Open mattiLeBlanc opened 1 week ago
Hello @mattiLeBlanc. Sorry for any inconvenience using the library, and thank you for providing the code snippets.
Based on the code bellow, the fetchUserAttributes
API will fail if there is not connectivity or if there is a network delay, hence hitting the catch block and logging the user out. So the absence of auth tokens would explain the No federated jwt
error.
try {
await fetchUserAttributes();
const currentSession = await fetchAuthSession();
if (currentSession.tokens) {
const idToken = currentSession.tokens.idToken?.toString();
return { Authorization: idToken };
} else {
return undefined
}
} catch (error) {
signOut()
return undefined;
}
If you indeed are getting a NetworkError
, a potential solution is to add a retry logic until the connection is back and then continue with the original flow.
Hello, I can confirm that I am experiencing the same issue but on a Next.js v14 project. I'm using plain cognito (phone number + password) without any federated auth providers.
I don't have any logic to sign out the user as in the OP's issue. Here's a snippet of how I initialize my client
import amplifyConfig from "@repo/aws-exports";
Amplify.configure(amplifyConfig, { ssr: true });
ConsoleLogger.LOG_LEVEL = "DEBUG";
Then, I have the ssrClient
utility initialized as follows:
import { createServerRunner } from "@aws-amplify/adapter-nextjs";
import { generateServerClientUsingCookies } from "@aws-amplify/adapter-nextjs/api";
import { cookies } from "next/headers";
import config from "@repo/aws-exports";
export const ssrClient = generateServerClientUsingCookies({
cookies,
config,
authMode: "userPool",
});
export const { runWithAmplifyServerContext } = createServerRunner({
config,
});
This issue occurs anytime I try to use the ssrClient to perform a query to appsync.
Also, one weird thing I have noticed is that this seems to appear only on localhost. The production build seems to work okay (so far). This follows upgrading the latest versions of aws-amplify
(6.3.7
), @aws-amplify/adapter-nextjs
(1.2.5
) and next
. (14.2.4
)
Initially, I was getting a different No current user
error (despite my tokens not being expired) as reported here. But after upgrading, this is the new error I am getting
@ndaba1, thank you for the additional context here. We'll work on reproducing on our side and investigate this further.
@cwomack any progress/updates on this ?
Before opening, please confirm:
JavaScript Framework
Angular
Amplify APIs
Authentication
Amplify Version
v6
Amplify Categories
auth, api
Backend
None
Environment information
Describe the bug
My Angular error handler is reporting several Authentication related errors when doing Appsync calls:
No federated jwtNoValidAuthTokens: No federated jwt
Runtime error running query getMediaPath. Authmode Cognito. Error: NoValidAuthTokens: No federated jwt
Graphql Error running query getMediaPath. Authmode Cognito. Error: Unauthorized Error: Graphql Error running query getMediaPath. Authmode Cognito. Error: Unauthorized
These are all from different customers using our platform. I can't see in the stack trace what caused it because all the code is uglified and it happens in 3th party lib (amplify).
These users SHOULD be logged in, because our refresh token is set to multiple years expiry. What may happen, they are running on a tablet which goes to sleep,and next day they come back to the application and it tries to do a query, maybe before the refreshtoken fetched a new accesstoken?
I can't reproduce it on my macbook, ipad of lenove android tablet.
Am I looking at headers being filtered by corporate networks or is their something else I should do?
I configure my angular app by the books:
I am using the latest version of Amplify 6 and before I was using Amplify 5.4 I didnt not get these JWT errors. Maybe just authorisation errors.
Expected behavior
I expect no authorisation errors if refreshtoken is valid and app is activated
Reproduction steps
I don't even know how to reproduce it myself. It is happening on customers devices.
I realise this issue is vague, and it is for me too. I would have to get a hold of some of our users devices or talk their ID department to find out if has something to do with contentblockers or other security settings.
But I hope maybe these errors ring bells and you can give me a nudge in the right direction.
Code Snippet
Log output
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response