Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cognito Auth isAuthenticated() returns false for logged user #508

Closed
ksenia834 opened this issue Aug 8, 2018 · 1 comment
Closed

Cognito Auth isAuthenticated() returns false for logged user #508

ksenia834 opened this issue Aug 8, 2018 · 1 comment

Comments

@ksenia834
Copy link

ksenia834 commented Aug 8, 2018

  • What service are you using?
    aws-android-sdk-cognitoauth

  • In what version of SDK are you facing the problem?
    'com.amazonaws:aws-android-sdk-cognitoidentityprovider:2.6.+'
    'com.amazonaws:aws-android-sdk-cognitoauth:2.6.17@aar'

  • Is the issue limited to Simulators / Actual Devices?
    It reproduced on both Simulators and device.

  • Can your problem be resolved if you bump to a higher version of SDK?
    This is the latest version which is recommended in the documentation https://docs.aws.amazon.com/aws-mobile/latest/developerguide/how-to-android-sdk-setup.html

  • Is this problem related to specific Android/OS version?
    No

  • Can you give us steps to reproduce with a minimal, complete, and verifiable example? Please include any specific network conditions that might be required to reproduce the problem.

  1. Create Auth object by:
Auth.Builder builder = new Auth.Builder().setAppClientId(COGNITO_CLIENT_ID)
        .setAppClientSecret(COGNITO_CLIENT_SECRET)
        .setAppCognitoWebDomain(COGNITO_WEB_DOMAIN)
        .setApplicationContext(applicationContext)
        .setAuthHandler(new CognitoAuthenticationCallback())
        .setUserPoolId(COGNITO_USER_POOL_ID)
        .setSignInRedirect(COGNITO_APP_REDIRECT)
        .setSignOutRedirect(COGNITO_APP_REDIRECT);
this.auth = builder.build();
  1. Successfully Login User.
  2. Request this.auth.isAuthenticated();

Expected result: isAuthenticated() return true;
Actual result: isAuthenticated() is always false, even after successfully login.

In SDK source code in the class AuthClient I’ve found that for caching session for key clientId
is using pool.getAppId(). In the getSession() method in same class is also used pool.getAppId() for get cached session. But in isAuthenticated() method in same class value of pool.getAppWebDomain() is using as a clientId:

public class AuthClient {
...
    public boolean isAuthenticated() {
        AuthUserSession session =
                LocalDataManager.getCachedSession(context, pool.getAppWebDomain(), userId, pool.getScopes());
        return session.isValidForThreshold();
    }

...
protected void getSession() {
    ...
        // Look for cached tokens
        AuthUserSession session =
                LocalDataManager.getCachedSession(context, pool.getAppId(), userId, pool.getScopes());
...
    }
...
private void refreshSession(final AuthUserSession session,
                                final String redirectUri,
                                final Set<String> tokenScopes,
                                final AuthHandler callback) {
        new Thread(new Runnable() {
           ...
                    // Cache session
                    LocalDataManager.cacheSession(context, pool.getAppId(), username, refreshedSession, pool.getScopes());

        ...
    }

Because session parameters were cached by one key and requesting them by another isAuthenticated always return false. Is this a bug?
Thanks!

@minbi
Copy link
Contributor

minbi commented Aug 17, 2018

We have released version 2.6.28 of the SDK. Please see if it fixes this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants