A failure occurred when returning state

[saadgsquad]

Before opening, please confirm:

• [X] I have searched for duplicate or closed issues and discussions.
• [X] I have read the guide for submitting bug reports.
• [X] I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.

JavaScript Framework

React

Amplify APIs

Authentication

Amplify Categories

auth

Environment information

``` # Put output below this line npx: installed 1 in 0.906s System: OS: Linux 5.19 Ubuntu 22.04.2 LTS 22.04.2 LTS (Jammy Jellyfish) CPU: (4) x64 Intel(R) Core(TM) i7-6600U CPU @ 2.60GHz Memory: 827.97 MB / 15.52 GB Container: Yes Shell: 5.1.16 - /bin/bash Binaries: Node: 14.21.3 - ~/.nvm/versions/node/v14.21.3/bin/node Yarn: 1.22.19 - /usr/bin/yarn npm: 6.14.18 - ~/.nvm/versions/node/v14.21.3/bin/npm Browsers: Chrome: 113.0.5672.92 npmPackages: @ahooksjs/use-request: ^2.8.15 => 2.8.15 @babel/core: ^7.18.6 => 7.21.8 (7.9.0) @babel/eslint-parser: ^7.18.2 => 7.21.8 @babel/plugin-proposal-class-properties: ^7.18.6 => 7.18.6 (7.8.3) @babel/plugin-syntax-jsx: ^7.18.6 => 7.21.4 @babel/preset-env: ^7.18.6 => 7.21.5 (7.9.0) @babel/preset-react: ^7.18.6 => 7.18.6 (7.9.1) @babel/preset-stage-0: ^7.8.3 => 7.8.3 @babel/register: ^7.18.6 => 7.21.0 @babel/runtime: ^7.18.6 => 7.21.5 (7.9.0) @cypress/angular: 0.0.0-development @cypress/mount-utils: 0.0.0-development @cypress/react: 0.0.0-development @cypress/react18: 0.0.0-development @cypress/svelte: 0.0.0-development @cypress/vue: 0.0.0-development @cypress/vue2: 0.0.0-development @elevate_security/customer-data-validators: ^1.3.67 => 1.3.88 @elevate_security/elevate-component-library: ^1.30.2 => 1.31.2 @fullstory/browser: ^1.6.1 => 1.7.1 @pollyjs/core: ^6.0.5 => 6.0.5 @sentry/browser: ^5.15.4 => 5.30.0 @testing-library/jest-dom: ^5.16.4 => 5.16.5 @testing-library/react: ^13.3.0 => 13.4.0 @wojtekmaj/enzyme-adapter-react-17: ^0.6.7 => 0.6.7 ahooks: ^3.5.0 => 3.7.7 aws-amplify: 4.3.46 => 4.3.2 axios: ^0.27.2 => 0.27.2 (0.21.4) axios-mock-adapter: ^1.21.1 => 1.21.4 babel-jest: ^28.1.3 => 28.1.3 (24.9.0) babel-plugin-transform-assets-import-to-string: ^1.2.0 => 1.2.0 babel-preset-react: ^6.24.1 => 6.24.1 bootstrap: 4.5.3 => 4.5.3 chai: ^4.3.6 => 4.3.7 chai-enzyme: ^1.0.0-beta.1 => 1.0.0-beta.1 chai-immutable: ^2.1.0 => 2.1.0 chance: ^1.1.8 => 1.1.11 configurable-overrides: undefined (0.1.0) cross-env: ^7.0.3 => 7.0.3 cypress: ^10.2.0 => 10.11.0 d3: ^5.16.0 => 5.16.0 d3-array: ^3.1.6 => 3.2.3 (1.2.4) d3-axis: ^3.0.0 => 3.0.0 (1.0.12) d3-scale: ^4.0.2 => 4.0.2 (2.2.2) d3-selection: ^3.0.0 => 3.0.0 (1.4.2) d3-shape: ^3.1.0 => 3.2.0 (1.3.7) dompurify: ^2.3.8 => 2.4.5 draft-js: ^0.11.7 => 0.11.7 draftjs-to-html: ^0.9.1 => 0.9.1 enzyme: ^3.11.0 => 3.11.0 eslint: ^7.11.0 => 7.32.0 (8.41.0, 6.8.0) eslint-config-airbnb: ^19.0.4 => 19.0.4 eslint-config-prettier: ^8.5.0 => 8.8.0 eslint-plugin-chai-friendly: ^0.7.2 => 0.7.2 eslint-plugin-cypress: ^2.12.1 => 2.13.3 eslint-plugin-flowtype: ^8.0.3 => 8.0.3 (4.6.0) eslint-plugin-import: ^2.26.0 => 2.27.5 (2.20.1) eslint-plugin-jam3: ^0.2.3 => 0.2.3 eslint-plugin-jest: ^27.2.1 => 27.2.1 eslint-plugin-jsx-a11y: ^6.6.0 => 6.7.1 (6.2.3) eslint-plugin-prettier: 4.2.1 => 4.2.1 eslint-plugin-react: ^7.30.1 => 7.32.2 (7.19.0) eslint-plugin-react-hooks: ^4.6.0 => 4.6.0 (1.7.0) history: ^5.3.0 => 5.3.0 (4.10.1) html-to-draftjs: ^1.5.0 => 1.5.0 husky: ^8.0.1 => 8.0.3 i18next: ^21.8.11 => 21.10.0 i18next-browser-languagedetector: ^6.1.4 => 6.1.8 i18next-xhr-backend: ^3.2.2 => 3.2.2 identity-obj-proxy: ^3.0.0 => 3.0.0 immutable: ^4.1.0 => 4.3.0 (3.7.6) jest: ^28.1.3 => 28.1.3 (24.9.0) jest-environment-jsdom: ^28.1.3 => 28.1.3 (24.9.0) jquery: ^3.6.0 => 3.7.0 jsdom: ^20.0.0 => 20.0.3 (14.1.0, 19.0.0, 11.12.0) jsdom-global: 3.0.2 => 3.0.2 jwt-decode: ^3.1.2 => 3.1.2 launchdarkly-js-client-sdk: ^3.0.0 => 3.1.3 lint-staged: ^13.0.3 => 13.2.2 lodash: ^4.17.21 => 4.17.21 lodash.camelcase: ^4.3.0 => 4.3.0 lodash.template: ^4.5.0 => 4.5.0 memo-parser: undefined (0.2.1) mocha: ^10.0.0 => 10.2.0 moment: ^2.29.3 => 2.29.4 moment-timezone: ^0.5.34 => 0.5.43 nyc: ^15.1.0 => 15.1.0 object-assign: ^4.1.1 => 4.1.1 prettier-eslint: ^15.0.1 => 15.0.1 (14.1.0) prettier-eslint-cli: ^6.0.1 => 6.0.1 prop-types: ^15.8.1 => 15.8.1 qs: ^6.11.0 => 6.11.2 (6.10.4, 6.11.0, 6.5.3) query-string: ^7.1.1 => 7.1.3 (4.3.4) react: ^17.0.1 => 17.0.2 (16.14.0) react-addons-test-utils: ^15.6.2 => 15.6.2 react-app-rewire-babel-loader: ^0.1.1 => 0.1.1 react-app-rewired: ^2.2.1 => 2.2.1 (1.6.2) react-bootstrap-typeahead: ^3.0.3 => 3.4.7 react-datepicker: 4.8.0 => 4.8.0 (3.8.0) react-dom: ^17.0.1 => 17.0.2 react-draft-wysiwyg: ^1.14.7 => 1.15.0 react-dropzone: ^14.2.1 => 14.2.3 react-ga: ^3.3.1 => 3.3.1 react-grid-layout: ^1.3.4 => 1.3.4 react-gtm-module: ^2.0.11 => 2.0.11 react-i18next: ^11.17.3 => 11.18.6 react-icons: ^4.4.0 => 4.8.0 react-joyride: ^2.0.0 => 2.5.4 react-media: ^1.10.0 => 1.10.0 react-redux: ^8.0.2 => 8.0.5 react-router-dom: ^5.1.2 => 5.3.4 react-scripts: ^3.4.3 => 3.4.4 react-select: 5.3.2 => 5.3.2 react-table: ^7.8.0 => 7.8.0 react-table-6: ^6.11.0 => 6.11.0 react-test-renderer: ^17.0.1 => 17.0.2 react-transition-group: ^4.4.2 => 4.4.5 (2.9.0) react-transition-group/CSSTransition: undefined () react-transition-group/ReplaceTransition: undefined () react-transition-group/SwitchTransition: undefined () react-transition-group/Transition: undefined () react-transition-group/TransitionGroup: undefined () react-transition-group/TransitionGroupContext: undefined () react-transition-group/config: undefined () react-typeform-embed: ^0.2.1 => 0.2.1 reconnecting-websocket: ^4.4.0 => 4.4.0 redux: ^4.2.0 => 4.2.1 redux-immutable: ^4.0.0 => 4.0.0 redux-mock-store: ^1.5.4 => 1.5.4 redux-thunk: ^2.4.1 => 2.4.2 reselect: ^4.1.6 => 4.1.8 sanitize-filename: ^1.6.3 => 1.6.3 serve: ^13.0.4 => 13.0.4 set-value: ^4.1.0 => 4.1.0 (2.0.1) single-spa: ^5.9.4 => 5.9.4 single-spa-react: ^4.6.1 => 4.6.1 sinon: ^14.0.0 => 14.0.2 (7.5.0) sinon-chai: ^3.7.0 => 3.7.0 stream: 0.0.2 => 0.0.2 styled-components: ^5.3.7 => 5.3.10 (4.3.2) styled-components/macro: undefined () styled-components/native: undefined () styled-components/primitives: undefined () styled-map: ^3.3.0 => 3.3.0 timers: ^0.1.1 => 0.1.1 urijs: ^1.19.11 => 1.19.11 web-vitals: ^0.2.4 => 0.2.4 ws: ^8.8.0 => 8.13.0 (6.2.2, 5.2.3) xml2js: ^0.5.0 => 0.5.0 zone-mix: undefined () zone-node: undefined () zone-testing: undefined () zone.js: ^0.11.6 => 0.11.8 zone.js/async-stack-tagging: undefined () zone.js/async-stack-tagging.min: undefined () zone.js/async-test: undefined () zone.js/async-test.min: undefined () zone.js/fake-async-test: undefined () zone.js/fake-async-test.min: undefined () zone.js/jasmine-patch: undefined () zone.js/jasmine-patch.min: undefined () zone.js/long-stack-trace-zone: undefined () zone.js/long-stack-trace-zone.min: undefined () zone.js/mocha-patch: undefined () zone.js/mocha-patch.min: undefined () zone.js/proxy: undefined () zone.js/proxy.min: undefined () zone.js/sync-test: undefined () zone.js/sync-test.min: undefined () zone.js/task-tracking: undefined () zone.js/task-tracking.min: undefined () zone.js/webapis-media-query: undefined () zone.js/webapis-media-query.min: undefined () zone.js/webapis-notification: undefined () zone.js/webapis-notification.min: undefined () zone.js/webapis-rtc-peer-connection: undefined () zone.js/webapis-rtc-peer-connection.min: undefined () zone.js/webapis-shadydom: undefined () zone.js/webapis-shadydom.min: undefined () zone.js/wtf: undefined () zone.js/wtf.min: undefined () zone.js/zone-bluebird: undefined () zone.js/zone-bluebird.min: undefined () zone.js/zone-error: undefined () zone.js/zone-error.min: undefined () zone.js/zone-legacy: undefined () zone.js/zone-legacy.min: undefined () zone.js/zone-patch-canvas: undefined () zone.js/zone-patch-canvas.min: undefined () zone.js/zone-patch-cordova: undefined () zone.js/zone-patch-cordova.min: undefined () zone.js/zone-patch-electron: undefined () zone.js/zone-patch-electron.min: undefined () zone.js/zone-patch-fetch: undefined () zone.js/zone-patch-fetch.min: undefined () zone.js/zone-patch-jsonp: undefined () zone.js/zone-patch-jsonp.min: undefined () zone.js/zone-patch-message-port: undefined () zone.js/zone-patch-message-port.min: undefined () zone.js/zone-patch-promise-test: undefined () zone.js/zone-patch-promise-test.min: undefined () zone.js/zone-patch-resize-observer: undefined () zone.js/zone-patch-resize-observer.min: undefined () zone.js/zone-patch-rxjs: undefined () zone.js/zone-patch-rxjs-fake-async: undefined () zone.js/zone-patch-rxjs-fake-async.min: undefined () zone.js/zone-patch-rxjs.min: undefined () zone.js/zone-patch-socket-io: undefined () zone.js/zone-patch-socket-io.min: undefined () zone.js/zone-patch-user-media: undefined () zone.js/zone-patch-user-media.min: undefined () npmGlobalPackages: @aws-amplify/cli: 11.1.1 corepack: 0.15.1 npm: 6.14.18 ```

Describe the bug

I was using @awsamplfy/auth with version 2.1.8 and I have to upgrade the package due to the package dependency violation. When I am upgrading the package, It is working fine with the Username and Password, and t not working fine with the SSO login.

For the SSO login, I am using AWS-Cognito with Gmail.

It is redirecting on the callback after the redirect package throws this error.

Error:

{
event: "customState_failure",
message: "A failure occurred when returning state",
data: {
$fault: 'client',
name: "ValidationException",
__type: "ValidationException",
message: "1 validation error detected: Value '{cognito-idp.<REGION>.amazonaws.com/<POOL_ID>=}' at 'logins' failed to satisfy constraint: Map value must satisfy constraint: [Member must have length less than or equal to 50000, Member must have length greater than or equal to 1]",
stack: "ValidationException: 1 validation error detected: Value '{cognito-idp.<REGION>.amazonaws.com/<POOL_ID>=}' at 'logins' failed to satisfy constraint: Map value must satisfy constraint: [Member must have length less than or equal to 50000, Member must have length greater than or equal to 1]
  at https://URL/static/js/21.chunk.js:60379:62
  at step (https://URL/static/js/21.chunk.js:63614:17)
  at Object.next (https://URL/static/js/21.chunk.js:63563:14)
  at fulfilled (https://URL/static/js/21.chunk.js:63522:24)"
}

Config:

{
    "aws_project_region": <REGION>,
    "aws_cognito_identity_pool_id": <IDENTITY_POOL_ID>,
    "aws_cognito_region": <REGION>,
    "aws_user_pools_id": <USER_POOL_ID>,
    "aws_user_pools_web_client_id": <USER_POOL_WEB_CLIENT_ID>,
    clientMetadata: { tenant: <TENANT> }, // localhost:3000, staging, production
    "oauth": {
    "domain": <DOMAIN>,
      "scope": [ "email",  "openid"  ],
      "redirectSignIn": <URL>/callback.html,
      "responseType": "code"
  } }

Expected behavior

call aws-cognito API but not getting token.

Throw proper validation error details if I am missing any point.

Reproduction steps

1. Install aws-amplify version 4.3.46
2. run the project (npm run)
3. at the login page add "?admin" in the URL, it trigger the login function

   return Auth.federatedSignIn({
       provider: 'Google',
       customState: encodeURIComponent(
         window.location.hostname + `/${window.location.pathname}`.replace('//', '/')
       )
     }).catch((e) => sendSentryError('login with Google error', 'warning', e))

4. After the redirection from the callback show the error in the Hub.listen()

Code Snippet

// Put your code below this line.

Log output

``` [DEBUG] 05:20.229 Interactions - configure Interactions [DEBUG] 05:20.230 XR - configure XR [DEBUG] 05:20.231 AbstractXRProvider - configure SumerianProvider [DEBUG] 05:20.232 Predictions - configure Predictions [DEBUG] 05:20.233 Geo - configure Geo [DEBUG] 05:20.234 Parser - parse config [DEBUG] 05:20.235 AmazonLocationServiceProvider - configure Amazon Location Service Provider undefined [DEBUG] 05:20.239 Credentials - set credentials from session [DEBUG] 05:21.391 Credentials - Failed to load credentials [DEBUG] 05:21.393 AuthClass - Error in cognito hosted auth response ValidationException: [DEBUG] 05:21.395 Hub - Dispatching to auth with [DEBUG] 05:21.396 AnalyticsClass - on hub capsule auth [DEBUG] 05:21.397 Hub - Dispatching to auth with ```

aws-exports.js

{
    "aws_project_region": <REGION>,
    "aws_cognito_identity_pool_id": <IDENTITY_POOL_ID>,
    "aws_cognito_region": <REGION>,
    "aws_user_pools_id": <USER_POOL_ID>,
    "aws_user_pools_web_client_id": <USER_POOL_WEB_CLIENT_ID>,
    clientMetadata: { tenant: <TENANT> }, // localhost:3000, staging, production
    "oauth": {
    "domain": <DOMAIN>,
      "scope": [ "email",  "openid"  ],
      "redirectSignIn": <URL>/callback.html,
      "responseType": "code"
  } }

Manual configuration

No response

Additional configuration

clientMetadata: { tenant_name: axios.tenant, environment: process.env.REACT_APP_ENV },

Mobile Device

No response

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response

[israx]

hello @saadgsquad. Can you prefix your redirectSignIn,in your configuration, with / at the end. E.g <URL>/callback.html/ . Probably that is causing a URL miss match.

[saadgsquad]

Thanks for the response, @israx @cwomack

I tried with that and also tried with multiple scenarios but I'm getting the still same response as I mentioned above. If there is mismatch URL then we are getting a proper error like url is invalid, might there is a issue in _handleAuthResponse function -> file packages/auth/Auth.ts, if it's possible could please check?

before I was using aws-amplify/auth version 2.1.8 which is working fine on my app. but we have to upgrade to the aws-amplify version.

I noticed in versions 2.1.8 and the latest there is a code format difference we are getting now hexadecimal format but I think that is not the issue.

the issue is I'm unable to get the accessToken from the code that's why I'm getting 404 error on https://cognito-identity.us-east-1.amazonaws.com/

Payload:

{
    "IdentityPoolId": "us-east-1:xxxxxxxxx",
    "Logins": {
        "cognito-idp.us-east-1.amazonaws.com/us-east-1xxx": ""
    }
}

Response:

"1 validation error detected: Value '{cognito-idp.us-east-1.amazonaws.com/us-east-1_xxxx}' at 'logins' failed to satisfy constraint: Map value must satisfy constraint: [Member must have length less than or equal to 50000, Member must have length greater than or equal to 1]"
__type
: 
"ValidationException"

[saadgsquad]

thanks, guys for the help with the issue in redirecting url calls multiple times I have this problem, which is fixed now.