Sign in should fail with `HostedUIError.unableToStartASWebAuthenticationSession`

[ahavamorse]

Describe the bug

This is a follow up to #3678 and the solution released in version 2.34.1. It happens when aswebAuthenticationSession.canStart in HostedUIASWebAuthenticationSession.showHostedUI is false and HostedUIError.unableToStartASWebAuthenticationSession is thrown. Even after this error is returned the sign out process continues and returns as a partial result. This is a problem because we need the hosted UI to be presented, in order to clear the session and remove the browser cookies. Otherwise when we sign in again it results in unexpected behavior where a new user trying to sign in ends up having the same user as before signed in instead. The sign out API also can't be called again (when canStart has changed to true) because there is no user signed in and an error is returned. In order to fix this sign out should not continue when the hosted UI can't be presented. It should return an error result instead of partial and allow us to try again when canStart has changed.

Steps To Reproduce

Steps to reproduce the behavior:
1. Call the `Amplify.Auth.signInWithWebUI` method and successfully sign in
2. Without restarting the app call `Amplify.Auth.signOut()` (which will return a partial result with a service error with a description of `Unable to start a ASWebAuthenticationSession`)

Expected behavior

If the session can not be started because canStart is false sign out should not continue and the result should be an AuthError (not a partial success)

Amplify Framework Version

2.34.1

Amplify Categories

Auth

Dependency manager

Swift PM

Swift version

5.9

CLI version

n/a

Xcode version

15.4

Relevant log output

Check if authstate configured
Auth state configured
Starting execution
Check if authstate configured
Auth state configured
Sending signOut event
Waiting for signOut completion
Auth state change:

{
    "AuthState.configured" =     {
        "AuthenticationState.signingOut" =         {
            "SignOutState.notStarted" =             {
            };
        };
        "AuthorizationState.signingOut" =         {
        };
    };
}
AWSCognitoAuthPlugin/InitiateSignOut.swift Starting execution
AWSCognitoAuthPlugin/InitiateSignOut.swift Sending event SignOutEvent.invokeHostedUISignOut
Auth state change:

{
    "AuthState.configured" =     {
        "AuthenticationState.signingOut" =         {
            "SignOutState.signingOutHostedUI" =             {
            };
        };
        "AuthorizationState.signingOut" =         {
        };
    };
}
AWSCognitoAuthPlugin/ShowHostedUISignOut.swift Starting execution
Ended user session (id: EBDE064C-A5F3-44C3-A031-85B719F6F080, duration: 19s).
Started user session (id: 5FF4837D-A340-4346-9538-3D91E99C2541).
AWSCognitoAuthPlugin/ShowHostedUISignOut.swift Received error unableToStartASWebAuthenticationSession
Logged event:
- userId: us-east-1:db841a21-c431-cca1-ecb5-8d4bc5f1941d
- sessionId: EBDE064C-A5F3-44C3-A031-85B719F6F080
- time: 2024-07-02 21:01:50 +0000
- data: sessionEnd(duration: 19)
Logged event:
- userId: us-east-1:db841a21-c431-cca1-ecb5-8d4bc5f1941d
- sessionId: 5FF4837D-A340-4346-9538-3D91E99C2541
- time: 2024-07-02 21:01:50 +0000
- data: sessionStart
AWSCognitoAuthPlugin/ShowHostedUISignOut.swift Sending event SignOutEvent.revokeToken
Auth state change:

{
    "AuthState.configured" =     {
        "AuthenticationState.signingOut" =         {
            "SignOutState.revokingToken" =             {
            };
        };
        "AuthorizationState.signingOut" =         {
        };
    };
}
AWSCognitoAuthPlugin/RevokeToken.swift Starting execution
AWSCognitoAuthPlugin/RevokeToken.swift Starting revoke token api
No matching trigger for event.
- event: open
AWSCognitoAuthPlugin/RevokeToken.swift Revoke token succeeded
AWSCognitoAuthPlugin/RevokeToken.swift Sending event SignOutEvent.signOutLocally
AWSCognitoAuthPlugin/SignOutLocally.swift Starting execution
Auth state change:

{
    "AuthState.configured" =     {
        "AuthenticationState.signingOut" =         {
            "SignOutState.signingOutLocally" =             {
            };
        };
        "AuthorizationState.signingOut" =         {
        };
    };
}
AWSCognitoAuthPlugin/SignOutLocally.swift Sending event SignOutEvent.signedOutSuccess

Is this a regression?

No

Regression additional context

No response

Platforms

iOS

OS Version

17.5.1

Device

iPhone SE (2nd Generation)

Specific to simulators

No response

Additional context

Again, this is a follow up to an incomplete fix to #3678: "HostedUIASWebAuthenticationSession.showHostedUI never calls the continuation when aswebAuthenticationSession.canStart is false"

[harsh62]

Thank you for raising the issue. I am discussing the possible solutions for this usecase internally and would update once I have more details.

[harsh62]

Hey @ahavamorse .. I have a potential fix in a WIP branch (3766-hosted-ui-logout-issue) .. Would you be able to take a look and see if it solves your issue? The PR with the changes is also linked to the issue.

[ahavamorse]

Hey @ahavamorse .. I have a potential fix in a WIP branch (3766-hosted-ui-logout-issue) .. Would you be able to take a look and see if it solves your issue? The PR with the changes is also linked to the issue.

@harsh62 I tried it and that does seem to resolve the issue I was experiencing. The sign out fails and I can try again once canStart is true.

[harsh62]

@ahavamorse Thank you for confirming, I'll review the fix with my team and hopefully release this some time next week.

[harsh62]

The fix has been released. Please use the latest version of Amplify.

[github-actions[bot]]

This issue is now closed. Comments on closed issues are hard for our team to see. If you need more assistance, please open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.