aws-amplify
`signIn` method is always trying to perform federated sign in
The signIn method here is trying to perform federated signIn (because isFederationEnabled() is always true here):
https://github.com/aws-amplify/aws-sdk-android/blob/c2936ae4b075d9509d01797bb6f8f65169d54079/aws-android-sdk-mobile-client/src/main/java/com/amazonaws/mobile/client/AWSMobileClient.java#L1215-L1254
If you look into the isFederationEnabled(), which is being checked to perform federated sign in, it returns false only when the value for key FEDERATION_ENABLED_KEY is set other than "true", otherwise it's always true.
https://github.com/aws-amplify/aws-sdk-android/blob/c2936ae4b075d9509d01797bb6f8f65169d54079/aws-android-sdk-mobile-client/src/main/java/com/amazonaws/mobile/client/AWSMobileClient.java#L1154-L1163
But the value for FEDERATION_ENABLED_KEY is only set in Hosted UI and OAuth2 SignIn methods.
The actual issue can be found here: aws-amplify/amplify-flutter#1362
I'm seeing this issue too. I want to use normal cognito idp pool not federated
@cmunaro are you using flutter? I've added the bug here https://github.com/aws-amplify/amplify-flutter/issues/1845 as it's happening on both iOS and Android so not sure if it's upstream
@rhamnett I'm experiencing it in Kotlin (Android) after invoking
Amplify.Auth.signInWithSocialWebUI(
provider = AuthProvider.facebook(),
callingActivity = activity
)
Ah sorry in my last comment I expressed myself badly, I'm using an user pool without an identity pool for that user pool
signInWithSocialWebUI assumes that you have an identity pool configured. You can override this by disabling the federation using HostedUIOptions.
HostedUIOptions hostedUIOptions = HostedUIOptions.builder()
.scopes("openid", "email")
.disableFederation(false)
.build();
SignInUIOptions signInUIOptions = SignInUIOptions.builder()
.hostedUIOptions(hostedUIOptions)
.build();
Note: The API naming is incorrect.
@div5yesh how should I use signInUIOptions? The options parameter of Amplify.Auth.signInWithSocialWebUI is of type AuthWebUISignInOptions, trying to copy signInQueryParameters from one to the other doesn't work.
If I should stop using Amplify.Auth to be able to configure this, I prefer to let the sdk doing the failing requests in the background ignoring the failing result in logcat.
This PR should address your issue: https://github.com/aws-amplify/amplify-android/pull/1823
If using Amplify provide AWSCognitoAuthWebUISignInOptions as:
AWSCognitoAuthWebUISignInOptions options = AWSCognitoAuthWebUISignInOptions.builder().isFederationEnabled(false).build();
@cmunaro, fyi, if you are not using Identity Pool, you will not be able to fetch AWS credentials to access other AWS resources. To understand your use case clearly, can you explain how are you planning to use only user pool?
@div5yesh I have to pass the id token to my backend, then with some magic (we have different teams I don't handle that part) they give me another token that I have to use to authenticate on other services
With further testing, I found out that just having federation disabled is not enough to return the correct signed in result. The parts of code does point out that with federation disabled sign in should end with success in absence of identity pool, but does not return the correct result.
To fix this, changes are required in the AWS Android SDK. We are going to keep investigating and look for proper fix.