Closed venuvasu closed 2 years ago
Hi @venuvasu
Can you check if the Team provider file contains this value ?
Also if possible can you send your amplify folder to amplify-cli@amazon.com after redacting any secret info from it?
The Team provider file does not contain this value. This project does not have any OAuth/Secret configuration. I have sent amplify folder zipped to email mentioned.
I'm having similar issue, after upgrade and made some irrelavant changes, oAuthSecretsPathAmplifyAppId
is automatically set, then a push gives me error Parameters: [hostedUIProviderCreds] must have values
.
Then I give it a empty arry, it is then giving me error of Parameters: [oAuthSecretsPathAmplifyAppId] do not exist in the template
my team-provider-info.json looks like
"auth": {
"my_app_name": {
"oAuthSecretsPathAmplifyAppId": "a_valid_app_id",
"hostedUIProviderCreds": []
},
"userPoolGroups": {}
}
Hey @YuantongL I was able to reproduce that issue (hostedUIProviderCreds
) on a project created with CLI 8.2.0 with default social auth and a single provider, upgrading to 8.3.0, adding a function and pushing. While I also saw oAuthSecretsPathAmplifyAppId
automatically added on push, amplify env checkout <current-env-name>
should also add this value.
Marking as a bug π
@josefaidt thanks for investigation. How do I get around this on 8.3.0 and able to push?
Hey @YuantongL we can step back through amplify update auth
> Walkthrough all configurations
and re-apply the social provider credentials:
> amplify update auth
Please note that certain attributes may not be overwritten if you choose to use defaults settings.
You have configured resources that might depend on this Cognito resource. Updating this Cognito resource could have unintended side effects.
Using service: Cognito, provided by: awscloudformation
What do you want to do?
Apply default configuration without Social Provider (Federation)
β― Walkthrough all the auth configurations
Add/Edit signin and signout redirect URIs
- Update OAuth social providers (Disabled: You have not initially configured OAuth.)
Create or update Cognito user pool groups
Create or update Admin queries API
What do you want to do? Walkthrough all the auth configurations
Select the authentication/authorization services that you want to use: User Sign-Up, Sign-In, con
nected with AWS IAM controls (Enables per-user Storage features for images or other content, Analy
tics, and more)
Allow unauthenticated logins? (Provides scoped down permissions that you can control via AWS IAM)
No
Do you want to enable 3rd party authentication providers in your identity pool? Yes
Select the third party identity providers you want to configure for your identity pool: Facebook
You've opted to allow users to authenticate via Facebook. If you haven't already, you'll need to
go to https://developers.facebook.com and create an App ID.
Enter your Facebook App ID for your identity pool: fakeappid
Do you want to add User Pool Groups? No
Do you want to add an admin queries API? No
Multifactor authentication (MFA) user login options: OFF
Email based user registration/forgot password: Enabled (Requires per-user email entry at registra
tion)
Specify an email verification subject: Your verification code
Specify an email verification message: Your verification code is {####}
Do you want to override the default password policy for this User Pool? No
Specify the app's refresh token expiration period (in days): 30
Do you want to specify the user attributes this app can read and write? No
Do you want to enable any of the following capabilities?
Do you want to use an OAuth flow? Yes
What domain name prefix do you want to use? 10466ba580d2b-ba580d2b
Which redirect signin URIs do you want to edit?
Do you want to add redirect signin URIs? No
Which redirect signout URIs do you want to edit?
Do you want to add redirect signout URIs? No
Select the OAuth flows enabled for this project. Authorization code grant
Select the OAuth scopes enabled for this project. Phone, Email, OpenID, Profile, aws.cognito.sign
in.user.admin
Select the identity providers you want to configure for your user pool: Facebook
You've opted to allow users to authenticate via Facebook. If you haven't already, you'll need to
go to https://developers.facebook.com and create an App ID.
Enter your Facebook App ID for your OAuth flow: fakeappid
Enter your Facebook App Secret for your OAuth flow: fakeappsecret
? Do you want to configure Lambda Triggers for Cognito? No
Hey @YuantongL we can step back through
amplify update auth
>Walkthrough all configurations
and re-apply the social provider credentials:> amplify update auth Please note that certain attributes may not be overwritten if you choose to use defaults settings. You have configured resources that might depend on this Cognito resource. Updating this Cognito resource could have unintended side effects. Using service: Cognito, provided by: awscloudformation What do you want to do? Apply default configuration without Social Provider (Federation) β― Walkthrough all the auth configurations Add/Edit signin and signout redirect URIs - Update OAuth social providers (Disabled: You have not initially configured OAuth.) Create or update Cognito user pool groups Create or update Admin queries API
What do you want to do? Walkthrough all the auth configurations Select the authentication/authorization services that you want to use: User Sign-Up, Sign-In, con nected with AWS IAM controls (Enables per-user Storage features for images or other content, Analy tics, and more) Allow unauthenticated logins? (Provides scoped down permissions that you can control via AWS IAM) No Do you want to enable 3rd party authentication providers in your identity pool? Yes Select the third party identity providers you want to configure for your identity pool: Facebook You've opted to allow users to authenticate via Facebook. If you haven't already, you'll need to go to https://developers.facebook.com and create an App ID. Enter your Facebook App ID for your identity pool: fakeappid Do you want to add User Pool Groups? No Do you want to add an admin queries API? No Multifactor authentication (MFA) user login options: OFF Email based user registration/forgot password: Enabled (Requires per-user email entry at registra tion) Specify an email verification subject: Your verification code Specify an email verification message: Your verification code is {####} Do you want to override the default password policy for this User Pool? No Specify the app's refresh token expiration period (in days): 30 Do you want to specify the user attributes this app can read and write? No Do you want to enable any of the following capabilities? Do you want to use an OAuth flow? Yes What domain name prefix do you want to use? 10466ba580d2b-ba580d2b Which redirect signin URIs do you want to edit? Do you want to add redirect signin URIs? No Which redirect signout URIs do you want to edit? Do you want to add redirect signout URIs? No Select the OAuth flows enabled for this project. Authorization code grant Select the OAuth scopes enabled for this project. Phone, Email, OpenID, Profile, aws.cognito.sign in.user.admin Select the identity providers you want to configure for your user pool: Facebook You've opted to allow users to authenticate via Facebook. If you haven't already, you'll need to go to https://developers.facebook.com and create an App ID. Enter your Facebook App ID for your OAuth flow: fakeappid Enter your Facebook App Secret for your OAuth flow: fakeappsecret ? Do you want to configure Lambda Triggers for Cognito? No
This worked for me . @josefaidt , you are a saviour again π πββοΈ
@josefaidt I was able to push from the amplify cli. However, when i pushed to my repo, the CI / CD failed in the backend build process.
The solution @josefaidt posted works for me as well, thanks!
EDIT:
However.... After a successful push, I did an amplify pull
and got
β There was an error initializing your environment.
π Unexpected end of JSON input
SyntaxError: Unexpected end of JSON input
at JSON.parse (<anonymous>)
at getOAuthProviderKeys (/snapshot/repo/build/node_modules/@aws-amplify/amplify-category-auth/lib/provider-utils/awscloudformation/index.js:157:38)
at updateConfigOnEnvInit (/snapshot/repo/build/node_modules/@aws-amplify/amplify-category-auth/lib/provider-utils/awscloudformation/index.js:103:36)
at /snapshot/repo/build/node_modules/@aws-amplify/amplify-category-auth/lib/index.js:273:34
at /snapshot/repo/build/node_modules/promise-sequential/index.js:16:18
at runMicrotasks (<anonymous>)
at processTicksAndRejections (internal/process/task_queues.js:95:5)
I'm having similar issue, after upgrade and made some irrelavant changes,
oAuthSecretsPathAmplifyAppId
is automatically set, then a push gives me errorParameters: [hostedUIProviderCreds] must have values
.Then I give it a empty arry, it is then giving me error of
Parameters: [oAuthSecretsPathAmplifyAppId] do not exist in the template
my team-provider-info.json looks like
"auth": { "my_app_name": { "oAuthSecretsPathAmplifyAppId": "a_valid_app_id", "hostedUIProviderCreds": [] }, "userPoolGroups": {} }
Thanks solution working fine, after this updated I ran amplify update auth
and working fine
Having similar issue after updating to 8.3.0. Using Cognito federating with Amazon internal federation system (not amazon.com).
My team-provider-info,json looks like this:
... "categories": { "auth": { "my_app_name": {}, "userPoolGroups": {} }, ...
Not sure how to add the "oAuthSecretsPathAmplifyAppId": "my-app-id"
I can't add it directly to the file because its removed as soon as I do 'amplify push'.
This was not an issue before I upgrated from 8.2.0 to 8.3.0. Going back to 8.2.0 does not help.
I am also experiencing this issue. Locally, I can do an amplify push using 8.1.0. When I push to the CI/CD, I get the error:
2022-05-26T16:48:07.894Z [INFO]: UPDATE_FAILED authnavigarab802d28 AWS::CloudFormation::Stack Thu May 26 2022 16:48:03 GMT+0000 (Coordinated Universal Time) Parameters: [oAuthSecretsPathAmplifyAppId] must have values
I was able to circumvent by not having Oauth flow.
On Thu, 26 May 2022 at 10:39 PM crouffer @.***> wrote:
I am also experiencing this issue. Locally, I can do an amplify push using 8.1.0. When I push to the CI/CD, I get the error:
2022-05-26T16:48:07.894Z [INFO]: UPDATE_FAILED authnavigarab802d28 AWS::CloudFormation::Stack Thu May 26 2022 16:48:03 GMT+0000 (Coordinated Universal Time) Parameters: [oAuthSecretsPathAmplifyAppId] must have values
β Reply to this email directly, view it on GitHub https://github.com/aws-amplify/amplify-cli/issues/10466#issuecomment-1138810557, or unsubscribe https://github.com/notifications/unsubscribe-auth/AE6NVOVHG3HTYDBATWQNB2DVL6V5TANCNFSM5W2XLWHA . You are receiving this because you commented.Message ID: @.***>
-- Regards, Sayu Sekhar.
I'm using cli:7.6.8
and get the same issue: Parameters: [oAuthSecretsPathAmplifyAppId] must have values.
Don't have the issue with an env, that I deploy manually. But got the error in an env, that has CI/CD.
What helped: pinning a version in the amplify app build settings to 7.6.15
.
I tried the suggested workarounds:
amplify env checkout <env>
amplify auth update
and the Walkthrough all the auth configurationsNone of these solve the issues. The oAuthSecretsPathAmplifyAppId
field doesn't get populated in team-provider-info.json
.
The only thing that works is disabling oauth / amplify push / re-enabling oauth / amplify push. But this has to be done every time, after the CI pipeline builds.
Had to deactivate 3rd party authentication in prod π’
We have reverted the change that caused this issue. Please upgrade to version 8.3.1
There's still something not right about this, at least how the cli is handling the project that had failed due to prior error.
Running amplify pull
I got
β Fetching updates to backend environment: develop from the cloud.β
GraphQL schema compiled successfully.
Edit your schema at /Users/yuantonglu/Developer/TapApp/amplify/backend/api/TapApp/schema.graphql or place .graphql files in a directory at /Users/yuantonglu/Developer/TapApp/amplify/backend/api/TapApp/schema
β Successfully pulled backend environment develop from the cloud.
β Channel information retrieved for APNS
β Channel is not setup for FCM
β Channel is not setup for Email
β Channel is not setup for SMS
β There was an error initializing your environment.
π Unexpected end of JSON input
SyntaxError: Unexpected end of JSON input
at JSON.parse (<anonymous>)
at getOAuthProviderKeys (/snapshot/repo/build/node_modules/@aws-amplify/amplify-category-auth/lib/provider-utils/awscloudformation/index.js:157:38)
at updateConfigOnEnvInit (/snapshot/repo/build/node_modules/@aws-amplify/amplify-category-auth/lib/provider-utils/awscloudformation/index.js:103:36)
at /snapshot/repo/build/node_modules/@aws-amplify/amplify-category-auth/lib/index.js:278:34
at /snapshot/repo/build/node_modules/promise-sequential/index.js:16:18
at runMicrotasks (<anonymous>)
at processTicksAndRejections (internal/process/task_queues.js:95:5)
Running amplify push
I'm getting
UPDATE_IN_PROGRESS HostedUIProvidersCustomResourceInputs Custom::LambdaCallout Tue May 31 2022 21:45:21 GMT-0400 (Eastern Daylight Time) Requested update required the provider to create a new physical resource
UPDATE_FAILED HostedUIProvidersCustomResourceInputs Custom::LambdaCallout Tue May 31 2022 21:45:21 GMT-0400 (Eastern Daylight Time) Received response status [FAILED] from custom resource. Message returned: See the details in CloudWatch Log Stream: 2022/06/01/[$LATEST]4804f183867542f7ac8990e01f396996 (RequestId: 3ddd3b68-e26b-4551-ba71-8594e0e308ae)
UPDATE_ROLLBACK_IN_PROGRESS amplify-tapapp-develop-195658-authTapApp-1VSLUWFWZA0B8 AWS::CloudFormation::Stack Tue May 31 2022 21:45:23 GMT-0400 (Eastern Daylight Time) The following resource(s) failed to update: [HostedUIProvidersCustomResourceInputs].
β Updating resources in the cloud. This may take a few minutes...
UPDATE_FAILED authTapApp AWS::CloudFormation::Stack Tue May 31 2022 21:45:27 GMT-0400 (Eastern Daylight Time) Embedded stack arn:aws:cloudformation:us-east-1:969017758831:stack/amplify-tapapp-develop-195658-authTapApp-1VSLUWFWZA0B8/0d8818c0-8ec4-11ec-97a1-0a1b8104e20f was not successfully updated. Currently in UPDATE_ROLLBACK_IN_PROGRESS with reason: The following resource(s) failed to update: [HostedUIProvidersCustomResourceInputs].
β Έ Updating resources in the cloud. This may take a few minutes...
Basically can't do anything right now.
Running on 8.3.1, this is my team-provider-info.json after cli automatically updated it
"auth": {
"TapApp": {
"oAuthSecretsPathAmplifyAppId": "FAKE_ID",
"appleAppId": "FAKE_ID"
},
"userPoolGroups": {},
"true": {
"appleAppId": "FAKE_ID"
}
}
EDIT: I have to redo amplify update auth
with walk though everything option, after that is done seems working fine.
Before opening, please confirm:
How did you install the Amplify CLI?
npm
If applicable, what version of Node.js are you using?
v16.10.0
Amplify CLI Version
8.3.0
What operating system are you using?
Windows
Did you make any manual changes to the cloud resources managed by Amplify? Please describe the changes made.
No manual changes made
Amplify Categories
auth, function, api, hosting
Amplify Commands
push
Describe the bug
Upgraded Amplify Version to latest and local build and as well as build from Amplify Hosting (CICD) failing with
Following resources failed
Error from CFN stack is
UPDATE_FAILED authelevatehire293576c8 AWS::CloudFormation::Stack Tue May 24 2022 11:05:12 GMT-0600 (Mountain Daylight Time) Parameters: [oAuthSecretsPathAmplifyAppId] must have values
Project does not have any Secrets value configured.
Expected behavior
Amplify Push successful and updated resources in the cloud.
Reproduction steps
Workaround
GraphQL schema(s)
Log output
Additional information
No response