search

aws-amplify / amplify-js

A declarative JavaScript library for application development using cloud services.
https://docs.amplify.aws/lib/q/platform/js
Apache License 2.0
9.4k stars 2.11k forks source link

Unable to find UserAlreadyAuthenticatedException for importing #12727

Open brianreinhold opened 6 months ago

brianreinhold commented 6 months ago

Before opening, please confirm:

JavaScript Framework

Angular

Amplify APIs

Authentication

Amplify Categories

auth

Environment information

``` # Put output below this line System: OS: Windows 10 10.0.19045 CPU: (4) x64 Intel(R) Core(TM) i3-6320 CPU @ 3.90GHz Memory: 5.66 GB / 15.89 GB Binaries: Node: 18.18.2 - ~\AppData\Local\nvs\node\18.18.2\x64\node.EXE npm: 9.8.1 - ~\AppData\Local\nvs\node\18.18.2\x64\npm.CMD Browsers: Chrome: 120.0.6099.110 Edge: Chromium (120.0.2210.77) Internet Explorer: 11.0.19041.3636 npmPackages: @angular-devkit/build-angular: ^16.2.8 => 16.2.10 @angular-devkit/core: ^16.2.8 => 16.2.10 @angular-eslint/builder: 16.3.1 => 16.3.1 @angular-eslint/eslint-plugin: 16.3.1 => 16.3.1 @angular-eslint/eslint-plugin-template: 16.3.1 => 16.3.1 @angular-eslint/schematics: 16.3.1 => 16.3.1 @angular-eslint/template-parser: 16.3.1 => 16.3.1 @angular/animations: ^16.2.11 => 16.2.12 @angular/cdk: ^16.2.10 => 16.2.12 @angular/cli: ^16.2.8 => 16.2.10 @angular/common: ^16.2.11 => 16.2.12 @angular/compiler: ^16.2.11 => 16.2.12 @angular/compiler-cli: ^16.2.11 => 16.2.12 @angular/core: ^16.2.11 => 16.2.12 @angular/forms: ^16.1.7 => 16.2.12 @angular/material: ^16.2.10 => 16.2.12 @angular/platform-browser: ^16.2.11 => 16.2.12 @angular/platform-browser-dynamic: ^16.2.11 => 16.2.12 @angular/router: ^16.2.11 => 16.2.12 @fhir-typescript/r4b-core: ^0.0.12-beta.18 => 0.0.12-beta.18 @types/crypto-js: ^4.1.3 => 4.2.1 @types/jasmine: ^4.6.1 => 4.6.4 @types/node: ^18.18.2 => 18.19.3 @types/qrcode: ^1.5.4 => 1.5.5 @typescript-eslint/eslint-plugin: 5.62.0 => 5.62.0 @typescript-eslint/parser: 5.62.0 => 5.62.0 angularx-qrcode: ^16.0.2 => 16.0.2 aws-amplify: ^6.0.7 => 6.0.7 aws-amplify/adapter-core: undefined () aws-amplify/analytics: undefined () aws-amplify/analytics/kinesis: undefined () aws-amplify/analytics/kinesis-firehose: undefined () aws-amplify/analytics/personalize: undefined () aws-amplify/analytics/pinpoint: undefined () aws-amplify/api: undefined () aws-amplify/api/server: undefined () aws-amplify/auth: undefined () aws-amplify/auth/cognito: undefined () aws-amplify/auth/cognito/server: undefined () aws-amplify/auth/server: undefined () aws-amplify/datastore: undefined () aws-amplify/in-app-messaging: undefined () aws-amplify/in-app-messaging/pinpoint: undefined () aws-amplify/push-notifications: undefined () aws-amplify/push-notifications/pinpoint: undefined () aws-amplify/storage: undefined () aws-amplify/storage/s3: undefined () aws-amplify/storage/s3/server: undefined () aws-amplify/storage/server: undefined () aws-amplify/utils: undefined () crypto-js: ^4.2.0 => 4.2.0 eslint: ^8.51.0 => 8.55.0 jasmine-core: ^4.6.0 => 4.6.0 karma: ^6.4.1 => 6.4.2 karma-chrome-launcher: 3.1.1 => 3.1.1 karma-coverage: 2.2.0 => 2.2.0 karma-coverage-coffee-example: 1.0.0 karma-jasmine: 5.1.0 => 5.1.0 karma-jasmine-html-reporter: 2.0.0 => 2.0.0 lz-string: ^1.5.0 => 1.5.0 ngx-toastr: ^16.2.0 => 16.2.0 rxjs: ^7.8.1 => 7.8.1 rxjs/ajax: undefined () rxjs/fetch: undefined () rxjs/operators: undefined () rxjs/testing: undefined () rxjs/webSocket: undefined () tslib: ^2.6.2 => 2.6.2 (2.6.1, 1.14.1) typescript: ^4.9.5 => 4.9.5 zone.js: ^0.13.3 => 0.13.3 npmGlobalPackages: corepack: 0.19.0 npm: 9.8.1 ```

Describe the bug

Doing a signIn() operation aws-amplify throws a UserAlreadyAuthenticatedException. The problem is not the exception but I cannot find any documentation on it so I cannot even import it in my attempt to handle it. I guessed my way to this:

console.log(err);
        if (err instanceof UserAlreadyAuthenticatedException)

however UserAlreadyAuthenticatedException is not recognized. I need to import it. But so far I have not been able find where to import it from.

Here is where the documentation fails. This is not the only object that I have found very difficult to find where it is declared. This one has been so difficult I have still not found it.

Expected behavior

The documentation would provide the necessary imports so one can handle errors.

Reproduction steps

Search the documentation.

Code Snippet

Code is not relevant, Need to import UserAlreadyAuthenticatedException

Log output

``` // Put your logs below this line ```

aws-exports.js

No response

Manual configuration

No response

Additional configuration

No response

Mobile Device

No response

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response

israx commented 6 months ago

Hello @brianreinhold . You can import AuthError from aws-amplify/auth and access the error name, message and recoverySuggestion e.g

import { AuthError, signIn } from 'aws-amplify/auth';
try {
 await signIn(signInInput)
} catch (error) {
 error instanceof AuthError && console.log(error.name, error.message, error.recoverySuggestion)
}
cwomack commented 6 months ago

@brianreinhold, I've also noted this as something to add to our documentation via the docs issue referenced above. Thank you for creating this issue in the event that others run into this! Let us know if @israx's recommendation above resolves the issue for you.

brianreinhold commented 6 months ago

@israx Does the 'AuthError' object cover the UserAlreadyAuthenticatedException? I did find where to import 'AuthError' from as I used in in v5 and assumed I would need it in v6.

So in resolving the promise with the usual then(()=>{}).catch((error)=>{}) with error instanceof AuthError catch the 'UserAlreadyAuthenticatedException'? When I just print console.log(error)' I getUserAlreadyAuthenticatedException` but nothing else.

I tried it in the code and using this if (error.name === 'UserAlreadyAuthenticatedException') catches the exception.

However, the documentation for the signIn() method only shows the following:

 * @throws service: {@link InitiateAuthException }, {@link RespondToAuthChallengeException }
 *  - Cognito service errors thrown during the sign-in process.
 * @throws validation: {@link AuthValidationErrorCode  } - Validation errors thrown when either username or password
 *  are not defined.
 * @throws AuthTokenConfigException - Thrown when the token provider config is invalid.

for exceptions. The UserAlreadyAuthenticatedException is not one of them. How many others are there?

Also, in version 5 I never got this exception even if I never signed out...which I almost never do. I simply do a ctrl-S in VS code for my Angular project as I update the code and the app restarts with no UserAlreadyAuthenticatedException. In v6 it always happens (unless I specifically logout). Is this a new behavior? Can I get any documentation describing this behavior?

israx commented 6 months ago

Hey @brianreinhold . Amplify v6 currently maps all service, config, validation and unknown errors into the AuthError instance. If you want to reference any specific error code, please refer to the error name (error.name === 'InitiateAuthException').

When it comes to the UserAlreadyAuthenticatedException , the library doesn't allow to have more than one user authenticated at the same time. This is to avoid key duplication if 2 or more users sign-in without signing out.

Thank you for bringing these concerns. We will improve our API docs to be more descriptive.

brianreinhold commented 6 months ago

Thanks for the info. What has hit me hard is that the user can easily exit the tab without logging out and a restart gives that the user is already authenticate even it it is not the same user (but on the same device). I want to force the user to log in every time.

What happens if user A doesnt logout and user B comes on the same device and logs in with his account? I get strange behavior in this situation including a 'DONE' challenge. I am really confused by what is happening here.

israx commented 6 months ago

If you want to force your users to login every time, you can use SessionStorage to store long live credentials until the browser session is finished, or you can implement your own storage mechanism that suits your needs. We offer documentation where you can see how that can be achieved.

martinrojas commented 3 months ago

This seems to be an undocumented breaking change from v5 to v6. Where in v5 you could call Auth.federatedSignIn({provider: CognitoHostedUIIdentityProvider.Google,}) and if the user was already signed in then it would just kick off the signed in event in Hub. Now it throws this exception. There also doesn't seem to be a documented way to check if the user is signed in before firing signin method.