[X] I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.
[x] I have removed any sensitive information from my code snippets and submission.
App Id
d2rkwhxguawvjc
AWS Region
us-west-2
Amplify Hosting feature
Backend builds, Web previews
Describe the bug
My Amplify application has Google Oauth, and previews fail to create an ephemeral backend during pull requests because the auth resources fail to create.
Expected behavior
A preview should create a new ephemeral backend even when the application has social auth providers like Google.
Reproduction steps
Add Google Oauth provider to an amplify application
Enable previews and select Create new backend environment for every Pull Request option
Create a pull request and wait to see if the backend is created successfully.
```
# Put your logs below this line
{
"Status": "FAILED",
"Reason": "See the details in CloudWatch Log Stream: 20XX/XX/XX/[$LATEST]XXXXXXXXXXXX",
"PhysicalResourceId": "20XX/XX/XX/[$LATEST]XXXXXXXXXXXX",
"StackId": "arn:aws:cloudformation:us-west-2:XXXXXXXX:stack/amplify-XXXXXXX-XXXXXX-XXXXXXX-XXXXX-XXXXX/XXXXXXXX",
"RequestId": "XXXXXXXXXXXXXXXXX",
"LogicalResourceId": "OAuthCustomResourceInputs",
"NoEcho": false,
"Data": {
"err": {
"message": "The provider Google does not exist for User Pool us-west-2XXXXXXXXX.",
"code": "InvalidParameterException",
"time": "XXXXXXXX",
"requestId": "XXXXXXXXX",
"statusCode": 400,
"retryable": false,
"retryDelay": 69.68117398457674
}
}
}
```
Additional information
The error occurs in the OAuthCustomResourceInputs custom resource in the auth stack.
I downloaded the preview root stack from the s3 bucket and compared it to the root stack from an existing backend that works fine. I noticed that there were no values provided for the hostedUIProviderCreds in the preview root stack, the value defaulted to "hostedUIProviderCreds": "[]"
For example, the existing backend root stack has this:
The application makes use of google Oauth, and the Google client secret appears not to be present in the web preview backends, even though the AMPLIFY_GOOGLE_CLIENT_SECRET environment variable is visible by all branches.
I manually added the hostedUIProviderCreds in the preview root stack and tried to create it in the CloudFormation console from that template. It created all the auth resources successfully. So I suspect that the absence of hostedUIProviderCreds in the preview root stack is the cause of the issue.
Hi @Femi-lawal thanks for raising this issue. Glad you were able to identify a workaround for this bug! We are working on reproducing this bug and prioritizing this for mitigation.
Before opening, please confirm:
App Id
d2rkwhxguawvjc
AWS Region
us-west-2
Amplify Hosting feature
Backend builds, Web previews
Describe the bug
My Amplify application has Google Oauth, and previews fail to create an ephemeral backend during pull requests because the auth resources fail to create.
Expected behavior
A preview should create a new ephemeral backend even when the application has social auth providers like Google.
Reproduction steps
Create new backend environment for every Pull Request
optionBuild Settings
Log output
Additional information
The error occurs in the
OAuthCustomResourceInputs
custom resource in the auth stack.I downloaded the preview root stack from the s3 bucket and compared it to the root stack from an existing backend that works fine. I noticed that there were no values provided for the
hostedUIProviderCreds
in the preview root stack, the value defaulted to"hostedUIProviderCreds": "[]"
For example, the existing backend root stack has this:
The preview root stack has this:
The application makes use of google Oauth, and the Google client secret appears not to be present in the web preview backends, even though the
AMPLIFY_GOOGLE_CLIENT_SECRET
environment variable is visible by all branches.I manually added the
hostedUIProviderCreds
in the preview root stack and tried to create it in the CloudFormation console from that template. It created all the auth resources successfully. So I suspect that the absence ofhostedUIProviderCreds
in the preview root stack is the cause of the issue.