Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remember device not working after associate SoftwareMFA #2688

Open
1 task done
namhvattanaakk opened this issue Jan 24, 2024 · 4 comments
Open
1 task done

Remember device not working after associate SoftwareMFA #2688

namhvattanaakk opened this issue Jan 24, 2024 · 4 comments
Labels
auth Related to the Auth category/plugins question General question

Comments

@namhvattanaakk
Copy link

Before opening, please confirm:

Language and Async Model

Kotlin

Amplify Categories

Authentication

Gradle script dependencies

// Put output below this line

implementation 'com.amplifyframework:aws-auth-cognito:1.18.0'

Environment information

# Put output below this line

------------------------------------------------------------
Gradle 6.7.1
------------------------------------------------------------

Build time:   2020-11-16 17:09:24 UTC
Revision:     2972ff02f3210d2ceed2f1ea880f026acfbab5c0

Kotlin:       1.3.72
Groovy:       2.5.12
Ant:          Apache Ant(TM) version 1.10.8 compiled on May 10 2020
JVM:          17.0.8.1 (JetBrains s.r.o. 17.0.8.1+7-b1059.3)
OS:           Mac OS X 14.2.1 aarch64

Please include any relevant guides or documentation you're referencing

https://docs.amplify.aws/android/prev/build-a-backend/auth/remember-device/

Describe the bug

I have used Amplify SDK v1 for Authentication feature in Mobile (both Android & iOS)
After setup MFA, I called Auth.rememberDevice, it returns success but in next login, cognito asked for confirm otp code.

Reproduction steps (if applicable)

Step 1: Login user
User login with username & password, using amplify sdk v1

Step 2: Associate software token
Our back-end calls AssociateSoftwareToken and return secret code to Mobile via our api.
https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AssociateSoftwareToken.html

Step 3: Verify software token
3.1 Our back-end calls VerifySoftwareToken with UserCode provided by client via our api
https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifySoftwareToken.html

3.2: Our back-end call AdminSetUserMFAPreference with option below
{ "SoftwareTokenMfaSettings": { "Enabled": true, "PreferredMfa": boolean }, "Username": "string", "UserPoolId": "string" }

Step 4: Remember device
Mobile app call Auth.rememberDevice and it return success

Step 5: Logout
Mobile app call Auth.logout and it return success

Step 6: Login again
Mobile app call Auth.signIn and it return fail with signInStep = CONFIRM_SIGN_IN_WITH_SMS_MFA_CODE

Code Snippet

// Put your code below this line.

Log output

// Put your logs below this line

amplifyconfiguration.json

No response

GraphQL Schema

// Put your schema below this line

Additional information and screenshots

No response
@tylerjroach
Copy link
Contributor

@namhvattanaakk Amplify v1.18.0 is about 3.5 years old. There have been many updates and bug fixes since then. Amplify v1 is also currently in maintenance mode and will stop receiving updates after May 31st, 2024.

Please attempt to use Amplify v2 and let us know if your issue is resolved. If there is something that is currently blocking you from using Amplify v1, please attempt our latest v1 version (1.38.8).

@tylerjroach tylerjroach added the auth Related to the Auth category/plugins label Jan 24, 2024
@mattcreaser mattcreaser added the pending-response Issue is pending response from the issue requestor label Jan 24, 2024
@namhvattanaakk
Copy link
Author

@namhvattanaakk Amplify v1.18.0 is about 3.5 years old. There have been many updates and bug fixes since then. Amplify v1 is also currently in maintenance mode and will stop receiving updates after May 31st, 2024.

Please attempt to use Amplify v2 and let us know if your issue is resolved. If there is something that is currently blocking you from using Amplify v1, please attempt our latest v1 version (1.38.8).

I know this information but I think the rememberDevice not working is not releate to sdk version

@mattcreaser
Copy link
Contributor

mattcreaser commented Jan 25, 2024
edited

@namhvattanaakk I have verified that rememberDevice is working correct in Amplify 2.14.9. If you're still seeing an issue after upgrading, here are a couple of things to check:

  • Is device tracking enabled for your user pool? You can check under Edit device tracking. It should be "Always" or "User Opt-In".
Screenshot 2024-01-25 at 1 47 40 PM
  • After calling the rememberDevice API, does the user in your user pool show as "Yes" for remembered?
Screenshot 2024-01-25 at 1 52 19 PM

@namhvattanaakk
Copy link
Author

@namhvattanaakk I have verified that rememberDevice is working correct in Amplify 2.14.9. If you're still seeing an issue after upgrading, here are a couple of things to check:

  • Is device tracking enabled for your user pool? You can check under Edit device tracking. It should be "Always" or "User Opt-In".
Screenshot 2024-01-25 at 1 47 40 PM * After calling the `rememberDevice` API, does the user in your user pool show as "Yes" for remembered? Screenshot 2024-01-25 at 1 52 19 PM

@mattcreaser The rememberDevice function works in normal case
signIn -> confirmSignIn -> rememberDevice

But not work with the use-case what I logged above

@mattcreaser mattcreaser added question General question and removed pending-response Issue is pending response from the issue requestor labels Feb 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auth Related to the Auth category/plugins question General question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@tylerjroach @mattcreaser @tjleing @namhvattanaakk