search

aws-amplify / aws-sdk-android

AWS SDK for Android. For more information, see our web site:
https://docs.amplify.aws
Other
1.03k stars 551 forks source link

Cognito Unable to cache Credentials #3450

Closed vikrantuk closed 1 month ago

vikrantuk commented 11 months ago

How to enable caching for CognitoCachingCredentialsProvider?

I'm using com.amazonaws:aws-android-sdk-iot

Code snippets: CognitoCachingCredentialsProvider credentialsProvider = new CognitoCachingCredentialsProvider( appContext, COGNITO_POOL_ID, MY_REGION ); AWSIotMqttManager mqttManager = new AWSIotMqttManager(clientId, CUSTOMER_SPECIFIC_ENDPOINT); mqttManager.connect(credentialsProvider, callback);

Logs: 2023-11-03 01:30:38.332 24968-27053 AWSKeyValueStore I Detected Android API Level = 29 2023-11-03 01:30:38.332 24968-27053 AWSKeyValueStore I Creating the AWSKeyValueStore with key for sharedPreferencesForData = com.amazonaws.android.auth 2023-11-03 01:30:38.332 24968-27053 CognitoCachingCredentia D Loading credentials from SharedPreferences 2023-11-03 01:30:38.333 24968-27053 CognitoCachingCredentia D No valid credentials found in SharedPreferences 2023-11-03 01:30:38.336 24968-27054 AWSIotMqttManager D MQTT broker: a1sfow6qlhnw5d-ats.iot.ap-south-1.amazonaws.com:443 2023-11-03 01:30:38.357 24968-27054 AWSIotMqttManager D ready to do mqtt connect 2023-11-03 01:30:38.357 24968-27054 AWSIotMqttManager I metrics collection is enabled, username: ?SDK=Android&Version=2.22.6 2023-11-03 01:30:38.357 24968-27054 AWSIotMqttManager I resetting reconnect attempt and retry time 2023-11-03 01:30:38.357 24968-27054 AWSIotMqttManager D Setting up Callback for MqttClient 2023-11-03 01:30:38.357 24968-27054 MQTT D Status = Connecting 2023-11-03 01:30:38.408 24968-24968 System.out I Setting reference for amount text 2023-11-03 01:30:38.408 24968-24968 System.out I Setting reference for ui messages. 2023-11-03 01:30:38.869 24968-27061 AWSIotMqttManager I onSuccess: mqtt connection is successful. 2023-11-03 01:30:38.869 24968-27061 MQTT D Status = Connected

Environment:

Device Information:

tylerjroach commented 11 months ago

Are you only using aws-sdk-android, or also using Amplify?

If you are using MobileClient for Auth, you would should pass the MobileClient instance directly into the mqtt manager. Ex: mqttManager.connect(AWSMobileClient.getInstance()....

vikrantuk commented 11 months ago

bileClient instance directly into the mqtt m

I'm using aws-sdk-android only

ankpshah commented 11 months ago

As mentioned by Tyler you need to use: mqttManager.connect(AWSMobileClient.getInstance().... More Details here Let us know if you are still facing the issue

vikrantuk commented 11 months ago

As mentioned by Tyler you need to use: mqttManager.connect(AWSMobileClient.getInstance().... More Details here Let us know if you are still facing the issue

Why is it necessary to use AWSMobileClient? Why to add one more dependency just for the sake of getting caching working?

tylerjroach commented 11 months ago

If you already have a method of fetching AWS Credentials, you may want to just implement your own Credentials Provider with a cache (https://github.com/aws-amplify/amplify-android/issues/2400#issuecomment-1529766029).

As far as the CognitoCachingCredentialsProvider not working as expecting for you, please enable logging on that file to help debug what may be working incorrectly. You can post the log here, but be careful to omit any credentials.

LogFactory.getLog(CognitoCachingCredentialsProvider.class).setLevel(LogFactory.Level.ALL);

vikrantuk commented 11 months ago

If you already have a method of fetching AWS Credentials, you may want to just implement your own Credentials Provider with a cache (aws-amplify/amplify-android#2400 (comment)).

As far as the CognitoCachingCredentialsProvider not working as expecting for you, please enable logging on that file to help debug what may be working incorrectly. You can post the log here, but be careful to omit any credentials.

LogFactory.getLog(CognitoCachingCredentialsProvider.class).setLevel(LogFactory.Level.ALL);

Hi @tylerjroach thank you for understanding my concern. Pasting logs below:

2023-11-08 12:44:33.835 9994-10981 LogFactory W Truncating log tag length as it exceed 23, the limit imposed by Android on certain API Levels 2023-11-08 12:44:33.857 9994-10981 AWSKeyValueStore I Detected Android API Level = 29 2023-11-08 12:44:33.857 9994-10981 AWSKeyValueStore I Creating the AWSKeyValueStore with key for sharedPreferencesForData = com.amazonaws.android.auth 2023-11-08 12:44:33.858 9994-10981 CognitoCachingCredentia D Loading credentials from SharedPreferences 2023-11-08 12:44:33.858 9994-10981 CognitoCachingCredentia D No valid credentials found in SharedPreferences 2023-11-08 12:44:33.862 9994-10982 AWSIotMqttManager D MQTT broker: **************-***.iot.ap-***.amazonaws.com:443 2023-11-08 12:44:33.900 9994-10982 AWSIotMqttManager D ready to do mqtt connect 2023-11-08 12:44:33.901 9994-10982 AWSIotMqttManager I metrics collection is enabled, username: ?SDK=Android&Version=2.22.6 2023-11-08 12:44:33.901 9994-10982 AWSIotMqttManager I resetting reconnect attempt and retry time 2023-11-08 12:44:33.901 9994-10982 AWSIotMqttManager D Setting up Callback for MqttClient 2023-11-08 12:44:33.901 9994-10982 MQTT D Status = Connecting 2023-11-08 12:44:34.456 9994-10989 AWSIotMqttManager I onSuccess: mqtt connection is successful. 2023-11-08 12:44:34.456 9994-10989 MQTT D Status = Connected 2023-11-08 12:44:34.456 9994-10989 System.out I MQTT Connected

tylerjroach commented 11 months ago

What I am not seeing in those logs is : https://github.com/aws-amplify/aws-sdk-android/blob/6ee1aa7f12730cdb7ba615fe798f1e8415f90f23/aws-android-sdk-core/src/main/java/com/amazonaws/auth/CognitoCachingCredentialsProvider.java#L481

We should see this log when getCredentials is called to fetch the credentials.

I'm also not seeing: https://github.com/aws-amplify/aws-sdk-android/blob/6ee1aa7f12730cdb7ba615fe798f1e8415f90f23/aws-android-sdk-core/src/main/java/com/amazonaws/auth/CognitoCachingCredentialsProvider.java#L639

This is what would save the fetched credentials.

Can you try creating your CognitoCachingCredentialsProvider and then manually calling getCredentials to see if either of these show in the logs for you? If you know how to set breakpoints inside CognitoCachingCredentialsProvider, it would also be helpful to follow the path being taken when getCredentials is called.

vikrantuk commented 10 months ago

Hi @tylerjroach , I tried running this code : LogFactory.getLog(CognitoCachingCredentialsProvider.class).setLevel(LogFactory.Level.ALL); credentialsProvider = new CognitoCachingCredentialsProvider( appContext, COGNITO_POOL_ID, MY_REGION ); this.context = appContext; Log.d("MQTT", "Connection: before calling getCredentials"); credentialsProvider.getCredentials(); Log.d("MQTT", "Connection: after calling getCredentials");

But I'm not able to see logs you are requesting. Pasting the logs I'm able to access.

2023-11-16 21:56:31.614 30024-30253 LogFactory W Truncating log tag length as it exceed 23, the limit imposed by Android on certain API Levels 2023-11-16 21:56:31.628 30024-30253 chatty I uid=10114(packagename) Thread-5 identical 1 line 2023-11-16 21:56:31.630 30024-30253 LogFactory W Truncating log tag length as it exceed 23, the limit imposed by Android on certain API Levels 2023-11-16 21:56:31.755 30024-30253 AWSKeyValueStore I Detected Android API Level = 29 2023-11-16 21:56:31.756 30024-30253 AWSKeyValueStore I Creating the AWSKeyValueStore with key for sharedPreferencesForData = com.amazonaws.android.auth 2023-11-16 21:56:31.763 30024-30253 KeyProvider23 D AndroidKeyStore contains keyAlias com.amazonaws.android.auth.aesKeyStoreAlias 2023-11-16 21:56:31.763 30024-30253 KeyProvider23 D Loading the encryption key from Android KeyStore. 2023-11-16 21:56:31.801 30024-30253 CognitoCachingCredentia D Loading credentials from SharedPreferences 2023-11-16 21:56:31.803 30024-30253 KeyProvider23 D AndroidKeyStore contains keyAlias com.amazonaws.android.auth.aesKeyStoreAlias 2023-11-16 21:56:31.804 30024-30253 KeyProvider23 D Loading the encryption key from Android KeyStore. 2023-11-16 21:56:31.826 30024-30253 CognitoCachingCredentia D No valid credentials found in SharedPreferences 2023-11-16 21:56:31.828 30024-30253 KeyProvider23 D AndroidKeyStore contains keyAlias com.amazonaws.android.auth.aesKeyStoreAlias 2023-11-16 21:56:31.828 30024-30253 KeyProvider23 D Loading the encryption key from Android KeyStore. 2023-11-16 21:56:31.847 30024-30253 KeyProvider23 D AndroidKeyStore contains keyAlias com.amazonaws.android.auth.aesKeyStoreAlias 2023-11-16 21:56:31.847 30024-30253 KeyProvider23 D Loading the encryption key from Android KeyStore. 2023-11-16 21:56:31.866 30024-30253 KeyProvider23 D AndroidKeyStore contains keyAlias com.amazonaws.android.auth.aesKeyStoreAlias 2023-11-16 21:56:31.866 30024-30253 KeyProvider23 D Loading the encryption key from Android KeyStore. 2023-11-16 21:56:31.890 30024-30253 MQTT D Connection: before calling getCredentials 2023-11-16 21:56:31.890 30024-30253 MQTT D Connection: after calling getCredentials

phantumcode commented 2 months ago

@vikrantuk Were you able to find a solution? Is this still an issue for you?