search

furaiev / amazon-cognito-identity-dart-2

Unofficial Amazon Cognito Identity Provider Dart SDK, to easily add user sign-up and sign-in to your mobile and web apps with AWS.
MIT License
186 stars 114 forks source link

AuthenticationDetails.validationData not transmitted #246

Closed grAPPfruit closed 8 months ago

grAPPfruit commented 10 months ago

Hello there! I'm using the lib in my current project, and we experience the problem, that the "client metadata" we pass over to AWS in the field validationData is not received at the server. We have tried the same from a server library, where it works. I'm a bit lost here, can someone provide any insights?

I've added some metadata in the following requests: user.initiateAuth ... and user.sendCustomChallengeAnswer ... in the former as part of the AuthenticationDetails-class and in the latter just as an additional parameter.

Env: amazon_cognito_identity_dart_2: ^3.6.0 Flutter 3.13.7

Thanks and best

furaiev commented 10 months ago

Hello, Have you tried to debug what is sent to the server? Any errors during the request?

grAPPfruit commented 10 months ago

Yes, I've tried. There are no errors during the request (or response) and I can verify that the ClientMetadata exists in the request: (I've stripped most of the actual data)

I/flutter (12900): --------------------------------------
I/flutter (12900): ENDPOINT: ... <--- correct endpoint
I/flutter (12900): REQUEST-HEADERS: {Content-Type: application/x-amz-json-1.1, X-Amz-Target: AWSCognitoIdentityProviderService.InitiateAuth, X-Amz-User-Agent: aws-amplify/0.0.x dart}
I/flutter (12900): REQUEST-BODY: {
    "AuthFlow": "CUSTOM_AUTH",
    "ClientId": "...",
    "AuthParameters": {
        "USERNAME": "...",
        "SECRET_HASH": "..."
    },
    "ClientMetadata": {
        "client": "...",
        "appVersion": "...",
        "appBuildNumber": "...",
        "osVersion": "...",
        "deviceType": "...",
        "modelBrand": "...",
        "modelName": "..."
    }
}
grAPPfruit commented 10 months ago

I've just verified the data with Charles Proxy.

These are the endpoints in order - only the 2. is failing with 400 Bad Request

  1. AWSCognitoIdentityProviderService.InitiateAuth
  2. AWSCognitoIdentityProviderService.RespondToAuthChallenge (error because we didn't respond to auth challenge at that stage, but we recover)
  3. AWSCognitoIdentityProviderService.InitiateAuth
  4. AWSCognitoIdentityProviderService.RespondToAuthChallenge (this time successful because we provide a response for the challenge)
  5. AWSCognitoIdentityProviderService.GetUser

The InitiateAuth calls contain the following data:

{
  "AuthFlow":"CUSTOM_AUTH",
  "ClientId":"...",
  "AuthParameters":{
    "USERNAME":"...",
    "SECRET_HASH":"..."
  },
  "ClientMetadata":{
    "client":"...",
    "appVersion":"...",
    "appBuildNumber":"...",
    "osVersion":"...",
    "deviceType":"...",
    "modelBrand":"...",
    "modelName":"..."
  }
}

the RespondToAuthChallenge calls contain the following data:

{
  "ChallengeName":"CUSTOM_CHALLENGE",
  "ClientId":"...",
  "ChallengeResponses":{
    "USERNAME":"...",
    "ANSWER":"...",
    "SECRET_HASH":"..."
  },
  "ClientMetadata":{
    "client":"...",
    "appVersion":"...",
    "appBuildNumber":"...",
    "osVersion":"...",
    "deviceType":"...",
    "modelBrand":"...",
    "modelName":"..."
  },
  "Session":"..."
}

So all the data is there and in the correct format as far as I can see ...

I really don't get it

github-actions[bot] commented 9 months ago

This issue is stale because it has been open for 30 days with no activity.

github-actions[bot] commented 8 months ago

This issue was closed because it has been inactive for 14 days since being marked as stale.