[macOS] Authentication fails for CLI application

[sebsto]

Describe the bug

When using Amplify Library for Swift for a CLI macOS application, authentication fails because Amplify can not access the macOS keychain.

Error :

Recovery suggestion: This should not happen. There is a possibility that there is a bug if this error persists. Please take a look at https://github.com/aws-amplify/amplify-ios/issues to see if there are any existing issues that match your scenario, and file an issue with the details of the bug if there isn't. Issue encountered at:
file: /Users/stormacq/Library/Developer/Xcode/DerivedData/HandlingUserInput-cnaivyntveyxcmgypmkkafobwaeh/SourcePackages/checkouts/amplify-swift/Amplify/Categories/Auth/Error/AuthError.swift
function: recoverySuggestion
line: 80
Caused by:
KeychainStoreError: Keychain error occurred with status: -34018
Recovery suggestion: This should not happen. There is a possibility that there is a bug if this error persists. Please take a look at https://github.com/aws-amplify/amplify-ios/issues to see if there are any existing issues that match your scenario, and file an issue with the details of the bug if there isn't. Issue encountered at:
file: /Users/stormacq/Library/Developer/Xcode/DerivedData/HandlingUserInput-cnaivyntveyxcmgypmkkafobwaeh/SourcePackages/checkouts/amplify-swift/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStoreError.swift
function: recoverySuggestion
line: 69

Steps To Reproduce

//
//  main.swift
//  DataStoreInit
//
//  Created by Stormacq, Sebastien on 20/10/2022.
//  Copyright © 2022 AWS. All rights reserved.
//

import Foundation

import Amplify
import AWSCognitoAuthPlugin

do {

    // for command line tools, there is no app bundle,
    // we have to load the configuration JSON file ousrselves
    let configFileURL = URL(fileURLWithPath: "/Users/stormacq/Downloads/amplify-ios-workshop/Complete/Landmarks/amplifyconfiguration.json")
    let config = try AmplifyConfiguration(configurationFile: configFileURL)
    try Amplify.configure(config)
    print("Amplify initialized")

    print("authenticating")
    try await Amplify.Auth.signIn(username: "sebsto", password: "Passw0rd!")

} catch let error as ConfigurationError {
    print("Error when configuring Amplify \(error)")
} catch {
    print("Unexpected error \(error)")
}

Expected behavior

Authentication should succeed for CLI applications

Amplify Framework Version

2.0.0

Amplify Categories

Auth

Dependency manager

Swift PM

Swift version

5.7

CLI version

10.3.0

Xcode version

14.0.1

Relevant log output

Log Messages

```shell 2022-10-21 11:01:33.618246+0200 DataStoreInit[14876:10301401] [Amplify] Adding plugin: AWSCognitoAuthPlugin.AWSCognitoAuthPlugin) 2022-10-21 11:01:33.653887+0200 DataStoreInit[14876:10301401] [Amplify] Configuring 2022-10-21 11:01:33.655481+0200 DataStoreInit[14876:10301401] [Amplify] Configuration: Optional(Amplify.AmplifyConfiguration(analytics: nil, api: Optional(Amplify.APICategoryConfiguration(plugins: ["awsAPIPlugin": Amplify.JSONValue.object(["amplifyiosworkshop": Amplify.JSONValue.object(["endpointType": Amplify.JSONValue.string("GraphQL"), "region": Amplify.JSONValue.string("eu-central-1"), "authorizationType": Amplify.JSONValue.string("AMAZON_COGNITO_USER_POOLS"), "endpoint": Amplify.JSONValue.string("https://ebamdwz4wreanlyzog5r65zocy.appsync-api.eu-central-1.amazonaws.com/graphql")])])])), auth: Optional(Amplify.AuthCategoryConfiguration(plugins: ["awsCognitoAuthPlugin": Amplify.JSONValue.object(["CredentialsProvider": Amplify.JSONValue.object(["CognitoIdentity": Amplify.JSONValue.object(["Default": Amplify.JSONValue.object(["Region": Amplify.JSONValue.string("eu-central-1"), "PoolId": Amplify.JSONValue.string("eu-central-1:5ea63a60-b53c-4f73-b0eb-15fefa191099")])])]), "Auth": Amplify.JSONValue.object(["Default": Amplify.JSONValue.object(["authenticationFlowType": Amplify.JSONValue.string("USER_SRP_AUTH"), "socialProviders": Amplify.JSONValue.array([Amplify.JSONValue.string("APPLE")]), "verificationMechanisms": Amplify.JSONValue.array([Amplify.JSONValue.string("EMAIL")]), "mfaConfiguration": Amplify.JSONValue.string("OFF"), "signupAttributes": Amplify.JSONValue.array([Amplify.JSONValue.string("EMAIL")]), "usernameAttributes": Amplify.JSONValue.array([]), "mfaTypes": Amplify.JSONValue.array([Amplify.JSONValue.string("SMS")]), "passwordProtectionSettings": Amplify.JSONValue.object(["passwordPolicyMinLength": Amplify.JSONValue.number(8.0), "passwordPolicyCharacters": Amplify.JSONValue.array([])]), "OAuth": Amplify.JSONValue.object(["SignInRedirectURI": Amplify.JSONValue.string("landmarks://"), "Scopes": Amplify.JSONValue.array([Amplify.JSONValue.string("phone"), Amplify.JSONValue.string("email"), Amplify.JSONValue.string("openid"), Amplify.JSONValue.string("profile"), Amplify.JSONValue.string("aws.cognito.signin.user.admin")]), "SignOutRedirectURI": Amplify.JSONValue.string("landmarks://"), "WebDomain": Amplify.JSONValue.string("amplifyiosworkshop1fca16b2-1fca16b2-dev.auth.eu-central-1.amazoncognito.com"), "AppClientId": Amplify.JSONValue.string("5o19mrb1f47nnorc3dp762miqg")])])]), "UserAgent": Amplify.JSONValue.string("aws-amplify/cli"), "S3TransferUtility": Amplify.JSONValue.object(["Default": Amplify.JSONValue.object(["Bucket": Amplify.JSONValue.string("amplifyiosworkshop61538eb4d74f46d2a421826ec170395333-dev"), "Region": Amplify.JSONValue.string("eu-central-1")])]), "CognitoUserPool": Amplify.JSONValue.object(["Default": Amplify.JSONValue.object(["Region": Amplify.JSONValue.string("eu-central-1"), "AppClientId": Amplify.JSONValue.string("5o19mrb1f47nnorc3dp762miqg"), "PoolId": Amplify.JSONValue.string("eu-central-1_Fg00pSzeu")])]), "AppSync": Amplify.JSONValue.object(["Default": Amplify.JSONValue.object(["ApiUrl": Amplify.JSONValue.string("https://ebamdwz4wreanlyzog5r65zocy.appsync-api.eu-central-1.amazonaws.com/graphql"), "Region": Amplify.JSONValue.string("eu-central-1"), "ClientDatabasePrefix": Amplify.JSONValue.string("amplifyiosworkshop_AMAZON_COGNITO_USER_POOLS"), "AuthMode": Amplify.JSONValue.string("AMAZON_COGNITO_USER_POOLS")])]), "Version": Amplify.JSONValue.string("0.1.0"), "IdentityManager": Amplify.JSONValue.object(["Default": Amplify.JSONValue.object([:])])])])), dataStore: nil, geo: nil, hub: nil, logging: nil, predictions: nil, storage: Optional(Amplify.StorageCategoryConfiguration(plugins: ["awsS3StoragePlugin": Amplify.JSONValue.object(["region": Amplify.JSONValue.string("eu-central-1"), "bucket": Amplify.JSONValue.string("amplifyiosworkshop61538eb4d74f46d2a421826ec170395333-dev"), "defaultAccessLevel": Amplify.JSONValue.string("guest")])])))) 2022-10-21 11:01:33.658483+0200 DataStoreInit[14876:10301401] [Amplify] No plugin found for configuration key `awsAPIPlugin`. Add a plugin for that key. 2022-10-21 11:01:33.658548+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Credential Store state change: notConfigured 2022-10-21 11:01:33.658555+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] Auth state change: { "AuthState.notConfigured" = { }; } 2022-10-21 11:01:33.658593+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] Auth state change: { "AuthState.configuringAuth" = { }; } 2022-10-21 11:01:33.658703+0200 DataStoreInit[14876:10302001] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/InitializeAuthConfiguration.swift Starting execution 2022-10-21 11:01:33.658755+0200 DataStoreInit[14876:10301401] [Amplify] No plugin found for configuration key `awsS3StoragePlugin`. Add a plugin for that key. 2022-10-21 11:01:33.658816+0200 DataStoreInit[14876:10302001] [AWSCognitoAuthPlugin] Credential Store state change: migratingLegacyStore 2022-10-21 11:01:33.658880+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/MigrateLegacyCredentialStore.swift Starting execution Amplify initialized authenticating 2022-10-21 11:01:33.663517+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/MigrateLegacyCredentialStore.swift Sending event CredentialStoreEvent.loadCredentialStore 2022-10-21 11:01:33.663574+0200 DataStoreInit[14876:10302001] [AWSCognitoAuthPlugin] Credential Store state change: loadingStoredCredentials 2022-10-21 11:01:33.663591+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/LoadCredentialStore.swift Starting execution 2022-10-21 11:01:33.663809+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/LoadCredentialStore.swift Retreiving credential amplifyCredentials 2022-10-21 11:01:33.664419+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/LoadCredentialStore.swift Sending event CredentialStoreEvent.throwError 2022-10-21 11:01:33.664467+0200 DataStoreInit[14876:10301998] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/IdleCredentialStore.swift Starting execution 2022-10-21 11:01:33.664479+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] No existing session found. 2022-10-21 11:01:33.664481+0200 DataStoreInit[14876:10301998] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/IdleCredentialStore.swift Sending event CredentialStoreEvent.moveToIdleState 2022-10-21 11:01:33.664502+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/InitializeAuthConfiguration.swift Sending event AuthEvent.validateCredentialAndConfiguration 2022-10-21 11:01:33.664545+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/ValidateCredentialsAndConfiguration.swift Starting execution 2022-10-21 11:01:33.664559+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/ValidateCredentialsAndConfiguration.swift Sending event AuthEvent.configureAuthentication 2022-10-21 11:01:33.664578+0200 DataStoreInit[14876:10301998] [AWSCognitoAuthPlugin] Auth state change: { "AuthState.validatingCredentialsAndConfiguration" = { }; } 2022-10-21 11:01:33.664599+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/InitializeAuthenticationConfiguration.swift Starting execution 2022-10-21 11:01:33.664605+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] Credential Store state change: error(KeychainStoreError: Unable to find the keychain item Recovery suggestion: This should not happen. There is a possibility that there is a bug if this error persists. Please take a look at https://github.com/aws-amplify/amplify-ios/issues to see if there are any existing issues that match your scenario, and file an issue with the details of the bug if there isn't. Issue encountered at: file: /Users/stormacq/Library/Developer/Xcode/DerivedData/HandlingUserInput-cnaivyntveyxcmgypmkkafobwaeh/SourcePackages/checkouts/amplify-swift/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStoreError.swift function: recoverySuggestion line: 69) 2022-10-21 11:01:33.664618+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/InitializeAuthenticationConfiguration.swift Sending event AuthenticationEvent.configure 2022-10-21 11:01:33.664640+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] Credential Store state change: idle 2022-10-21 11:01:33.664647+0200 DataStoreInit[14876:10301998] [AWSCognitoAuthPlugin] Auth state change: { "AuthState.configuringAuthentication" = { "AuthenticationState.notConfigured" = { }; }; } 2022-10-21 11:01:33.664672+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/ConfigureAuthentication.swift Start execution 2022-10-21 11:01:33.664689+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/ConfigureAuthentication.swift Sending event AuthenticationEvent.initializedSignedOut 2022-10-21 11:01:33.664690+0200 DataStoreInit[14876:10301998] [AWSCognitoAuthPlugin] Auth state change: { "AuthState.configuringAuthentication" = { "AuthenticationState.configured" = { }; }; } 2022-10-21 11:01:33.664716+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/ConfigureAuthentication.swift Sending event AuthEvent.authenticationConfigured 2022-10-21 11:01:33.664766+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/InitializeAuthorizationConfiguration.swift Starting execution 2022-10-21 11:01:33.664777+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/InitializeAuthorizationConfiguration.swift Sending event AuthorizationEvent.configure 2022-10-21 11:01:33.664790+0200 DataStoreInit[14876:10302001] [AWSCognitoAuthPlugin] Auth state change: { "AuthState.configuringAuthentication" = { "AuthenticationState.signedOut" = { lastKnownUserName = "(nil)"; }; }; } 2022-10-21 11:01:33.664868+0200 DataStoreInit[14876:10302001] [AWSCognitoAuthPlugin] Auth state change: { "AuthState.configuringAuthorization" = { "AuthenticationState.signedOut" = { lastKnownUserName = "(nil)"; }; "AuthorizationState.notConfigured" = { }; }; } 2022-10-21 11:01:33.664907+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/ConfigureAuthorization.swift Starting execution 2022-10-21 11:01:33.664915+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/ConfigureAuthorization.swift Sending event AuthEvent.authorizationConfigured 2022-10-21 11:01:33.664978+0200 DataStoreInit[14876:10302001] [AWSCognitoAuthPlugin] Auth state change: { "AuthState.configuringAuthorization" = { "AuthenticationState.signedOut" = { lastKnownUserName = "(nil)"; }; "AuthorizationState.configured" = { }; }; } 2022-10-21 11:01:33.665018+0200 DataStoreInit[14876:10302001] [AWSCognitoAuthPlugin] Auth state change: { "AuthState.configured" = { "AuthenticationState.signedOut" = { lastKnownUserName = "(nil)"; }; "AuthorizationState.configured" = { }; }; } 2022-10-21 11:01:33.665048+0200 DataStoreInit[14876:10301998] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/IntializeSignInFlow.swift Starting execution 2022-10-21 11:01:33.665049+0200 DataStoreInit[14876:10302001] [AWSCognitoAuthPlugin] Auth state change: { "AuthState.configured" = { "AuthenticationState.signingIn" = { "SignInState.notStarted" = { }; }; "AuthorizationState.signingIn" = { }; }; } 2022-10-21 11:01:33.665104+0200 DataStoreInit[14876:10301998] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/LoadCredentialStore.swift Starting execution 2022-10-21 11:01:33.665110+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Credential Store state change: loadingStoredCredentials 2022-10-21 11:01:33.665296+0200 DataStoreInit[14876:10301998] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/LoadCredentialStore.swift Retreiving credential deviceMetadata(username: "sebsto") 2022-10-21 11:01:33.666003+0200 DataStoreInit[14876:10301998] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/LoadCredentialStore.swift Sending event CredentialStoreEvent.throwError 2022-10-21 11:01:33.666046+0200 DataStoreInit[14876:10301998] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/IdleCredentialStore.swift Starting execution 2022-10-21 11:01:33.666062+0200 DataStoreInit[14876:10301998] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/IdleCredentialStore.swift Sending event CredentialStoreEvent.moveToIdleState 2022-10-21 11:01:33.666065+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Credential Store state change: error(KeychainStoreError: Unable to find the keychain item Recovery suggestion: This should not happen. There is a possibility that there is a bug if this error persists. Please take a look at https://github.com/aws-amplify/amplify-ios/issues to see if there are any existing issues that match your scenario, and file an issue with the details of the bug if there isn't. Issue encountered at: file: /Users/stormacq/Library/Developer/Xcode/DerivedData/HandlingUserInput-cnaivyntveyxcmgypmkkafobwaeh/SourcePackages/checkouts/amplify-swift/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStoreError.swift function: recoverySuggestion line: 69) 2022-10-21 11:01:33.666122+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Credential Store state change: idle 2022-10-21 11:01:33.671148+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] No existing device metadata found. AuthEnvironment(configuration: AWSCognitoAuthPlugin.AuthConfiguration.userPoolsAndIdentityPools(["pinpointAppId": "(nil)", "clientId": "5o19****miqg", "endpoint": "N/A", "clientSecret": "(nil)", "hostedUI": "[\"oauth\": \"[\\\"signInRedirectURI\\\": \\\"land****s://\\\", \\\"signOutRedirectURI\\\": \\\"land****s://\\\", \\\"domain\\\": \\\"ampl****.com\\\"]\", \"clientId\": \"5o19****miqg\", \"clientSecret\": \"(nil)\"]", "poolId": "eu-c****Szeu", "region": ""], ["region": "", "poolId": "eu-c****1099"]), userPoolConfigData: Optional(["pinpointAppId": "(nil)", "clientId": "5o19****miqg", "endpoint": "N/A", "clientSecret": "(nil)", "hostedUI": "[\"oauth\": \"[\\\"signInRedirectURI\\\": \\\"land****s://\\\", \\\"signOutRedirectURI\\\": \\\"land****s://\\\", \\\"domain\\\": \\\"ampl****.com\\\"]\", \"clientId\": \"5o19****miqg\", \"clientSecret\": \"(nil)\"]", "poolId": "eu-c****Szeu", "region": ""]), identityPoolConfigData: Optional(["region": "", "poolId": "eu-c****1099"]), authenticationEnvironment: Optional(AWSCognitoAuthPlugin.BasicAuthenticationEnvironment(srpSignInEnvironment: AWSCognitoAuthPlugin.BasicSRPSignInEnvironment(srpAuthEnvironment: AWSCognitoAuthPlugin.BasicSRPAuthEnvironment(userPoolConfiguration: ["region": "", "clientSecret": "(nil)", "pinpointAppId": "(nil)", "hostedUI": "[\"clientSecret\": \"(nil)\", \"oauth\": \"[\\\"signOutRedirectURI\\\": \\\"land****s://\\\", \\\"signInRedirectURI\\\": \\\"land****s://\\\", \\\"domain\\\": \\\"ampl****.com\\\"]\", \"clientId\": \"5o19****miqg\"]", "clientId": "5o19****miqg", "poolId": "eu-c****Szeu", "endpoint": "N/A"], cognitoUserPoolFactory: (Function), eventIDFactory: (Function), srpClientFactory: (Function), srpConfiguration: (nHexValue: "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF", gHexValue: "2"))), userPoolEnvironment: AWSCognitoAuthPlugin.BasicUserPoolEnvironment(userPoolConfiguration: ["pinpointAppId": "(nil)", "clientId": "5o19****miqg", "region": "", "clientSecret": "(nil)", "poolId": "eu-c****Szeu", "hostedUI": "[\"clientSecret\": \"(nil)\", \"oauth\": \"[\\\"signInRedirectURI\\\": \\\"land****s://\\\", \\\"domain\\\": \\\"ampl****.com\\\", \\\"signOutRedirectURI\\\": \\\"land****s://\\\"]\", \"clientId\": \"5o19****miqg\"]", "endpoint": "N/A"], cognitoUserPoolFactory: (Function), cognitoUserPoolASFFactory: (Function), cognitoUserPoolAnalyticsHandlerFactory: (Function)), hostedUIEnvironment: Optional(AWSCognitoAuthPlugin.BasicHostedUIEnvironment(configuration: ["clientSecret": "(nil)", "clientId": "5o19****miqg", "oauth": "[\"signOutRedirectURI\": \"land****s://\", \"domain\": \"ampl****.com\", \"signInRedirectURI\": \"land****s://\"]"], hostedUISessionFactory: (Function), urlSessionFactory: (Function), randomStringFactory: (Function))))), authorizationEnvironment: Optional(AWSCognitoAuthPlugin.BasicAuthorizationEnvironment(identityPoolConfiguration: ["region": "", "poolId": "eu-c****1099"], cognitoIdentityFactory: (Function), eventIDFactory: (Function))), credentialsClient: AWSCognitoAuthPlugin.CredentialStoreOperationClient, logger: Amplify.OSLogWrapper) 2022-10-21 11:01:33.671408+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/IntializeSignInFlow.swift Sending event SignInEvent.initiateSignInWithSRP 2022-10-21 11:01:33.671664+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/StartSRPFlow.swift Start execution 2022-10-21 11:01:33.671676+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/StartSRPFlow.swift Sending event SignInEvent.initiateSignInWithSRP 2022-10-21 11:01:33.671721+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/InitiateAuthSRP.swift Starting execution 2022-10-21 11:01:33.672211+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Auth state change: { "AuthState.configured" = { "AuthenticationState.signingIn" = { "SignInState.signingInWithSRP" = { "SRPSignInState.notStarted" = { }; clientMetadata = { }; password = ""; signInMethod = "AWSCognitoAuthPlugin.SignInMethod.apiBased(AWSCognitoAuthPlugin.AuthFlowType.userSRP)"; username = "se**to"; }; }; "AuthorizationState.signingIn" = { }; }; } 2022-10-21 11:01:33.672296+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Auth state change: { "AuthState.configured" = { "AuthenticationState.signingIn" = { "SignInState.signingInWithSRP" = { "SRPSignInState.initiatingSRPA" = { clientMetadata = { }; password = ""; signInMethod = "AWSCognitoAuthPlugin.SignInMethod.apiBased(AWSCognitoAuthPlugin.AuthFlowType.userSRP)"; username = "se**to"; }; clientMetadata = { }; password = ""; signInMethod = "AWSCognitoAuthPlugin.SignInMethod.apiBased(AWSCognitoAuthPlugin.AuthFlowType.userSRP)"; username = "se**to"; }; }; "AuthorizationState.signingIn" = { }; }; } 2022-10-21 11:01:33.674525+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/LoadCredentialStore.swift Starting execution 2022-10-21 11:01:33.674533+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Credential Store state change: loadingStoredCredentials 2022-10-21 11:01:33.674546+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/LoadCredentialStore.swift Retreiving credential deviceMetadata(username: "sebsto") 2022-10-21 11:01:33.675190+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/LoadCredentialStore.swift Sending event CredentialStoreEvent.throwError 2022-10-21 11:01:33.675222+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/IdleCredentialStore.swift Starting execution 2022-10-21 11:01:33.675229+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/IdleCredentialStore.swift Sending event CredentialStoreEvent.moveToIdleState 2022-10-21 11:01:33.675278+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/LoadCredentialStore.swift Starting execution 2022-10-21 11:01:33.675281+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Credential Store state change: error(KeychainStoreError: Unable to find the keychain item Recovery suggestion: This should not happen. There is a possibility that there is a bug if this error persists. Please take a look at https://github.com/aws-amplify/amplify-ios/issues to see if there are any existing issues that match your scenario, and file an issue with the details of the bug if there isn't. Issue encountered at: file: /Users/stormacq/Library/Developer/Xcode/DerivedData/HandlingUserInput-cnaivyntveyxcmgypmkkafobwaeh/SourcePackages/checkouts/amplify-swift/AmplifyPlugins/Core/AWSPluginsCore/K2022-10-21 11:01:33.675302+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/LoadCredentialStore.swift Retreiving credential asfDeviceId(username: "sebsto") eychain/KeychainStoreError.swift function: recoverySuggestion line: 69) 2022-10-21 11:01:33.675325+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Credential Store state change: idle 2022-10-21 11:01:33.675336+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Credential Store state change: loadingStoredCredentials 2022-10-21 11:01:33.675791+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/LoadCredentialStore.swift Sending event CredentialStoreEvent.throwError 2022-10-21 11:01:33.675814+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/IdleCredentialStore.swift Starting execution 2022-10-21 11:01:33.675821+0200 DataStoreInit[14876:10301999] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/IdleCredentialStore.swift Sending event CredentialStoreEvent.moveToIdleState 2022-10-21 11:01:33.675863+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Credential Store state change: error(KeychainStoreError: Unable to find the keychain item Recovery suggestion: This should not happen. There is a possibility that there is a bug if this error persists. Please take a look at https://github.com/aws-amplify/amplify-ios/issues to see if there are any existing issues that match your scenario, and file an issue with the details of the bug if there isn't. Issue encountered at: file: /Users/stormacq/Library/Developer/Xcode/DerivedData/HandlingUserInput-cnaivyntveyxcmgypmkkafobwaeh/SourcePackages/checkouts/amplify-swift/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStoreError.swift function: recoverySuggestion line: 69) 2022-10-21 11:01:33.675880+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Credential Store state change: idle 2022-10-21 11:01:33.675887+0200 DataStoreInit[14876:10302002] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/StoreCredentials.swift Starting execution 2022-10-21 11:01:33.675892+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Credential Store state change: storingCredentials 2022-10-21 11:01:33.676591+0200 DataStoreInit[14876:10302002] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/StoreCredentials.swift Sending event CredentialStoreEvent.throwError 2022-10-21 11:01:33.676612+0200 DataStoreInit[14876:10302002] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/IdleCredentialStore.swift Starting execution 2022-10-21 11:01:33.676618+0200 DataStoreInit[14876:10302002] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/IdleCredentialStore.swift Sending event CredentialStoreEvent.moveToIdleState 2022-10-21 11:01:33.676669+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Credential Store state change: error(KeychainStoreError: Keychain error occurred with status: -34018 Recovery suggestion: This should not happen. There is a possibility that there is a bug if this error persists. Please take a look at https://github.com/aws-amplify/amplify-ios/issues to see if there are any existing issues that match your scenario, and file an issue with the details of the bug if there isn't. Issue encountered at: file: /Users/stormacq/Library/Developer/Xcode/DerivedData/HandlingUserInput-cnaivyntveyxcmgypmkkafobwaeh/SourcePackages/checkouts/amplify-swift/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStoreError.swift function: recoverySuggestion line: 69) 2022-10-21 11:01:33.676682+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Credential Store state change: idle 2022-10-21 11:01:33.676881+0200 DataStoreInit[14876:10302002] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/InitiateAuthSRP.swift Caught error KeychainStoreError: Keychain error occurred with status: -34018 Recovery suggestion: This should not happen. There is a possibility that there is a bug if this error persists. Please take a look at https://github.com/aws-amplify/amplify-ios/issues to see if there are any existing issues that match your scenario, and file an issue with the details of the bug if there isn't. Issue encountered at: file: /Users/stormacq/Library/Developer/Xcode/DerivedData/HandlingUserInput-cnaivyntveyxcmgypmkkafobwaeh/SourcePackages/checkouts/amplify-swift/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStoreError.swift function: recoverySuggestion line: 69 2022-10-21 11:01:33.676931+0200 DataStoreInit[14876:10302002] [AWSCognitoAuthPlugin] AWSCognitoAuthPlugin/ThrowSignInError.swift Starting execution 2022-10-21 11:01:33.677355+0200 DataStoreInit[14876:10302000] [AWSCognitoAuthPlugin] Auth state change: { "AuthState.configured" = { "AuthenticationState.signingIn" = { "SignInState.signingInWithSRP" = { "SRPSignInState.error" = { Error = "AWSCognitoAuthPlugin.SignInError.service(error: KeychainStoreError: Keychain error occurred with status: -34018\nRecovery suggestion: This should not happen. There is a possibility that there is a bug if this error persists. Please take a look at https://github.com/aws-amplify/amplify-ios/issues to see if there are any existing issues that match your scenario, and file an issue with the details of the bug if there isn't. Issue encountered at:\nfile: /Users/stormacq/Library/Developer/Xcode/DerivedData/HandlingUserInput-cnaivyntveyxcmgypmkkafobwaeh/SourcePackages/checkouts/amplify-swift/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStoreError.swift\nfunction: recoverySuggestion\nline: 69)"; }; clientMetadata = { }; password = ""; signInMethod = "AWSCognitoAuthPlugin.SignInMethod.apiBased(AWSCognitoAuthPlugin.AuthFlowType.userSRP)"; username = "se**to"; }; }; "AuthorizationState.signingIn" = { }; }; } Unexpected error AuthError: Unexpected error occurred with message: Recovery suggestion: This should not happen. There is a possibility that there is a bug if this error persists. Please take a look at https://github.com/aws-amplify/amplify-ios/issues to see if there are any existing issues that match your scenario, and file an issue with the details of the bug if there isn't. Issue encountered at: file: /Users/stormacq/Library/Developer/Xcode/DerivedData/HandlingUserInput-cnaivyntveyxcmgypmkkafobwaeh/SourcePackages/checkouts/amplify-swift/Amplify/Categories/Auth/Error/AuthError.swift function: recoverySuggestion line: 80 Caused by: KeychainStoreError: Keychain error occurred with status: -34018 Recovery suggestion: This should not happen. There is a possibility that there is a bug if this error persists. Please take a look at https://github.com/aws-amplify/amplify-ios/issues to see if there are any existing issues that match your scenario, and file an issue with the details of the bug if there isn't. Issue encountered at: file: /Users/stormacq/Library/Developer/Xcode/DerivedData/HandlingUserInput-cnaivyntveyxcmgypmkkafobwaeh/SourcePackages/checkouts/amplify-swift/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStoreError.swift function: recoverySuggestion line: 69 Program ended with exit code: 0 ```

Is this a regression?

No

Regression additional context

No response

Device

macbookpro

iOS Version

macOS 12.6

Specific to simulators

n/a

Additional context

No response

[sebsto]

The system call that fails is

https://github.com/aws-amplify/amplify-swift/blob/main/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStore.swift#L110

Input parameters :

▿ 7 elements
  ▿ 0 : 2 elements
    - key : "m_Limit"
    - value : m_LimitOne
  ▿ 1 : 2 elements
    - key : "class"
    - value : "genp"
  ▿ 2 : 2 elements
    - key : "nleg"
    - value : 1
  ▿ 3 : 2 elements
    - key : "r_Data"
    - value : 1
  ▿ 4 : 2 elements
    - key : "acct"
    - value : "amplify.eu-central-1_Fg00pSzeu.eu-central-1:5ea63a60-b53c-4f73-b0eb-15fefa191099.session"
  ▿ 5 : 2 elements
    - key : "pdmn"
    - value : "cku"
  ▿ 6 : 2 elements
    - key : "svce"
    - value : "com.amplify.awsCognitoAuthPlugin"

It returns errSecItemNotFound

My default keychains do not contain any amplify related entries

➜  ~ security find -s com.amplify.awsCognitoAuthPlugin
security: SecKeychainSearchCopyNext: The specified item could not be found in the keychain.
➜  ~ security find -a amplify.eu-central-1_Fg00pSzeu.eu-central-1:5ea63a60-b53c-4f73-b0eb-15fefa191099.session
security: SecKeychainSearchCopyNext: The specified item could not be found in the keychain.

[ameter]

Thanks for reporting this. Amplify Library for Swift does not currently support applications developed as Command Line Tools, meaning developed via the Command Line Tool template with no bundle. The reason for this is that amplify-swift relies on the data protection keychain to store and retrieve values that are specific to the application. Therefore, apps using amplify-swift must include a provisioning profile and must be code signed with the application-identifier entitlement. This is not an issue for iOS apps, since they always include a provisioning profile and the required entitlements. However, for macOS this is not always the case.

Command Line Tool apps are not supported. Regular macOS apps are supported, but they may not always have the proper entitlements by default. For example, if you update an existing iOS app to natively support macOS, it may not have the required entitlements. A simple way to solve this is to add the Keychain Sharing capability. You do not need to add any keychain access groups. Because keychain sharing requires a provisioning profile, adding the capability adds the provisioning profile, which in turn adds the application-identifier and team-identifier entitlements to the app. Note that this only applies to native macOS apps. Apps running under Catalyst will always work as expected.

A workaround to develop CLI tools with Amplify Library for Swift is to wrap the tool in an app-like structure. For more details, see Apple's documentation on Signing a daemon with a restricted entitlement. Note that although this document is specific to daemons, many of the concepts can be applied to CLI tools as well. Depending on your CLI tool's functionality, you likely won't need the hardened runtime capability described in the document. You will, however, need a provisioning profile and application-identifier entitlement. As discussed above, this can be accomplished by adding the Keychain Sharing capability to the app. You can confirm the built app's entitlements with the following command: codesign -d --entitlements :- <path to your app>

[sebsto]

Thank you @ameter for the detailed answer.

[gurkarangulati]

thank you @ameter definitely helped!