while signed in, when trying to use PubSub, receive "Credentials - Failed to load credentials"

[sinisaz]

Before opening, please confirm:

• [X] I have searched for duplicate or closed issues and discussions.
• [X] I have read the guide for submitting bug reports.
• [X] I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.

JavaScript Framework

React Native

Amplify APIs

Authentication, PubSub

Amplify Categories

No response

Environment information

# Put output below this line

  System:
    OS: Windows 10 10.0.19043
    CPU: (8) x64 Intel(R) Core(TM) i7-9700K CPU @ 3.60GHz
    Memory: 12.59 GB / 30.91 GB
  Binaries:
    Node: 14.17.0 - C:\Program Files\nodejs\node.EXE
    npm: 6.14.11 - C:\Program Files\nodejs\npm.CMD
  Browsers:
    Chrome: 100.0.4896.127
    Edge: Spartan (44.19041.1266.0), Chromium (101.0.1210.32)
    Internet Explorer: 11.0.19041.1566
  npmPackages:
    @apollo/client: 3.4.8 => 3.4.8
    @apollo/client/cache:  undefined ()
    @apollo/client/core:  undefined ()
    @apollo/client/errors:  undefined ()
    @apollo/client/link/batch:  undefined ()
    @apollo/client/link/batch-http:  undefined ()
    @apollo/client/link/context:  undefined ()
    @apollo/client/link/core:  undefined ()
    @apollo/client/link/error:  undefined ()
    @apollo/client/link/http:  undefined ()
    @apollo/client/link/persisted-queries:  undefined ()
    @apollo/client/link/retry:  undefined ()
    @apollo/client/link/schema:  undefined ()
    @apollo/client/link/utils:  undefined ()
    @apollo/client/link/ws:  undefined ()
    @apollo/client/react:  undefined ()
    @apollo/client/react/components:  undefined ()
    @apollo/client/react/context:  undefined ()
    @apollo/client/react/data:  undefined ()
    @apollo/client/react/hoc:  undefined ()
    @apollo/client/react/hooks:  undefined ()
    @apollo/client/react/parser:  undefined ()
    @apollo/client/react/ssr:  undefined ()
    @apollo/client/testing:  undefined ()
    @apollo/client/utilities:  undefined ()
    @aws-amplify/api: ^4.0.38 => 4.0.38 (4.0.35)
    @aws-amplify/api-graphql: ^2.2.24 => 2.2.24 (2.3.2)
    @aws-sdk/client-cognito-identity: ^3.79.0 => 3.79.0 (3.6.1)
    @aws-sdk/client-iot: ^3.79.0 => 3.79.0
    @babel/core: ^7.12.9 => 7.17.8
    @expo/vector-icons: ^12.0.0 => 12.0.5
    @react-native-async-storage/async-storage: ~1.15.0 => 1.15.17
    @react-native-community/netinfo: 7.1.3 => 7.1.3
    @react-native-community/slider: 4.1.12 => 4.1.12
    @react-native-picker/picker: 2.2.1 => 2.2.1
    @react-navigation/bottom-tabs: ^6.0.5 => 6.2.0
    @react-navigation/drawer: ^6.3.3 => 6.3.3
    @react-navigation/native: ^6.0.2 => 6.0.8
    @react-navigation/native-stack: ^6.1.0 => 6.5.2
    @types/react: ~17.0.21 => 17.0.43
    @types/react-native: ~0.64.12 => 0.64.24
    HelloWorld:  0.0.1
    aws-amplify: ^4.3.17 => 4.3.17
    aws-appsync-auth-link: ^3.0.7 => 3.0.7
    aws-appsync-subscription-link: ^3.0.10 => 3.0.10
    aws-sdk: ^2.1120.0 => 2.1120.0
    css-select: ^4.3.0 => 4.3.0 (2.1.0)
    expo: ~44.0.0 => 44.0.6
    expo-asset: ~8.4.4 => 8.4.6
    expo-constants: ~13.0.0 => 13.0.2
    expo-font: ~10.0.4 => 10.0.5
    expo-linking: ~3.0.0 => 3.0.0
    expo-splash-screen: ~0.14.0 => 0.14.2
    expo-status-bar: ~1.2.0 => 1.2.0
    expo-web-browser: ~10.1.0 => 10.1.1
    formik: ^2.2.9 => 2.2.9
    graphql: ^16.3.0 => 16.3.0 (15.8.0)
    hermes-inspector-msggen:  1.0.0
    jest: ^26.6.3 => 26.6.3
    jest-expo: ~44.0.1 => 44.0.1
    react: 17.0.1 => 17.0.1
    react-dom: 17.0.1 => 17.0.1
    react-native: ^0.64.3 => 0.64.3
    react-native-gesture-handler: ~2.1.0 => 2.1.3
    react-native-reanimated: ~2.3.1 => 2.3.3
    react-native-safe-area-context: 3.3.2 => 3.3.2
    react-native-screens: ~3.10.1 => 3.10.2
    react-native-svg: 12.1.1 => 12.1.1
    react-native-uuid: ^2.0.1 => 2.0.1
    react-native-web: 0.17.1 => 0.17.1
    react-test-renderer: 17.0.1 => 17.0.1
    typescript: ~4.3.5 => 4.3.5
    uuid: ^8.3.2 => 8.3.2 (3.4.0, 3.3.2, 7.0.3)
    yup: ^0.32.11 => 0.32.11
  npmGlobalPackages:
    @aws-amplify/cli: 7.5.3
    @expo/ngrok: 2.5.0
    expo-cli: 5.3.1
    firebase-tools: 9.6.1
    npm-check-updates: 3.1.20
    npm: 6.14.11
    react-devtools: 4.10.0
    react-native-cli: 2.0.1
    serve: 11.3.2
    typescript: 3.9.7

Describe the bug

Using this Doc tried to publish a message to AWS IoT, but faced this result:

  "errorCode": 7,
  "errorMessage": "AMQJS0007E Socket error:undefined.",
  "invocationContext": undefined,

This is the log: [DEBUG] 36:23.659 AuthClass - getting current authenticated user [DEBUG] 36:23.681 AuthClass - cannot load federated user from auth storage [DEBUG] 36:23.681 AuthClass - get current authenticated userpool user [DEBUG] 36:23.690 Credentials - getting credentials [DEBUG] 36:23.692 Credentials - picking up credentials [DEBUG] 36:23.692 Credentials - getting new cred promise [DEBUG] 36:23.695 Credentials - checking if credentials exists and not expired [DEBUG] 36:23.696 Credentials - need to get a new credential or refresh the existing one [DEBUG] 36:23.697 Credentials - no credentials for expiration check [DEBUG] 36:23.698 AuthClass - Getting current user credentials [DEBUG] 36:23.700 AuthClass - failed to get or parse item aws-amplify-federatedInfo [SyntaxError: JSON Parse error: Unexpected identifier "undefined"] [DEBUG] 36:23.702 AuthClass - Getting current session [DEBUG] 36:23.710 AuthClass - Getting the session from this user: CognitoUser { "Session": null, "attributes": Object { "email": "[email protected]", "email_verified": true, "sub": "xxx", }, "authenticationFlowType": "USER_SRP_AUTH", "client": Client { "endpoint": "https://cognito-idp.us-east-2.amazonaws.com/", "fetchOptions": Object {}, }, "keyPrefix": "CognitoIdentityServiceProvider.xxx", "pool": CognitoUserPool { "advancedSecurityDataCollectionFlag": true, "client": Client { "endpoint": "https://cognito-idp.us-east-2.amazonaws.com/", "fetchOptions": Object {}, }, "clientId": "xxx", "storage": [Function MemoryStorage], "userPoolId": "us-east-2_xxx", "wrapRefreshSessionCallback": [Function anonymous], }, "preferredMFA": "NOMFA", "signInUserSession": CognitoUserSession { "accessToken": CognitoAccessToken { "jwtToken": "xxx", "payload": Object { "auth_time": 1651350797, "client_id": "xxx", "event_id": "fb611a37-3928-4ad1-8c6b-14931fd3375f", "exp": 1651354397, "iat": 1651350797, "iss": "https://cognito-idp.us-east-2.amazonaws.com/us-east-2_xxx", "jti": "xxx", "origin_jti": "xxx", "scope": "aws.cognito.signin.user.admin", "sub": "xxx", "token_use": "access", "username": "xxx", }, }, "clockDrift": 2, "idToken": CognitoIdToken { "jwtToken": "xxx", "payload": Object { "aud": "xxx", "auth_time": 1651350797, "cognito:username": "xxx", "email": "[email protected]", "email_verified": true, "event_id": "fb611a37-3928-4ad1-8c6b-14931fd3375f", "exp": 1651354397, "iat": 1651350797, "iss": "https://cognito-idp.us-east-2.amazonaws.com/us-east-2_xxx", "jti": "47befbec-6aa3-4e83-ab6c-xxx", "origin_jti": "ef475e4c-5903-445e-86bc-xxx", "sub": "xxx", "token_use": "id", }, }, "refreshToken": CognitoRefreshToken { "token": "xxx",
}, }, "storage": [Function MemoryStorage], "userDataKey": "CognitoIdentityServiceProvider.xxx.userData", "username": "xxx", } [DEBUG] 36:23.718 AuthClass - Succeed to get the user session CognitoUserSession { "accessToken": CognitoAccessToken { "jwtToken": "xxx", "payload": Object { "auth_time": 1651350797, "client_id": "xxx", "event_id": "fb611a37-3928-4ad1-8c6b-xxx", "exp": 1651354397, "iat": 1651350797, "iss": "https://cognito-idp.us-east-2.amazonaws.com/us-east-2_xxx", "jti": "ece61b86-42f4-4456-8e1b-xxx", "origin_jti": "ef475e4c-5903-445e-86bc-xxx", "scope": "aws.cognito.signin.user.admin", "sub": "xxx", "token_use": "access", "username": "xxx", }, }, "clockDrift": 2, "idToken": CognitoIdToken { "jwtToken": "xxx", "payload": Object { "aud": "xxx", "auth_time": 1651350797, "cognito:username": "xxx", "email": "[email protected]", "email_verified": true, "event_id": "fb611a37-3928-4ad1-8c6b-xxx", "exp": 1651354397, "iat": 1651350797, "iss": "https://cognito-idp.us-east-2.amazonaws.com/us-east-2_xxx", "jti": "47befbec-6aa3-4e83-ab6c-xxx", "origin_jti": "ef475e4c-5903-445e-86bc-xxx", "sub": "xxx", "token_use": "id", }, }, [DEBUG] 36:23.734 Credentials - Error loading credentials [Error: not implemented] [DEBUG] 36:23.734 AuthClass - getting guest credentials [DEBUG] 36:23.734 Credentials - setting credentials for guest [DEBUG] 36:23.736 Credentials - Failed to load credentials Promise { "_U": 1, "_V": 3, "_W": Promise { "_1": 15, "_U": 0, "_V": 2, "_W": [Error: not implemented], "_X": null, }, "_X": null, } [DEBUG] 36:23.737 Credentials - Error loading credentials [Error: not implemented] [DEBUG] 36:23.740 Signer Object { "region": "us-east-2", "service": "iotdevicegateway", }

Expected behavior

successfully publishing a message to an IoT topic

Reproduction steps

Exactly follow this page:

https://docs.amplify.aws/lib/pubsub/getting-started/q/platform/js/#step-3-allow-the-amazon-cognito-authenticated-role-to-access-iot-services

Code Snippet

// Put your code below this line.

Log output

// Put your logs below this line

aws-exports.js

/* eslint-disable */ // WARNING: DO NOT EDIT. This file is automatically generated by AWS Amplify. It will be overwritten.

const awsmobile = { "aws_project_region": "us-east-2", "aws_cognito_identity_pool_id": "us-east-2:xxx", "aws_cognito_region": "us-east-2", "aws_user_pools_id": "us-east-2_xxx", "aws_user_pools_web_client_id": "xxx", "oauth": {}, "aws_cognito_username_attributes": [ "EMAIL" ], "aws_cognito_social_providers": [], "aws_cognito_signup_attributes": [ "EMAIL" ], "aws_cognito_mfa_configuration": "OFF", "aws_cognito_mfa_types": [ "SMS" ], "aws_cognito_password_protection_settings": { "passwordPolicyMinLength": 8, "passwordPolicyCharacters": [] }, "aws_cognito_verification_mechanisms": [ "EMAIL" ] };

export default awsmobile;

Manual configuration

No response

Additional configuration

No response

Mobile Device

Android Emulator

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response

[sinisaz]

Hi @chrisbonifacio, I stocked with this task. Can I ask for help?

[stocaaro]

Hello @sinisaz,

Thank you for the detailed logs. They are very helpful. The "Credentials - Failed to load credentials" message appears in the logs after it is trying to get the Guest credentials. Can you confirm that the logs capture a session where the user has successfully logged in for the Identity Id that you have granted pubsub access to in Step 2 of this guide?

Thanks, Aaron

[sinisaz]

Hello @stocaaro ,

Thank you so much for getting back to me. Yes, I can confirm that the logs capture a session where the user has successfully logged in using aws-amplify.Auth.signIn(email, password).

Note: I wasn't able to get Cognito Identity Id through Auth.currentCredentials() (as explained in Step 2), so I grep the Cognito Identity Id from aws congnito portal. Auth.currentCredentials() return undefined.

Thanks, Jalal

[stocaaro]

Strange. If Auth is working correctly, then Auth.currentCredentials will have an identityId value. The IoT integration requires that each user be assigned to the access policy using the command line command, so I wouldn't expect any of the PubSub behavior to work until you've successfully done this correctly.

How do you know that the user was successfully authenticated? Reading the logs above, it looks like there are a number of failures related to being unable to successfully use federated Auth. Am I missing something?

[stocaaro]

From the information provided, this is likely an issue with Auth. Since it has been a couple months without additional detail, I am closing this issue as stale. If you have further information to add to help troubleshoot or inform other troubleshooting related problems, it would be good to capture more detail about what happened here and how to best work through the issue.