search

aws-amplify / amplify-js

A declarative JavaScript library for application development using cloud services.
https://docs.amplify.aws/lib/q/platform/js
Apache License 2.0
9.41k stars 2.12k forks source link

signOut or deleteUser trigger : "Wants to Use amazoncognito.com to Sign In" #13088

Closed Glognus closed 6 months ago

Glognus commented 6 months ago

Before opening, please confirm:

JavaScript Framework

React Native

Amplify APIs

Authentication

Amplify Version

v6

Amplify Categories

auth

Backend

Amplify CLI

Environment information

System: OS: macOS 14.3.1 CPU: (8) arm64 Apple M2 Memory: 617.33 MB / 16.00 GB Shell: 5.9 - /bin/zsh Binaries: Node: 21.6.2 - /opt/homebrew/bin/node Yarn: 1.22.21 - /opt/homebrew/bin/yarn npm: 10.2.4 - /opt/homebrew/bin/npm pnpm: 8.15.4 - ~/.nvm/versions/node/v21.6.2/bin/pnpm Browsers: Chrome: 122.0.6261.94 Safari: 17.3.1 npmPackages: @aws-amplify/datastore-storage-adapter: ^2.1.18 => 2.1.18 @aws-amplify/predictions: ^6.0.18 => 6.0.18 @aws-amplify/react-native: ^1.0.18 => 1.0.18 @aws-amplify/rtn-web-browser: ^1.0.18 => 1.0.18 @aws-amplify/ui-react-native: ^2.1.3 => 2.1.3 @babel/core: ^7.24.0 => 7.24.0 @babel/plugin-proposal-export-namespace-from: ^7.18.9 => 7.18.9 @babel/plugin-proposal-nullish-coalescing-operator: ^7.18.6 => 7.18.6 @babel/plugin-proposal-optional-chaining: ^7.21.0 => 7.21.0 @expo/vector-icons: ^13.0.0 => 13.0.0 (14.0.0) @faker-js/faker: ^8.4.1 => 8.4.1 @gorhom/bottom-sheet: ^4.6.1 => 4.6.1 @react-native-async-storage/async-storage: 1.22.3 => 1.22.3 @react-native-community/netinfo: 11.3.1 => 11.3.1 @react-native-masked-view/masked-view: 0.3.1 => 0.3.1 @react-native-picker/picker: 2.6.1 => 2.6.1 @react-navigation/native: ^6.1.14 => 6.1.14 @shopify/flash-list: 1.6.3 => 1.6.3 @shopify/restyle: ^2.4.2 => 2.4.2 @types/base-64: ^1.0.2 => 1.0.2 @types/react: ~18.2.62 => 18.2.62 (16.14.57) @types/react-native-base64: ^0.2.2 => 0.2.2 @typescript-eslint/eslint-plugin: ^7.1.1 => 7.1.1 @typescript-eslint/parser: ^7.1.1 => 7.1.1 HelloWorld: 0.0.1 aws-amplify: ^6.0.18 => 6.0.18 aws-amplify/adapter-core: undefined () aws-amplify/analytics: undefined () aws-amplify/analytics/kinesis: undefined () aws-amplify/analytics/kinesis-firehose: undefined () aws-amplify/analytics/personalize: undefined () aws-amplify/analytics/pinpoint: undefined () aws-amplify/api: undefined () aws-amplify/api/server: undefined () aws-amplify/auth: undefined () aws-amplify/auth/cognito: undefined () aws-amplify/auth/cognito/server: undefined () aws-amplify/auth/enable-oauth-listener: undefined () aws-amplify/auth/server: undefined () aws-amplify/datastore: undefined () aws-amplify/in-app-messaging: undefined () aws-amplify/in-app-messaging/pinpoint: undefined () aws-amplify/push-notifications: undefined () aws-amplify/push-notifications/pinpoint: undefined () aws-amplify/storage: undefined () aws-amplify/storage/s3: undefined () aws-amplify/storage/s3/server: undefined () aws-amplify/storage/server: undefined () aws-amplify/utils: undefined () babel-plugin-inline-import: ^3.0.0 => 3.0.0 base-64: ^1.0.0 => 1.0.0 core-js: ^3.36.0 => 3.36.0 (2.6.12, 1.2.7) eas-cli: ~7.3.0 => 7.3.0 eslint: ~8.57.0 => 8.57.0 expo: ~50.0.8 => 50.0.8 expo-av: ~13.10.5 => 13.10.5 expo-blur: ~12.9.2 => 12.9.2 expo-build-properties: ~0.11.1 => 0.11.1 expo-constants: ~15.4.5 => 15.4.5 expo-crypto: ~12.8.1 => 12.8.1 expo-dev-client: ~3.3.9 => 3.3.9 expo-file-system: ~16.0.7 => 16.0.7 expo-font: ~11.10.3 => 11.10.3 expo-image: ~1.10.6 => 1.10.6 expo-image-manipulator: ~11.8.0 => 11.8.0 expo-image-picker: ~14.7.1 => 14.7.1 expo-insights: ~0.6.1 => 0.6.1 expo-linear-gradient: ~12.7.2 => 12.7.2 expo-linking: ~6.2.2 => 6.2.2 expo-localization: ~14.8.3 => 14.8.3 expo-location: ~16.5.5 => 16.5.5 expo-permissions: ~14.4.0 => 14.4.0 expo-router: ~3.4.8 => 3.4.8 expo-splash-screen: ~0.26.4 => 0.26.4 expo-status-bar: ~1.11.1 => 1.11.1 expo-system-ui: ~2.9.3 => 2.9.3 expo-updates: ~0.24.11 => 0.24.11 expo-web-browser: ~12.8.2 => 12.8.2 lottie-react-native: 6.7.0 => 6.7.0 react: 18.2.0 => 18.2.0 (16.14.0) react-dom: 18.2.0 => 18.2.0 (16.14.0) react-intl: ^6.6.2 => 6.6.2 react-native: 0.73.5 => 0.73.5 react-native-autocomplete-dropdown: ^3.1.4 => 3.1.4 react-native-base64: ^0.2.1 => 0.2.1 react-native-blurhash: ^1.1.11 => 1.1.11 react-native-bouncy-checkbox: ^3.0.7 => 3.0.7 react-native-circular-progress: ^1.3.9 => 1.3.9 react-native-collapsible: ^1.6.1 => 1.6.1 react-native-figma-squircle: ^0.3.4 => 0.3.4 react-native-gesture-handler: ~2.15.0 => 2.15.0 react-native-get-random-values: ~1.10.0 => 1.10.0 react-native-iconly: git+https://github.com/Leeva-io/react-native-iconly.git => 1.0.11 react-native-keyboard-aware-scroll-view: ^0.9.5 => 0.9.5 react-native-maps: 1.10.3 => 1.10.3 react-native-modal: ^13.0.1 => 13.0.1 react-native-pager-view: 6.2.3 => 6.2.3 react-native-pinchable: ^0.2.1 => 0.2.1 react-native-reanimated: ~3.7.2 => 3.7.2 react-native-reanimated-carousel: ^3.5.1 => 3.5.1 react-native-redash: ^18.1.3 => 18.1.3 (12.6.1) react-native-safe-area-context: 4.9.0 => 4.9.0 react-native-screens: ~3.29.0 => 3.29.0 react-native-sqlite-storage: ^6.0.1 => 6.0.1 react-native-svg: 15.0.0 => 15.0.0 react-native-swiper: ^1.6.0 => 1.6.0 react-native-ui-lib: ^7.17.0 => 7.17.0 react-native-web: ~0.19.10 => 0.19.10 react-native-web-maps: ^0.3.0 => 0.3.0 react-test-renderer: 18.2.0 => 18.2.0 typescript: ^5.3.3 => 5.3.3 uilib-native: 4.1.2 zustand: ^4.5.2 => 4.5.2 npmGlobalPackages: @aws-amplify/cli: 12.10.1 npm: 10.2.4 yarn: 1.22.21

Describe the bug

I am experiencing an unexpected behavior with the aws-amplify/auth package in my application. Specifically, when executing actions intended for user sign-out (Auth.signOut()) or user deletion (Auth.deleteUser()), a popup unexpectedly appears on the user's screen. This popup wrongly states, " Wants to Use amazoncognito.com to Sign In". This behavior is misleading and inaccurate, as these operations should not trigger any sign-in related processes or notifications.

This popup suggests to the users that the application is attempting to initiate a sign-in process through Amazon Cognito, which is completely opposite to the user's action of signing out or deleting their account. Not only is this confusing for users, but it also disrupts the intended flow and user experience of the application. There should be no implication or suggestion of a sign-in process during the sign-out or account deletion actions.

Expected behavior

My expectation for the Auth.signOut() and Auth.deleteUser() operations within the aws-amplify/auth package is straightforward: these actions should cleanly sign out or delete the user's account without any misleading prompts or messages. Specifically, upon executing either of these actions, the user should not be confronted with any popups or messages suggesting an initiation of a sign-in process.

For the Auth.signOut() operation, the expected behavior is a silent sign-out process where the user is logged out of the application without any additional prompts or messages, seamlessly returning them to the sign-in page or landing page as defined by the application logic.

For the Auth.deleteUser()operation, the expectation is that the user's account is deleted without misleading feedback, and the application should then navigate the user appropriately, either to a confirmation screen stating that their account has been successfully deleted or back to the initial app state that does not imply re-authentication is needed.

In both cases, the key expectation is the absence of any sign-in related popups, especially ones falsely indicating that the application is trying to use Amazon Cognito for sign-in during these logout or account deletion processes. These actions should be handled internally by the application and the AWS Amplify framework without exposing users to incorrect or confusing messaging.

Reproduction steps

When user trigger signout() or deleteUser() :

Screenshot 2024-03-05 at 5 32 33 PM

Code Snippet

import { AuthUser, deleteUser } from "aws-amplify/auth";
...
await deleteUser();

Mobile Device

iPhone 15 Pro

Mobile Operating System

IOS 17.2

nadetastic commented 6 months ago

Related to - https://github.com/aws-amplify/amplify-js/issues/3410

nadetastic commented 6 months ago

HI @Glognus thank you for opening this issue - as shown in the comment above this issue is related to an existing on, however the existing issue contains a work around that is available in previous major versions of aws-amplify ~that isn't available in v6. I'm working to determine a work around, however in the meantime, I'll mark this as a bug and will follow up soon~.

nadetastic commented 6 months ago

Hi @Glognus following up here - after discussing with the team, I want to correct the above comment and say that it is possible to suppress the pop up in v6 as well. The way to achieve it is to pass the preferPrivateSession flag when calling signInWithRedirect() api. However note that the application will not use any sessions from the user's browser, and it will suppress the pop up on both sign in and sign out.

await signInWithRedirect({
    provider: 'Google',
    options: {
        preferPrivateSession: true
    },
});

I'll go ahead and unmark this as a bug but let me know if you have any additional questions.

Glognus commented 6 months ago

Thank you for your reply, it works better with preferPrivateSession: true

Glognus commented 6 months ago

@nadetastic Do you plan to resolve this problem in the future without using preferPrivateSession?