/latest/userguide/environment-variables.html#creating-a-new-backend-environment-with-authentication-parameters
@swaminator Yes, I have followed this instructions: https://docs.aws.amazon.com/amplify/latest/userguide/environment-variables.html#creating-a-new-backend-environment-with-authentication-parameters As far as I can see from the documentation, userPoolId, webClientId, and nativeClientId are not available by default.
I added userPoolId, webClientId and nativeClientId to the environment variables from the Amplify Console and did amplifyPush --simple
However, the original shell script gives me the same error as the title.
So, I created myamplifyPush.sh, which adds userPoolId, webClientId, and nativeClientId to the original shell script.
Thanks for the workaround !
We also have the same issue after importing auth.
However, even the environment variables added into the custom script were not available for us, so we needed to add them manually (either in the amplify.yml build file, or in the amplify console).
@swaminator There's nothing on that page relevant to my configuration. I'm not using "social" signin, and besides, the auth config is totally defined in the user pool that I imported.
@kevin-verschaeve You need to define those environment variables yourself to use the workaround from @fujiwaka2408. It worked for me, but I have too many apps & environments to go around settings all those environment variables by hand, so I updated the script to figure out this information on its own.
Here's an improved workaround. If you add this line just before amplify init is called, it will recreate the auth info in the CATEGORIES variable. Note that this is probably NOT compatible with Google/FB/etc login environment variables (but I don't use any of those).
CATEGORIES=$(node -e "const auths=Object.values(JSON.parse(process.argv[1]).categories.auth);console.log(JSON.stringify({'auth':auths[auths.length-1]}));" "$STACKINFO")
The actual bug is in the Amplify CLI in some combination of amplify env init and amplify init, but this will work around it.
@guizler I modified amplify.yml to force an amplify push:
backend:
phases:
preBuild:
commands:
- chmod u+x ./scripts/amplify-push.sh
build:
commands:
- ./scripts/amplify-push.sh
- amplify push --yes
# ...
For anyone else running into this issue, all I had to do is add the following Environment Variables in AWS Amplify console.
AMPLIFY_USERPOOL_ID AMPLIFY_WEBCLIENT_ID AMPLIFY_NATIVECLIENT_ID
I was receiving the same error when using amplify import auth.
@swaminator Has this been fixed? What version of the Amplify CLI has the fix?
I fixed this by following @damianthekreeeytor 's advice, but had to add an environment variable for the identity pool as well:
I could not find any mention of these variables in the documenation.
Why is this closed??? This issue is still not resolved in 4.42.0 for me. Thank you @fujiwaka2408 for posting a workaround.
If you have an amplify backend and frontend, it means you need your app to be detected as fullstack. If Framework in App details equals to
- React :arrow_right: not fullstack
- React - Amplify :arrow_right: fullstack
In order to have a fullstack amplify app, see my comment https://github.com/aws-amplify/amplify-console/issues/448#issuecomment-781233282 Then define these 4 environment variables
AMPLIFY_IDENTITYPOOL_ID
AMPLIFY_NATIVECLIENT_ID
AMPLIFY_USERPOOL_ID
AMPLIFY_WEBCLIENT_ID
Now you can deploy :smile_cat:
what exactly is the AMPLIFY_NATIVECLIENT_ID? It looks like from the screenshot above in @FredrikMeyer post it could be the same as the AMPLIFY_AMAZON_CLIENT_ID, but I don't know where that value is coming from either
what exactly is the AMPLIFY_NATIVECLIENT_ID? It looks like from the screenshot above in @FredrikMeyer post it could be the same as the AMPLIFY_AMAZON_CLIENT_ID, but I don't know where that value is coming from either
I think it is one of the user pool clients. The one with a generated password.
@FredrikMeyer you're right, it's the id of the app client which has a generated secret.
Just a heads up: After moving the app to a monorepo the Amplify Console builds started inexplicably failing again for me without any related changes to the .yml nor environment variables.
The issue still exists in 4.46.1 and the fix is the same as before: adding environment variables in the Amplify Console.
I'm having the same issue. Trying to see if adding the environment variables in the console works. In general, Amplify feels like such an unfinished mess...
Should this be closed? I just had this issue with
amplify --version
5.1.0
Adding the environment variables via the Amplify console fixed the issue, but I had to find this thread to know how to fix it.
