aws-amplify
Amplify.Auth.signIn authentication flow calls Browser logout
Before opening, please confirm:
- [X] I have searched for duplicate or closed issues and discussions.
Language and Async Model
Kotlin
Amplify Categories
Authentication
Gradle script dependencies
// Put output below this line
implementation 'com.amplifyframework:core:1.31.1'
implementation 'com.amplifyframework:aws-auth-cognito:1.31.1'
Environment information
# Put output below this line
Please include any relevant guides or documentation you're referencing
No response
Describe the bug
Our App uses both username/password authentication and also Custom Provider (SAML) through socialWebUI. When the user signed in using Amplify.Auth.signIn, when I call Amplify.Auth.signOut, browser signout is called.
Currenlty there is no way to provide dynamic amplifyconfiguration, it throws
AlreadyConfiguredException("Remove the duplicate call to Amplify.configure().");
Based on the user, we use either Amplify.Auth.signIn or Amplify.Auth.signInWithSocialWebUI( AuthProvider.custom("custom_provider"),...)
Expected behavior is when I use the flow Amplify.Auth.signIn, it should not call web sign out (launching the browser logout).
We don't have this issue in iOS Amplify.
Reproduction steps (if applicable)
No response
Code Snippet
// Put your code below this line.
{
"auth": {
"plugins": {
"awsCognitoAuthPlugin": {
"IdentityManager": {
"Default": {}
},
"CognitoUserPool": {
"Default": {
"PoolId": "xxxxxxxxxxxxx",
"AppClientId": "xxxxxxxxxxxxxxxx",
"Region": "us-east-2"
}
},
"Auth": {
"Default": {
"authenticationFlowType": "USER_SRP_AUTH",
"OAuth": {
"WebDomain": "auth.dv2.nonprod.xxxxxxx.com",
"AppClientId": "xxxxxxxxxxxxxxxxx",
"SignInRedirectURI": "myapp://signin",
"SignOutRedirectURI": "myapp://signout",
"responseType": "code",
"Scopes": [
"phone",
"email",
"openid",
"profile",
"aws.cognito.signin.user.admin"
]
}
}
}
}
}
}
}
Log output
// Put your logs below this line
amplifyconfiguration.json
No response
GraphQL Schema
// Put your schema below this line
Additional information and screenshots
No response
We will need some more info to debug the issue. Can you provide the code snippets and reproduction steps?
We have both username/password authentication and also Custom Provider (SAML) through socialWebUI. Either one will be called based on the user. When I call Amplify.Auth.signIn, it logs in successfully. In this case when I try to signout using Amplify.Auth.signOut, it is taking the user to web to singnout. I guess it is using the configuration as we have configured socialWebUI sign flow as well. Does Amplify support both username/password and socialWebUI authentication from a single app instance. We will use only one at a time based on who the user is.
Username/password authentication ->
Amplify.Auth.signIn(
vm.login,
vm.password,
{ result ->
Timber.i { if (result.isSignInComplete) "Sign in succeeded" else "Sign in not complete" }
if (result.isSignInComplete) {
vm.getCognitoAuthSession()
} else {
when(result.nextStep?.signInStep) {
AuthSignInStep.CONFIRM_SIGN_IN_WITH_NEW_PASSWORD -> {
Timber.i { "CONFIRM_SIGN_IN_WITH_NEW_PASSWORD" }
runOnMainLooperForReneterNewPassword()
}
AuthSignInStep.CONFIRM_SIGN_IN_WITH_SMS_MFA_CODE -> {
Timber.i { "CONFIRM_SIGN_IN_WITH_SMS_MFA_CODE" }
runOnMainLooperForMFA()
}
else -> { vm.error = "Invalid (Error: A100)." }
}
}
},
{ error ->
vm.hideProgress()
vm.error = "That password or email was invalid (Error: A101)."
vm.signInButtonVisibility = true
Timber.i { "That password or email was invalid (Error: A101)." }
Timber.e(error)
}
)
Social web UI signin autehntication ->
Amplify.Auth.signInWithSocialWebUI(
AuthProvider.custom(vm.userProviderName),
activity as MainActivity,
{
Timber.i {"Signin Callback = ${it}"}
vm.signInButtonVisibility = false
if (it.isSignInComplete) {
vm.storage.ssoUserFlag = true
vm.signInButtonVisibility = false
vm.getCognitoAuthSession()
}
},
{
Timber.e(it)
vm.storage.ssoUserFlag = false
vm.signInButtonVisibility = true
Handler(Looper.getMainLooper()).post {
user_name?.isEnabled = true
edit_user_name?.visibility = View.GONE
}
}
)
Amplify does support both username/password and socialWebUI authentication in a single app instance but cannot make this distinction currently for sign out. If hostedUI is configured, browser signout will be called which clearly seems unnecessary when username/password signin was used. We will look into finding a fix for this issue. Meanwhile feel free to contribute by creating a PR for the fix.
@ten-skv if upgrading is possible for you I would highly recommend you upgrade your amplify library to V2 where we track which method the user was signed in under so that sign out follows the right approach for sign out.
⚠️COMMENT VISIBILITY WARNING⚠️
Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}