search

aws-amplify / amplify-flutter

A declarative library with an easy-to-use interface for building Flutter applications on AWS.
https://docs.amplify.aws
Apache License 2.0
1.31k stars 243 forks source link

Custom header not reaching the gateway #1487

Closed inv-sarathk closed 2 years ago

inv-sarathk commented 2 years ago

Description

When I try to add a header authorization through amplify api package i am getting an error response 401 with a message unauthorized on the api call. When I checked on the backend the header is not reaching there. This is the code I tried :

try { RestOptions options = const RestOptions(path: '/test', headers: {'Authorization': 'token'}); RestOperation restOperation = Amplify.API.get(restOptions: options); RestResponse response = await restOperation.response; print('GET call succeeded'); print(response); } on ApiException catch (e) { print('GET call failed: $e'); }

Categories

Steps to Reproduce

No response

Screenshots

No response

Platforms

Environment

[✓] Flutter (Channel stable, 2.10.3, on macOS 12.3 21E230 darwin-arm, locale
    en-IN)
[!] Android toolchain - develop for Android devices (Android SDK version
    32.1.0-rc1)
    ✗ cmdline-tools component is missing
      Run `path/to/sdkmanager --install "cmdline-tools;latest"`
      See https://developer.android.com/studio/command-line for more details.
    ✗ Android license status unknown.
      Run `flutter doctor --android-licenses` to accept the SDK licenses.
      See https://flutter.dev/docs/get-started/install/macos#android-setup for
      more details.
[✓] Xcode - develop for iOS and macOS (Xcode 13.3)
[✓] Chrome - develop for the web
[✓] Android Studio (version 2021.1)
[✓] VS Code (version 1.64.2)
[✓] VS Code (version 1.65.2)
[✓] Connected device (2 available)
[✓] HTTP Host Availability

Dependencies

Dart SDK 2.16.1
Flutter SDK 2.10.3
flutteraws 1.0.0+1

dependencies:
- amplify_api 0.4.2 [amplify_api_plugin_interface amplify_core collection flutter meta plugin_platform_interface]
- amplify_auth_cognito 0.4.2 [flutter amplify_auth_plugin_interface amplify_core amplify_auth_cognito_android amplify_auth_cognito_ios collection plugin_platform_interface]
- amplify_flutter 0.4.2 [amplify_analytics_plugin_interface amplify_api_plugin_interface amplify_auth_plugin_interface amplify_core amplify_datastore_plugin_interface amplify_storage_plugin_interface collection flutter json_annotation meta plugin_platform_interface]
- cupertino_icons 1.0.4
- flutter 0.0.0 [characters collection material_color_utilities meta typed_data vector_math sky_engine]

transitive dependencies:
- amplify_analytics_plugin_interface 0.4.2 [amplify_core flutter meta]
- amplify_api_plugin_interface 0.4.2 [amplify_core collection flutter json_annotation meta]
- amplify_auth_cognito_android 0.4.2 [flutter]
- amplify_auth_cognito_ios 0.4.2 [amplify_core flutter]
- amplify_auth_plugin_interface 0.4.2 [flutter meta amplify_core]
- amplify_core 0.4.2 [flutter plugin_platform_interface collection date_time_format meta uuid]
- amplify_datastore_plugin_interface 0.4.2 [flutter meta collection amplify_core]
- amplify_storage_plugin_interface 0.4.2 [flutter meta amplify_core]
- characters 1.2.0
- collection 1.15.0
- crypto 3.0.1 [collection typed_data]
- date_time_format 2.0.1
- json_annotation 4.4.0 [meta]
- material_color_utilities 0.1.3
- meta 1.7.0
- plugin_platform_interface 2.1.2 [meta]
- sky_engine 0.0.99
- typed_data 1.3.0 [collection]
- uuid 3.0.6 [crypto]
- vector_math 2.1.1

Device

Pixel 5(Emulator)

OS

Android 13

CLI Version

7.6.26

Additional Context

No response

HuiSF commented 2 years ago

Hello @Sarath222K thanks for reporting this issue.

A quick follow up here, can you share the awsAPIPlugin section in amplifyconfiguration.dart?

inv-sarathk commented 2 years ago

Hello @Sarath222K thanks for reporting this issue.

A quick follow up here, can you share the awsAPIPlugin section in amplifyconfiguration.dart?

Yeah sure,

const amplifyconfig = ''' {
    "UserAgent": "aws-amplify-cli/2.0",
    "Version": "1.0",
    "api": {
        "plugins": {
            "awsAPIPlugin": {
                “Test”: {
                    "endpointType": "GraphQL",
                    "endpoint": "https://XXXXXXXXXXXXXX.appsync-api.ap-northeast-1.amazonaws.com/graphql",
                    "region": "ap-northeast-1",
                    "authorizationType": "API_KEY",
                    "apiKey": “XXXXXXXXXXXXXXXXX”
                },
                "TestREST": {
                    "endpointType": "REST",
                    "endpoint": “XXXXXXXXXXXXXXX.execute-api.ap-northeast-1.amazonaws.com/dev",
                    "region": "ap-northeast-1",
                    "authorizationType": "AWS_IAM"
                }
            }
        }
    },
    "auth": {
        "plugins": {¯
            "awsCognitoAuthPlugin": {
                "UserAgent": "aws-amplify-cli/0.1.0",
                "Version": "0.1.0",
                "IdentityManager": {
                    "Default": {}
                },
                "CredentialsProvider": {
                    "CognitoIdentity": {
                        "Default": {
                            "PoolId": "ap-northeast-1:XXXXXXXXXXXXXXXXXXX”,
                            "Region": "ap-northeast-1"
                        }
                    }
                },
                "CognitoUserPool": {
                    "Default": {
                        "PoolId": "ap-northeast-XXXXXXXXXXXXXX”,
                        "AppClientId": “XXXXXXXXXXXXXXXXXXXX”,
                        "Region": "ap-northeast-1"
                    }
                },
                "Auth": {
                    "Default": {
                        "authenticationFlowType": "USER_SRP_AUTH",
                        "socialProviders": [],
                        "usernameAttributes": [],
                        "signupAttributes": [
                            "PHONE_NUMBER"
                        ],
                        "passwordProtectionSettings": {
                            "passwordPolicyMinLength": 8,
                            "passwordPolicyCharacters": [
                                "REQUIRES_LOWERCASE",
                                "REQUIRES_NUMBERS",
                                "REQUIRES_SYMBOLS",
                                "REQUIRES_UPPERCASE"
                            ]
                        },
                        "mfaConfiguration": "OFF",
                        "mfaTypes": [
                            "SMS"
                        ],
                        "verificationMechanisms": [
                            "PHONE_NUMBER"
                        ]
                    }
                },
                "AppSync": {
                    "Default": {
                        "ApiUrl": “XXXXXXXXXXXXXXXXXXX.appsync-api.ap-northeast-1.amazonaws.com/graphql",
                        "Region": "ap-northeast-1",
                        "AuthMode": "API_KEY",
                        "ApiKey": “XXXXXXXXXXXXXXXXXXX”,
                        "ClientDatabasePrefix": “XXXXXXX_API_KEY"
                    },
                    "Socrates_AWS_IAM": {
                        "ApiUrl": “XXXXXXXXXXXXXXXXXXXXXXX.appsync-api.ap-northeast-1.amazonaws.com/graphql",
                        "Region": "ap-northeast-1",
                        "AuthMode": "AWS_IAM",
                        "ClientDatabasePrefix": “XXXXXXXXXX_AWS_IAM"
                    }
                }
            }
        }
    }
}''';
HuiSF commented 2 years ago

Hi @Sarath222K thanks for provide the info.

Looking at your amplify configuration, your REST API uses IAM as authorization strategy.

        "TestREST": {
          "endpointType": "REST",
          "endpoint": "XXXXXXXXXXXXXXX.execute-api.ap-northeast-1.amazonaws.com/dev",
          "region": "ap-northeast-1",
          "authorizationType": "AWS_IAM"
        }

According to the document when using IAM the credential should be automatically attached to request headers according to you configuration.

Where do you get the token shown in your code example? If you are using something custom, you may need to follow this instruction to enable custom headers for your API Gateway.

inv-sarathk commented 2 years ago

we have configured our backend rest api with "authorizationType": "AMAZON_COGNITO_USER_POOLS", but our configuration(amplifyconfiguration.dart) file is not getting updated even after 'amplify pull', the authorizarion type is still IAM user as above

HuiSF commented 2 years ago

The document suggests that a manual change is required to apply cognito user pool auth to REST API. Have you tried these steps?

haverchuck commented 2 years ago

@Sarath222K Have you tried the steps @HuiSF referenced above?

inv-sarathk commented 2 years ago

Tried, but app is crashing after manually changing the configuration to "authorizationType": "AMAZON_COGNITO_USER_POOLS" inside awsconfiguration.dart file .

inv-sarathk commented 2 years ago

@Sarath222K Have you tried the steps @HuiSF referenced above?

Tried but the app is crashing after applying manually

Jordan-Nelson commented 2 years ago

@Sarath222K - Can you share the log output when the app crashes?

offlineprogrammer commented 2 years ago

Hi @inv-sarathk

I am closing this issue for now as we didn't hear from you We can reopen it if you are still facing the issue and when you provide the details

Regards Mo