search

aws-amplify / amplify-js

A declarative JavaScript library for application development using cloud services.
https://docs.amplify.aws/lib/q/platform/js
Apache License 2.0
9.43k stars 2.13k forks source link

Amplify runWithAmplifyServerContext not working with existing userpools not generated by amplify #12516

Closed Sizlers closed 6 months ago

Sizlers commented 1 year ago

Before opening, please confirm:

JavaScript Framework

Next.js

Amplify APIs

Authentication

Amplify Categories

auth

Environment information

``` # Put output below this line System: OS: macOS 13.3.1 CPU: (12) x64 Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz Memory: 459.38 MB / 16.00 GB Shell: 5.9 - /bin/zsh Binaries: Node: 20.9.0 - /usr/local/bin/node Yarn: 1.22.10 - /usr/local/bin/yarn npm: 10.1.0 - /usr/local/bin/npm Watchman: 2022.11.14.00 - /usr/local/bin/watchman Browsers: Chrome: 118.0.5993.117 Firefox: 107.0.1 Safari: 16.4 npmPackages: @ampproject/toolbox-optimizer: undefined () @aws-amplify/adapter-nextjs: ^0.0.2-next.a1ea0f2.0 => 0.0.2-next.a1ea0f2.0+a1ea0f2 @aws-amplify/adapter-nextjs/with-amplify: undefined () @aws-cdk/dns_validated_certificate_handler: 0.0.0 @babel/core: undefined () @babel/runtime: 7.15.4 @edge-runtime/cookies: 3.4.1 @edge-runtime/ponyfill: 2.4.0 @edge-runtime/primitives: 3.1.1 @hapi/accept: undefined () @headlessui/react: ^1.7.17 => 1.7.17 @headlessui/tailwindcss: ^0.2.0 => 0.2.0 @heroicons/react: ^2.0.18 => 2.0.18 @hookform/resolvers: ^3.3.2 => 3.3.2 @hookform/resolvers/ajv: 1.0.0 @hookform/resolvers/arktype: 1.0.0 @hookform/resolvers/class-validator: 1.0.0 @hookform/resolvers/computed-types: 1.0.0 @hookform/resolvers/io-ts: 1.0.0 @hookform/resolvers/joi: 1.0.0 @hookform/resolvers/nope: 1.0.0 @hookform/resolvers/superstruct: 1.0.0 @hookform/resolvers/typanion: 1.0.0 @hookform/resolvers/typebox: 1.0.0 @hookform/resolvers/valibot: 1.0.0 @hookform/resolvers/vest: 1.0.0 @hookform/resolvers/yup: 1.0.0 @hookform/resolvers/zod: 1.0.0 @mswjs/interceptors: undefined () @napi-rs/triples: undefined () @next/font: undefined () @next/react-dev-overlay: undefined () @opentelemetry/api: undefined () @segment/ajv-human-errors: undefined () @tailwindcss/forms: ^0.5.3 => 0.5.6 @types/node: 20.4.6 => 20.8.2 @types/react: 18.2.18 => 18.2.25 @types/react-dom: 18.2.7 => 18.2.10 @vercel/nft: undefined () @vercel/og: undefined () acorn: undefined () amphtml-validator: undefined () anser: undefined () arg: undefined () assert: undefined () async-retry: undefined () async-sema: undefined () autoprefixer: ^10.4.12 => 10.4.16 aws-amplify: ^6.0.1-next.a1ea0f2.0 => 6.0.1-next.a1ea0f2.0+a1ea0f2 aws-amplify/analytics: undefined () aws-amplify/analytics/pinpoint: undefined () aws-amplify/auth: undefined () aws-amplify/auth/cognito: undefined () aws-amplify/auth/cognito/server: undefined () aws-amplify/auth/server: undefined () aws-amplify/internals/adapter-core: undefined () aws-amplify/storage: undefined () aws-amplify/storage/s3: undefined () aws-amplify/storage/s3/server: undefined () aws-amplify/storage/server: undefined () aws-cdk-lib: 2.101.1 => 2.101.1 babel-packages: undefined () browserify-zlib: undefined () browserslist: undefined () buffer: undefined () bytes: undefined () ci-info: undefined () cli-select: undefined () client-only: 0.0.1 clsx: ^2.0.0 => 2.0.0 comment-json: undefined () compression: undefined () conf: undefined () constants-browserify: undefined () constructs: 10.2.69 => 10.2.69 content-disposition: undefined () content-type: undefined () cookie: undefined () cross-spawn: undefined () crypto-browserify: undefined () css.escape: undefined () data-uri-to-buffer: undefined () debug: undefined () devalue: undefined () domain-browser: undefined () edge-runtime: undefined () eslint: ^8 => 8.53.0 eslint-config-next: 14.0.1 => 14.0.1 events: undefined () find-cache-dir: undefined () find-up: undefined () fresh: undefined () get-orientation: undefined () glob: undefined () gzip-size: undefined () http-proxy: undefined () http-proxy-agent: undefined () https-browserify: undefined () https-proxy-agent: undefined () icss-utils: undefined () ignore-loader: undefined () image-size: undefined () is-animated: undefined () is-docker: undefined () is-wsl: undefined () jest-worker: undefined () json5: undefined () jsonwebtoken: undefined () loader-runner: undefined () loader-utils: undefined () lodash.curry: undefined () lru-cache: undefined () lucide-react: ^0.284.0 => 0.284.0 micromatch: undefined () mini-css-extract-plugin: undefined () nanoid: undefined () native-url: undefined () neo-async: undefined () next: 13.5.4 => 13.5.4 node-fetch: undefined () node-html-parser: undefined () ora: undefined () os-browserify: undefined () p-limit: undefined () path-browserify: undefined () platform: undefined () postcss: ^8 => 8.4.31 postcss-flexbugs-fixes: undefined () postcss-modules-extract-imports: undefined () postcss-modules-local-by-default: undefined () postcss-modules-scope: undefined () postcss-modules-values: undefined () postcss-preset-env: undefined () postcss-safe-parser: undefined () postcss-scss: undefined () postcss-value-parser: undefined () prettier: ^3.0.1 => 3.0.3 prettier-plugin-tailwindcss: ^0.5.2 => 0.5.6 process: undefined () punycode: undefined () querystring-es3: undefined () raw-body: undefined () react: ^18 => 18.2.0 react-builtin: undefined () react-dom: ^18 => 18.2.0 react-dom-builtin: undefined () react-dom-experimental-builtin: undefined () react-experimental-builtin: undefined () react-hook-form: ^7.47.0 => 7.47.0 react-is: 18.2.0 react-refresh: 0.12.0 react-server-dom-webpack-builtin: undefined () react-server-dom-webpack-experimental-builtin: undefined () regenerator-runtime: 0.13.4 sass-loader: undefined () scheduler-builtin: undefined () scheduler-experimental-builtin: undefined () schema-utils: undefined () semver: undefined () send: undefined () server-only: 0.0.1 setimmediate: undefined () sharp: ^0.32.0 => 0.32.6 shell-quote: undefined () source-map: undefined () sst: ^2.32.2 => 2.34.3 stacktrace-parser: undefined () stream-browserify: undefined () stream-http: undefined () string-hash: undefined () string_decoder: undefined () strip-ansi: undefined () superstruct: undefined () tailwind-merge: ^1.14.0 => 1.14.0 tailwindcss: ^3.3.3 => 3.3.3 tailwindcss-animate: ^1.0.7 => 1.0.7 tar: undefined () terser: undefined () text-table: undefined () timers-browserify: undefined () tty-browserify: undefined () typescript: 5.1.6 => 5.2.2 (5.0.2) ua-parser-js: undefined () undici: undefined () unistore: undefined () util: undefined () vm-browserify: undefined () watchpack: undefined () web-vitals: undefined () webpack: undefined () webpack-sources: undefined () ws: undefined () zod: ^3.22.4 => 3.22.4 npmGlobalPackages: @aws-amplify/cli: 12.7.1 @sanity/cli: 2.12.2 @vue/cli: 4.4.1 corepack: 0.20.0 expo-cli: 3.24.0 firebase-tools: 9.10.2 gatsby-cli: 2.12.109 n: 7.5.0 npm: 10.1.0 react-native-cli: 2.0.1 serverless: 2.61.0 ts-node: 10.4.0 yarn: 1.22.10 ```

Describe the bug

When I use an existing cognito userpool/client app everything works as expected on the client side, being able to log in/register/sign out.

However the session is not getting picked up in NextJS's middleware.

Adding auth through amplify works as expected however and the session is getting passed through to the middleware.

On the amplify userpool, I then created a app client with the default settings:

Settings: App type: Public Client App client name: test-client Client secret: Don't generate a client secret Authentication flows: ALLOW_USER_SRP_AUTH Authentication flow session duration: 3 minutes Refresh token expiration: 30 days Access token expiration: 60 minutes ID token expiration: 60 minutes Enable token revocation: true Prevent user existence errors: true

Then plugged in that application client, and the issue returns.

Expected behavior

runWithAmplifyServerContext to detect session with userpools not generated through amplify

Reproduction steps

Install the following project: https://github.com/nadetastic/amplify-v6-ssr-dev-preview

Add a pre-existing userpool client pool via the config which wasn't generated via amplify.

Register then login on the client side

See session not getting picked up on the serverside

Code Snippet

// Put your code below this line.

Log output

``` // Put your logs below this line ```

aws-exports.js

No response

Manual configuration

{ "aws_cognito_region": "eu-west-2", "aws_user_pools_id": "eu-west-2_Nxov6QmH3", "aws_user_pools_web_client_id": "5kn63dvgueufnhoi88r05vurl5", }

Additional configuration

No response

Mobile Device

No response

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response

HuiSF commented 1 year ago

Hi @Sizlers thanks for trying out the Next.js adapter. Have you configured Amplify on the client side specifying the "SSR" use case?

Amplify.configure({
  ... // your Amplify config object
}, {
  ssr: true, // instruct the client to using cookie store storing auth tokens
})

If you have done so, could you check if the tokens are presented in the cookie store? Also check the requests sent out to your Next.js server, have cookies header containing the tokens stored in the cookie store?

cwomack commented 1 year ago

@Sizlers, can you also clarify how the Auth resources were created (i.e. through Cognito Console, were existing from previous app, etc) when you say they were not generated via amplify? Thanks!

adithep commented 1 year ago

I have the same problem, I checked the cookie is not in the cookie store, even though the ?code=*** exist in the url param, it is not being consumed by amplify.

HuiSF commented 11 months ago

Hi @adithep in what sign in flow you are seeing this issue? You mentioned ?code query parameter, is that the OAuth flow? Can you give details of your set up, and how did you trigger this issue?

rallona commented 11 months ago

Same problem to me y Nextjs with SSR:

This function doesnt work:


const currentUser = await runWithAmplifyServerContext({
      nextServerContext: { cookies },
      operation: (contextSpec) => getCurrentUser(contextSpec)
    });

Neither this one:

  const currentUser = await runWithAmplifyServerContext({
        nextServerContext: { cookies },
        operation: async (contextSpec) => {
          try {
            const session = await fetchAuthSession(contextSpec);

The error is the same to me: NotAuthorizedException: Unauthenticated access is not supported for this identity pool.

cwomack commented 6 months ago

@Sizlers and @adithep, circling back to this issue now that we're well past the pre-release versions of v6. Have either of you tried to upgrade to the most recent versions of Amplify v6 and see if you're still experiencing this issue?

@rallona, the v6 fetchAuthSession() API will potentially fail in that way if the identityPool is not set up properly. If you're still experiencing this issue, can you check the identityPool to ensure it matches with the userPoolId? In the event this persists, we'll ask you to open a new issue tied to this because it appears to be different than what @Sizlers is experiencing.

cwomack commented 6 months ago

Closing this issue as we have not heard back from you. If you are still experiencing this, please feel free to reply back and provide any information previously requested and we'd be happy to re-open the issue.

Thank you!