Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Auth state is an invalid state after multi-step custom challenge failed (InvalidStateException) #2754

Open
1 task done
jab11 opened this issue Apr 3, 2024 · 2 comments
Open
1 task done

Auth state is an invalid state after multi-step custom challenge failed (InvalidStateException) #2754

jab11 opened this issue Apr 3, 2024 · 2 comments
Labels
auth Related to the Auth category/plugins bug Something isn't working pending-response Issue is pending response from the issue requestor

Comments

@jab11
Copy link

jab11 commented Apr 3, 2024
edited

Before opening, please confirm:

Language and Async Model

Kotlin - Coroutines

Amplify Categories

Authentication

Gradle script dependencies

// Put output below this line
    implementation 'com.amplifyframework:core:2.14.13'
    implementation 'com.amplifyframework:aws-auth-cognito:2.14.13'
    implementation 'com.amplifyframework:aws-api:2.14.13'
    implementation 'com.amplifyframework:core-kotlin:2.14.13'

Environment information

# Put output below this line
------------------------------------------------------------
Gradle 8.2.1
------------------------------------------------------------

Build time:   2023-07-10 12:12:35 UTC
Revision:     a38ec64d3c4612da9083cc506a1ccb212afeecaa

Kotlin:       1.8.20
Groovy:       3.0.17
Ant:          Apache Ant(TM) version 1.10.13 compiled on January 4 2023
JVM:          1.8.0_222 (AdoptOpenJDK 25.222-b10)
OS:           Mac OS X 10.16 x86_64

Please include any relevant guides or documentation you're referencing

No response

Describe the bug

Our app uses a multistep custom challenge, so after signin there's captcha and sms code.
The app gets correct response after captcha:
Auth State Change: Configured(authNState=SigningIn(signInState=ResolvingChallenge(challengeState=WaitingForAnswer(challenge=AuthChallenge(challengeName=CUSTOM_CHALLENGE, username=..., session=..., parameters={challengeType=SMS, phone=...}), hasNewResponse=true))), authZState=SigningIn(id=))
Correct sms challenge works correctly, wrong challenge gets not authorized response, but anything after that returns an InvalidStateException
Calling resendSignUpCode, signOut or another confirmSignIn all return InvalidStateException.

Auth State Change: Configured(authNState=SigningIn(signInState=ResolvingChallenge(challengeState=Error(exception=NotAuthorizedException(message=Invalid session for the user.), challenge=AuthChallenge(challengeName=CUSTOM_CHALLENGE, username=..., session=..., parameters={challengeType=SMS, phone=...}), hasNewResponse=true))), authZState=SigningIn(id=))

There doesn't seem to be any way to reset auth state or reinitialize the auth plugin other than killing the app.
What is the solution for this state ?

Reproduction steps (if applicable)

  1. signIn() - get CUSTOM_CHALLENGE
  2. confirmSignIn(wrongCode) - get NotAuthorizedException
  3. signOut() or signIn() - get InvalidStateException

Code Snippet

// Put your code below this line.

Log output

// Put your logs below this line
Auth State Change: Configured(authNState=SigningIn(signInState=ResolvingChallenge(challengeState=Verifying(id=CUSTOM_CHALLENGE))
Auth State Change: Configured(authNState=SigningIn(signInState=ResolvingChallenge(challengeState=WaitingForAnswer(challenge=AuthChallenge(challengeName=CUSTOM_CHALLENGE, username=..., session=..., parameters={challengeType=SMS, phone=...}), hasNewResponse=true))), authZState=SigningIn(id=))
Auth State Change: Configured(authNState=SigningIn(signInState=ResolvingChallenge(challengeState=Error(exception=NotAuthorizedException(message=Incorrect username or password.), challenge=AuthChallenge(challengeName=CUSTOM_CHALLENGE, username=..., session=..., parameters={challengeType=SMS, phone=...}), hasNewResponse=true))), authZState=SigningIn(id=))
Auth State Change: Configured(authNState=SigningIn(signInState=ResolvingChallenge(challengeState=Error(exception=NotAuthorizedException(message=Invalid session for the user.), challenge=AuthChallenge(challengeName=CUSTOM_CHALLENGE, username=..., session=..., parameters={challengeType=SMS, phone=...}), hasNewResponse=true))), authZState=SigningIn(id=))

amplifyconfiguration.json

No response

GraphQL Schema

// Put your schema below this line

Additional information and screenshots

No response
@github-actions github-actions bot added the pending-triage Issue is pending triage label Apr 3, 2024
@joon-won joon-won added auth Related to the Auth category/plugins question General question labels Apr 3, 2024
@github-actions github-actions bot removed the pending-triage Issue is pending triage label Apr 3, 2024
@joon-won
Copy link
Contributor

joon-won commented Apr 3, 2024

@jab11 Thank you for your report, we will take a look into the issue

@mattcreaser mattcreaser added bug Something isn't working and removed question General question labels Apr 4, 2024
@joon-won
Copy link
Contributor

joon-won commented May 8, 2024

Hi @jab11, thank you for your patience, could you check if this issue persist with the latest version of Amplify?

@joon-won joon-won added the pending-response Issue is pending response from the issue requestor label May 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auth Related to the Auth category/plugins bug Something isn't working pending-response Issue is pending response from the issue requestor
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jab11 @mattcreaser @joon-won