search

aws-amplify / amplify-flutter

A declarative library with an easy-to-use interface for building Flutter applications on AWS.
https://docs.amplify.aws
Apache License 2.0
1.31k stars 243 forks source link

Feature Request: Clock Skew Correction #4174

Open jamesleech opened 9 months ago

jamesleech commented 9 months ago

Description

Hi,

We've just run into a clock drift issue. When our users, mostly the international citizens, have their mobile devices clock set manually, to another datetime, we are seeing 403s from API Gateway.

"userAgent":"amplify-flutter/1.4.1 ios/17.1.1 API/23 aws-sigv4-dart/0.5.0","authorizorError":"The request for the IAM Authorizer doesn't match the format that API Gateway expects.

If you manually set the date time to a date time on the mobile device, this is repeatable, change it back to automatic, and the problem disappears.

We never saw this issue before migrating our app to flutter from react-native. Upon looking at the javascript lib, I've found;

https://github.com/aws-amplify/amplify-js/blob/8499b9438aa5ad88483bcd56ab32193496d140b5/packages/core/src/clients/middleware/signing/middleware.ts#L42

Is there a way to handle this in the flutter libs with Cognito userpools calling API gateway with IAM Auth?

Categories

Steps to Reproduce

No response

Screenshots

No response

Platforms

Flutter Version

">=3.0.0 <4.0.0"

Amplify Flutter Version

1.4.1

Deployment Method

Custom Pipeline

Schema

No response

Equartey commented 9 months ago

Hey @jamesleech, Thanks for bringing this to our attention. We're investigating a solution. I will provide an update when I can.