Closed mymattcarroll closed 6 years ago
I'm having the same issue.
What is "interesting" is that using /login
rather than /oauth2/authorize
in the URL seems to work. Definitely looks like something on AWS' or the SDKs side.
https://github.com/Collaborne/amazon-cognito-auth-js/commit/54d0e454f3f42957e722ef7a248df89fc91d6347 .
I've changed dependencies in our package.json
so that we get this change:
diff --git a/package.json b/package.json
index dc1f74a..e26934b 100644
--- a/package.json
+++ b/package.json
@@ -32,7 +32,7 @@
- "amazon-cognito-auth-js": "^1.1.5",
+ "amazon-cognito-auth-js": "https://github.com/Collaborne/amazon-cognito-auth-js#collaborne",
(Note: I'll prepare a PR for this repository, but somehow I'm not sure that it'll get much attention. OTOH I also cannot promise that the above repository will be available forever, so I'd suggest you create your own fork :D)
:+1: We are encountering this issue as well. The change to /login works.
We'll fork for now but would appreciate this being fixed.
I've been in contact with AWS Support all day. They have said that using /login
instead is a work around for now and that they are currently working a fix. The issue is not with the SDK, AWS Support are saying the SDK's implementation of the /oauth2/authorize
endpoint is correct, the issue is with how cookies are cleaned up (or not cleaned up more specifically) when navigating the /logout
endpoint.
Same issue here, exactly the same happened above, happened suddenly without any change in out code or our configurations. Version 1.1.9.
@yuntuowang thanks. With "rolled back" you mean something on the server-side?
I'm a bit concerned about this issue, as it essentially made our application inaccessible for our users for a long time, and I couldn't see anything on the usual AWS channels about it (http://status.aws.amazon.com specifically).
Now the /oauth2/authorize hosted UI urls works as expected.
@ankon in some cases like this we notify customers via the Personal Health Dashboard as that is more direct than the Service Health Dashboard.
@timwhunt A-ha! Found it there! Yet another place to add to the list of "what to check when customers are unhappy".
https://MY_APP.auth.ap-southeast-2.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2FMY_APP_DOMAIN%2Fcallback&response_type=token&client_id=MY_CLIENT_ID&state=STATE&scope=openid%20email
has suddenly started redirecting to empty error.See screen shot below.
Is anyone else having this issue?
I am 99.9% sure that it is not a configuration issue as this has started happening for all 3 applications we have using this SDK. They were all working 24 hours ago and have suddenly started redirecting to this empty error screen.