search

aws-amplify / amplify-js

A declarative JavaScript library for application development using cloud services.
https://docs.amplify.aws/lib/q/platform/js
Apache License 2.0
9.4k stars 2.11k forks source link

verify auth challenge function missing in cloud watch #11502

Closed Josephenoch closed 8 months ago

Josephenoch commented 1 year ago

Before opening, please confirm:

JavaScript Framework

React Native

Amplify APIs

Authentication

Amplify Categories

auth

Environment information

``` # Put output below this line System: OS: macOS 13.4 CPU: (8) arm64 Apple M1 Memory: 105.09 MB / 8.00 GB Shell: 5.9 - /bin/zsh Binaries: Node: 16.13.0 - ~/.nvm/versions/node/v16.13.0/bin/node Yarn: 1.22.19 - ~/.nvm/versions/node/v16.13.0/bin/yarn npm: 8.1.0 - ~/.nvm/versions/node/v16.13.0/bin/npm Watchman: 2023.05.22.00 - /opt/homebrew/bin/watchman Browsers: Chrome: 114.0.5735.133 Safari: 16.5 npmPackages: @babel/core: ^7.20.0 => 7.22.1 @react-native-async-storage/async-storage: 1.17.11 => 1.17.11 @react-native-community/netinfo: 9.3.7 => 9.3.7 @react-navigation/native: ^6.1.6 => 6.1.6 @react-navigation/native-stack: ^6.9.12 => 6.9.12 @react-navigation/stack: ^6.3.16 => 6.3.16 @types/jest: ^29.5.1 => 29.5.2 @types/react: ~18.0.14 => 18.0.38 (18.2.8) @types/react-native: ^0.72.2 => 0.72.2 @types/react-test-renderer: ^18.0.0 => 18.0.0 HelloWorld: 0.0.1 aws-amplify: ^5.2.5 => 5.2.5 expo: ~48.0.15 => 48.0.19 expo-constants: ~14.2.1 => 14.2.1 expo-dev-client: ~2.2.1 => 2.2.1 expo-font: ~11.1.1 => 11.1.1 expo-status-bar: ~1.4.4 => 1.4.4 jest: ^29.2.1 => 29.5.0 jest-expo: ^48.0.2 => 48.0.2 react: 18.2.0 => 18.2.0 react-native: 0.71.8 => 0.71.8 react-native-gesture-handler: ~2.9.0 => 2.9.0 react-native-reanimated: ~2.14.4 => 2.14.4 react-native-safe-area-context: 4.5.0 => 4.5.0 react-native-screens: ~3.20.0 => 3.20.0 react-native-svg: 13.4.0 => 13.4.0 react-native-svg-transformer: ^1.0.0 => 1.0.0 react-test-renderer: 18.2.0 => 18.2.0 typescript: ^4.9.4 => 4.9.5 npmGlobalPackages: @nestjs/cli: 9.3.0 corepack: 0.10.0 eas-cli: 3.7.2 expo-cli: 6.3.2 frontend-nextjs: 0.1.0 nodemon: 2.0.22 npm: 8.1.0 prisma: 4.12.0 re-toast: 1.1.0 yarn: 1.22.19 ```

Describe the bug

I have created a custom auth flow for passwordless authentication. As a result, I created and configured the three lambda functions required, ie. the create, define and verify auth challenge. I also added pre-signup to verify every user (because immediately after signing up, we send them the signup challenge, which is an OTP code).

The define and create auth challenge works well, but the verify doesn't work. I get the error:[TypeError: undefined is not a function] when I run Auth.sendCustomChallengeAnswer(cognitoUser, code). I discovered that the verify lambda function cannot be found on cloud watch. I've deleted and reinitialized the project, but the error persists

Expected behavior

The verify auth challenge should show in the lambda cloud watch and Auth.sendCustomChallengeAnswer(cognitoUser, code) should work.

Reproduction steps

  1. initialize amplify
  2. add authentication, and choose the custom auth flow
  3. Ensure you create the four functions, that is, the define, create, verify auth challenge and pre-sign up lambda function
  4. Use the flow indicated in the docs to verify the custom auth challenge
  5. Check the console for the verify auth challenge function

Code Snippet

// passwordless login functon
 const handleSubmit = async () => {
    const {email} = formData
    try{
      setLoading(()=>true)
      await Auth.signUp(email.toLowerCase(),email.toLowerCase())
      await sendOTPLogin(email)
    }catch(err: any){
      switch(err.message){
        case "An account with the given email already exists.":
          await sendOTPLogin(email.toLowerCase())
          break
      }
      setLoading(()=>false)
    }
  } 

// to send the OTP
  const sendOTPLogin = async (email: string) => {
    try{
      const cognitoUser = await Auth.signIn(email.toLowerCase(),email.toLowerCase())
      setCognitoUser(cognitoUser)
      setLoading(()=>false)

    }catch(err: any){
      console.log(err.message)
    }

  }

// to verify the otp

  const handleSubmit = async (code: string) => {
    try{
        const user = await Auth.sendCustomChallengeAnswer(cognitoUser, code)
    }catch(err: any){
      console.warn(err)
    }

  }

Log output

``` // Put your logs below this line ```

aws-exports.js

/ eslint-disable / // WARNING: DO NOT EDIT. This file is automatically generated by AWS Amplify. It will be overwritten.

const awsmobile = { "aws_project_region": "eu-central-1", "aws_cognito_identity_pool_id": "eu-central-1:xxxxxxxxxxxx", "aws_cognito_region": "eu-central-1", "aws_user_pools_id": "eu-central-xxxxxx", "aws_user_pools_web_client_id": "xxxxxxxx", "oauth": {}, "aws_cognito_username_attributes": [ "EMAIL" ], "aws_cognito_social_providers": [], "aws_cognito_signup_attributes": [ "EMAIL" ], "aws_cognito_mfa_configuration": "OFF", "aws_cognito_mfa_types": [ "SMS" ], "aws_cognito_password_protection_settings": { "passwordPolicyMinLength": 8, "passwordPolicyCharacters": [] }, "aws_cognito_verification_mechanisms": [ "PHONE_NUMBER" ] };

export default awsmobile;

Manual configuration

No response

Additional configuration

No response

Mobile Device

Iphone 14 Pro Max

Mobile Operating System

IOS16

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

Screenshot 2023-06-14 at 22 47 24 Screenshot 2023-06-14 at 22 48 17
cwomack commented 1 year ago

Hello @Josephenoch, and thank you for opening this issue. Can you verify if the Verify Auth Challenge Lambda has been granted CloudWatch logging permissions for its execution role? It sounds like if you've already tried deleting and reinitializing the project, it's safe to say this is not a result of the 5-10 minutes it can take before logs show up after function invocation.

cwomack commented 1 year ago

@Josephenoch, wanted to follow up and ask if you're able to see any logs on the network tab tied to your calls of Auth.sendCustomChallengeAnswer? Can you detail what the response is when it's called or share a screenshot as well?

Josephenoch commented 1 year ago

Sorry about the delay. I've confirmed and all the permissions are set. Also, it's an expo based project with react native. Here is a screenshot of the error I get when I run Auth.sendCustomChallengeAnswer

Screenshot 2023-06-15 at 22 05 54
Josephenoch commented 1 year ago

Is there any update on this? it's a major blocker for a product I'm to work on.

nadetastic commented 9 months ago

Hi @Josephenoch following up here - I also wanted to mention that if you do not see any cloudwatch logs for a Lambda function, it can also mean that the lambda function has never been invoked thus has never written any logs.

Can you confirm if this is true? If you are still not seeing any cloud watch logs for the verify lambda, then you can try do do a test invocation in the lambda console and see if any new logs are generated. If you do see some after the test invocation, it means that your custom auth flow is not invoking the verify lambda function due to a separate issue.

nadetastic commented 9 months ago

Hi @Josephenoch following up here, let me know if you still need assistance with this. If not I'll go ahead and close out this issue soon. Thanks!