search

aws-amplify / amplify-ui-swift-authenticator

The Amplify UI Authenticator is a component that supports several authentiation flows using Amplify Authentication.
https://ui.docs.amplify.aws/swift/connected-components/authenticator
Apache License 2.0
15 stars 9 forks source link

Authenticator does not refresh identity pool credentials #86

Closed concavegit closed 3 months ago

concavegit commented 3 months ago

Describe the bug

I am using the Authenticator to manage my app's login state. After 30 days, the identity pool credentials for my logged in session expire and uploading to S3 causes this error:

function: recoverySuggestion
line: 104
Caused by:
AuthError: Session expired could not fetch AWS Credentials
Recovery suggestion: Invoke Auth.signIn to re-authenticate the user
Caused by:
NotAuthorizedException(properties: AWSCognitoIdentityProvider.NotAuthorizedException.Properties(message: Optional("Refresh Token has expired")), httpResponse: 
Status Code: http_status_400 
 Content-Type: application/x-amz-json-1.1, 
x-amzn-errortype: NotAuthorizedException:, 
x-amzn-requestid: 9c6dc5be-2c1a-4d72-b82e-fc3995b16664, 
Content-Length: 73, 
Date: Sun, 28 Jul 2024 02:31:29 GMT, 
x-amzn-errormessage: Refresh Token has expired, message: Optional("Refresh Token has expired"), requestID: nil)

Note that while the identity pool credentials do not work after 30 days, the user pool functions still seem to work. For example, I can still interact with my data in DynamoDB.

Steps To Reproduce

Create app with authenticator like this:

struct MyApp: App {
    var body: some Scene {
        WindowGroup {
            Authenticator { state in
                MyView()
            }
        }
    }
}

And have myView call

            let uploadTask = Amplify.Storage.uploadData(
                path: .fromString(uploadS3Key),
                data: someData,
                options: nil
            )

Expected behavior

If the identity pool credentials expire, have Authenticator automatically refresh them or log the user out to have them refresh the credentials.

Amplify Framework Version

Gen 2

Amplify Categories

Auth, Storage

Dependency manager

Swift PM

Swift version

5.10

CLI version

nom hampe --version is 1.0.4

Xcode version

15.4

Relevant log output

No response

Is this a regression?

No

Regression additional context

No response

Platforms

No response

OS Version

iOS 17.5.1

Device

iPhone 15 Pro

Specific to simulators

No response

Additional context

No response

ruisebas commented 3 months ago

Hi @concavegit, thanks for opening this issue.

This is a known limitation by how Amplify currently works. However, we will explore adding a way to handle this within the Authenticator component, so I've transferred the issue to the Authenticator repo and tagged it as a Feature Request.

We'll post future updates here.

ruisebas commented 3 months ago

This issue has been fixed in 1.1.6

github-actions[bot] commented 3 months ago

This issue is now closed. Comments on closed issues are hard for our team to see. If you need more assistance, please open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.

concavegit commented 3 months ago

Thank you!