Closed perspectivus1 closed 2 years ago
Hi @perspectivus1 👋 I don't think anything's changed for the authorization code flow with an OIDC provider. This issue could be caused by several things. This issue thread might be helpful: https://github.com/aws-amplify/amplify-js/issues/3055.
Does your app client have the client secret box checked? I believe this is enabled by default but it should be disabled/unchecked.
Hi 👋 Closing this as we have not heard back from you. If you are still experiencing this issue and in need of assistance, please feel free to comment and provide us with any information previously requested by our team members so we can re-open this issue and be better able to assist you. Thank you!
Hi @chrisbonifacio i'm following this documents to setup SSO https://docs.amplify.aws/lib/auth/social/q/platform/js/#setup-your-auth-provider
i'm aslo getting success and Token in this code
`async function urlOpener(url, redirectUrl) { await InAppBrowser.isAvailable(); const { type, url: newUrl } = await InAppBrowser.openAuth(url, redirectUrl, { showTitle: false, enableUrlBarHiding: true, enableDefaultShare: false, ephemeralWebSession: false, });
if (type === 'success') { Linking.openURL(newUrl); } }`
But in the Hub listener getting like signin_failure and Error Message as OAuth - Error handling auth response. Error: Invalid state in OAuth flow
Hub.listen("auth", ({ payload: { event, data } }) => { switch (event) { case "signIn": this.setState({ user: data }); break; case "signOut": this.setState({ user: null }); break; case "customOAuthState": this.setState({ customState: data }); } });
This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.
Looking for a help forum? We recommend joining the Amplify Community Discord server *-help
channels or Discussions for those types of questions.
Before opening, please confirm:
JavaScript Framework
React
Amplify APIs
Authentication
Amplify Categories
auth
Environment information
Describe the bug
I use
Auth.federatedSignIn({ customProvider: '<my-oidc-idp>' });
to initiate an OAuth authorization code flow.The initial outbound request to Cognito succeeds, but when the user gets redirected back to my app with a valid authorization code, Amplify fails on this error:
This happens because Amplify genarates a
state
URL parameter, but then Cognito generates its ownstate
URL parameter and passes that along to the target IDP (OIDC in my case).Expected behavior
The state validation should have succeeded and the flow should have continued to try and obtain my access token.
Is this a Cognito issue? Why does it generate a new
state
?Can
state
validation be turned off in Amplify?Reproduction steps
Code Snippet
Log output
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response