Throw Uncaught TypeError when login with Facebook and Google

[cenxui]

If user signout and login again, it will throw this exception. It work fine when user login first time, but it will fail if a user already signup.

VM1423 aws-cognito-sdk.js:11656 Uncaught TypeError: First argument must be a string, Buffer, ArrayBuffer, Array, or array-like object. at fromObject (VM1423 aws-cognito-sdk.js:11656) at from (VM1423 aws-cognito-sdk.js:11505) at new Buffer (VM1423 aws-cognito-sdk.js:11482) at Object.decode64 [as decode] (VM1423 aws-cognito-sdk.js:7825) at t.getUsername (VM1424 amazon-cognito-auth.min.js:33) at t.cacheTokensScopes (VM1424 amazon-cognito-auth.min.js:81) at t.getTokenQueryParameter (VM1424 amazon-cognito-auth.min.js:81) at t.parseCognitoWebResponse (VM1424 amazon-cognito-auth.min.js:81)

[yuntuowang]

It seems like you provide wrong type of argument. What is your use case and how does your code look like? Can you provide more details? @cenxui

[cenxui]

When user login Facebook and Google again, the cognate domain server will return error description like this.

error_description=Invalid%20user%20attributes:%20email:%20Attribute%20cannot%20be%20updated.%0A%20&state=***&error=invalid_request

[yuntuowang]

@cenxui It seems that you get the error is "invalid user attributes: email attribute cannot be updated". It is probably because the attribute mapping for email attribute is not correct. Can you check the Facebook documentation to see the correct name of email attribute and map it correctly to cognito "email" attribute? Under the cognito console "Attribute mapping" tab, you can update it. Let me know if this works or not. :)

[cenxui]

Well, it doesn't work. The Facebook and Google attributes name are fixed in console. Also, these attributes are the same in Google and Facebook document. Besides, the Cognito Document shows that

Currently, only the Facebook id, Google sub, and Login with Amazon user_id attributes can be mapped to the Amazon Cognito User Pools username attribute.

The username attribute is fixed by Cognito and I am able to see the right mail attribute value in Cognito user group. But it's still error when Facebook or Google users sign in again.

[ashwindevendran]

Hi,

It would be helpful if we can get some more information. Could you please email your user pool id as well as timestamps (ideally accurate to the minute) for when you experienced these issues (quick way to do this is to quickly re-pro this flow and email me the time that you repro'd). My email is: ashwidev@amazon.com

[cenxui]

Hello,

I have sent the information to you. Hopefully, it will be helpful.

[oanacioara]

Hi!

I have the same issue. I have setup Google as an identity provider and I have their email attribute mapped to the Cognito email attribute. However when I try to login the second time I get "Invalid+user+attributes%3A+email%3A+Attribute+cannot+be+updated.".

What would be the solution? Is this related to attribute mappings or could it also be because when created the pool the email attribute was marked as immutable?

[yuntuowang]

Yes, @oanacioara it is because when created the pool the email attribute was marked as required. This means when you sign up a user, you must provide an email and it is immutable after sign up.

[oanacioara]

@yuntuowang, I don't really understand what you mean. Yes, I did mark the email as required and the first time I login with Google it is successful. I can see the user in the Cognito Pool and it has the email attribute set correctly. However, the next time I try to login with the same user I get that error. First of all, I don't understand why the email field would need to be updated if it's the same user? And second, I did change the pool config and made the field mutable, but I still get the error.

Do you have any suggestions that I could try?

[yuntuowang]

Hi @oanacioara, do you mean that you didn't update the email attribute after setting it at the first time? Yes, the email field should not be updated if it is the same user. "And second, I did change the pool config and made the field mutable", I don't understand this part, how did you change the pool config? When you sign up a user providing email address attribute, you cannot change it later.

[yuntuowang]

Hi @oanacioara, also I tested on my pool and cannot reproduce it. I can sign in using Google successfully for the second time. I would say check that you select the same email address to sign in for the second time.

If you still have this problem, could you please email your user pool id as well as timestamps (ideally accurate to the minute) for when you experienced these issues (quick way to do this is to quickly re-pro this flow and email me the time that you repro'd). My email is: wyuntuo@amazon.com

[oanacioara]

@yuntuowang, thank you for the reply. This is the exact scenario I had: I had configured a user pool with the email attribute marked as required and configured Google as an identity provider. I would then login with a google account from my app and the login would be successful. Next I uninstalled the app, install it again and try to login with the SAME google account. The second time I would get the error.

In the mean time I recreated the pool without the email attribute as required and now it works fine. I tried to reproduce the issue today with a new pool but was not able. Maybe I had something else misconfigured. I don't know.

[yuntuowang]

Hi @oanacioara, I am not entirely sure why the second time you try to login the SAME google account, you get the error. The uninstall and reinstall should not effect your login function.

You can mark email attribute as required or not required, either way it should work. It seems you configured it correctly. If you still have the issue with that user pool, probably consider using a new pool? Thanks!

[askdesigners]

@yuntuowang So the solution is just to make the email attribute mutable??? If so that's a terrible solution. It sounds like either shitty design on the part of Cognito, or a bug that no one seems to want to acknowledge. Why are things immutable by default? That's a terrible decision. Why can't you change them after creating the user pool? Also a terrible decision.

I've now spent 2 entire days trying to simply add FB login to my existing user pool. We have thousands of people in there already and we are not going to create a new goddamned user pool just to change the mutability of an attribute. Why is cognito so absolutely full of these awful shitty little gotchas. This is impossible to know before hand. All the hassle that it introduces damned near negates any velocity it can offer. Overall a fairly terrible product from Amazon that I would honestly advise anyone to stay far away from.

If there was a solution arrived at, can we please for the love of god have it here and not in some email thread? I've now seen 3 different public forum posts with this issue getting solved over email, leaving no solution to be found anywhere.

[oliverandersencox]

is there really no response from the cognito team, this is a massive problem that needs some light shed!