search

furaiev / amazon-cognito-identity-dart-2

Unofficial Amazon Cognito Identity Provider Dart SDK, to easily add user sign-up and sign-in to your mobile and web apps with AWS.
MIT License
186 stars 114 forks source link

MFA_SETUP challenge when user pool has "required MFA" #248

Closed Kulodo closed 8 months ago

Kulodo commented 10 months ago

In the Amazon Cognito userPool setup there is the option to have "required MFA" or "optional MFA". When I select "required MFA" and then run my app I get the MFA_SETUP challenge ( see below ).

I think I'm then meant to call associateSoftwareToken() but at that point the session is null and the 'User is not authenticated' exception is thrown in CognitoUser._signInUserSessionCheck. Am I doing something wrong?

The amazon hosted UI is working fine with "required MFA".

When I select "optional MFA" and then run the app then CognitoUserSession is returned correctly. I presume I could then call associateSoftwareToken() and verifySoftwareToken() as I'll have a valid session, and then setUserMfaPreference.

    CognitoUserSession? session;
    try {
      session = await cognitoUser.authenticateUser(authDetails);
    } on CognitoUserMfaSetupException catch (e) {
      // handle MFA_SETUP challenge
      final code = await cognitoUser.associateSoftwareToken();

    } catch (e) {
    }
github-actions[bot] commented 9 months ago

This issue is stale because it has been open for 30 days with no activity.

github-actions[bot] commented 8 months ago

This issue was closed because it has been inactive for 14 days since being marked as stale.

miavorac commented 7 months ago

I encountered same issue. The session is null so there's nothing I can do with proceeding and verifying the TOTP code for the user