Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cognito: Unable to verify secret hash for client #484

Closed
maff91 opened this issue Jul 1, 2018 · 5 comments
Closed

Cognito: Unable to verify secret hash for client #484

maff91 opened this issue Jul 1, 2018 · 5 comments
Assignees
Labels
bug Something isn't working cognito Issues with the AWS Android SDK for Cognito

Comments

@maff91
Copy link

maff91 commented Jul 1, 2018

Problem.

CognitoUser.getSession initiated with "USER_PASSWORD" authentication type does not send secret hash with the in auth request which leads to: "NotAuthorizedException: Unable to verify secret hash for client"

To help us solve your problem better, please answer the following list of questions.

  • What service are you using?

Cognito

  • In what version of SDK are you facing the problem?

aws-android-sdk-cognitoauth:2.6.23

  • Is the issue limited to Simulators / Actual Devices?

Any

  • Can your problem be resolved if you bump to a higher version of SDK?

There is no higher SDK version at the moment

  • Is this problem related to specific Android/OS version?

No

  • Can you give us steps to reproduce with a minimal, complete, and verifiable example? Please include any specific network conditions that might be required to reproduce the problem.

I tracked problem down to: CognitoUser.initiateUserPasswordAuthRequest, it doesn't add SECRET_HASH parameter to the auth request.

Reproduce:
Call CognitoUser.getSession(...) with such a code in the AuthenticationHandler:

        @Override
        public void getAuthenticationDetails(AuthenticationContinuation authenticationContinuation, String username)
        {
            AuthenticationDetails authDetails = new AuthenticationDetails(username, password, null);
            authDetails.setAuthenticationType(CognitoServiceConstants.CHLG_TYPE_USER_PASSWORD);
            authenticationContinuation.setAuthenticationDetails(authDetails);
            authenticationContinuation.continueTask();
        }

Auth request will be sent without "SECRET_HASH" property set, which leads to "...NotAuthorizedException: Unable to verify secret hash for client..." exception.

  • Please include a stacktrace if applicable.
com.amazonaws.services.cognitoidentityprovider.model.NotAuthorizedException: Unable to verify secret hash for client iDontWantToShareClint (Service: AmazonCognitoIdentityProvider; Status Code: 400; Error Code: NotAuthorizedException; Request ID: 1616d336-7d20-11e8-aa2a-79a1678c9988)
      at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
      at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
      at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
      at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.invoke(AmazonCognitoIdentityProviderClient.java:5200)
      at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.initiateAuth(AmazonCognitoIdentityProviderClient.java:3580)
      at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.startWithUserPasswordAuth(CognitoUser.java:2571)
      at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.initiateUserAuthentication(CognitoUser.java:773)
      at com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.AuthenticationContinuation.continueTask(AuthenticationContinuation.java:115)
      at com.shutterfly.android.commons.usersession.providers.CognitoAuthentication$LoginHandler.getAuthenticationDetails(CognitoAuthentication.java:192)
      at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getSession(CognitoUser.java:744)
      at com.shutterfly.android.commons.usersession.providers.CognitoAuthentication.login(CognitoAuthentication.java:86)
      at com.shutterfly.android.commons.usersession.AuthDataManager.loginSync(AuthDataManager.java:574)
      at com.shutterfly.android.commons.usersession.AuthDataManager.lambda$login$1$AuthDataManager(AuthDataManager.java:532)
      at com.shutterfly.android.commons.usersession.AuthDataManager$$Lambda$1.run(Unknown Source:24)
      at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:457)
      at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1162)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:636)
      at java.lang.Thread.run(Thread.java:764)

If you need help with understanding how to implement something in particular then we suggest that you first look into our developer guide. You can also simplify your process of creating an application by using Mobile Hub.

@minbi
Copy link
Contributor

minbi commented Jul 6, 2018

A fix has been released in version 2.6.24

@minbi minbi closed this as completed Jul 6, 2018
@usmanrana07
Copy link

Error is still producing even in 2.13.1.

@minbi minbi reopened this Apr 9, 2019
@minbi minbi self-assigned this Apr 9, 2019
@minbi minbi added bug Something isn't working cognito Issues with the AWS Android SDK for Cognito labels Apr 9, 2019
@minbi
Copy link
Contributor

minbi commented Apr 9, 2019

Hi @usmanrana07 ,

Can you provide a stacktrace or details about the reproduction? Is it the same as the original problem stacktrace?

@usmanrana07
Copy link

@minbi here I've added the of producing issue steps:
#889

@minbi
Copy link
Contributor

minbi commented Apr 10, 2019

@usmanrana07 , The team will follow up with you on your new issue.

This is a closed issue, feel free to create an issue so that we can better track it's progression. Closed issues are not generally monitored.

@minbi minbi closed this as completed Apr 10, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working cognito Issues with the AWS Android SDK for Cognito
Projects
None yet
Development

No branches or pull requests

3 participants