amplify-js
amplify-js copied to clipboard
aws-amplify
Cognito Advanced Security feature support in React Native apps
The Cognito Advanced Security feature requires that client applications provide device information to use the functionality effectively. This functionality is already provided by the Amplify javascript SDK when used in a browser and by the native mobile Amplify SDKs on iOS and Android, can support be added for this when using this SDK in React Native apps.
@walshj19 AdvancedSecurityDataCollectionFlag is already set to true as default in amplify https://github.com/aws-amplify/amplify-js/blob/master/packages/amazon-cognito-identity-js/src/CognitoUserPool.js#L55-L60 Is the blocker that you can't include the javascript in react native apps? Is it possible to download and cache it locally?
That flag is enabled and when using the SDK to login with the Auth.signIn method in a browser client application the device fingerprint information is sent correctly and can be seen in the Cognito Advanced Security event log on a user. When using the same Auth.signIn method in a react native app the user is signed in successfully but on Android(using a real device) the device fingerprint information is not sent and in the event log is listed as "Unknown".
@walshj19, how are you importing/including the following necessary javascript as per the cognito guide in your react native app?
<script src="https://amazon-cognito-assets._<region>_.amazoncognito.com/amazon-cognito-advanced-security-data.min.js"></script>
Can you please provide the code sample? That script is necessary for enabling the advanced security feature. You can confirm that by logging the global var exported by that script. Add console.log(global.AmazonCognitoAdvancedSecurityData) in your app and let me know if you see an object with a getData() method on it.
@Amplifiyer can you explain why we need the above script to be added in the ReactNative app since the aws-amplify JS library should wrap the logic for AdvancedSecurity right ? Also below snippet is the response from Cognito for the CognitoUser object which shows the advancedSecurityDataCollectionFlag
pool: CognitoUserPool
advancedSecurityDataCollectionFlag: true
client: Client {endpoint: "https://cognito-idp.ap-southeast-1.amazonaws.com/", userAgent: "aws-amplify/0.1.x react-native"}
clientId: "XXXXXXXXXXXXXXXXXXXXX"
storage: ƒ MemoryStorage()
userPoolId: "XXXXXXXXXXXXXXXXXXXX"
__proto__: Object
preferredMFA: "NOMFA"
@anandwahed, as per the Cognito docs, you need both, AdvancedSecurityDataCollectionFlag set to true and the aforementioned script loaded in the scope which provides a global object AmazonCognitoAdvancedSecurityData that has method for data collection required for enabling advanced security features.
Hi @Amplifiyer can you guide us how the above script can be loaded in the case of a ReactNative mobile app. Or should we write native bridge code to connect with the Android and iOS SDKs separately in the ReactNative app ?
@anandwahed, that's what I thought was the issue. Even downloading and caching the file locally in the project is not working since the javascript file is not compatible with the react native environment. I'll follow up with internal cognito team and revert back once I have more information.
Do we need to include that file explicitly when using amplify with react? @anandwahed
