SignInWithAppleButton bug #3124
Comments
|
@howardkitto Thanks for raising the issue. Would you be able to share the details about how you are passing the token to |
|
Thanks so much for such a quick response! Yes, so, the SignInWithApple component calls a completion handler "handleResult()" handleResult creates an identityToken... |
|
@howardkitto Thanks for the information. It seems like Cognito is rejecting your Reference configuration screen. 
|
|
I uploaded the p8 file again and here is the output.... |
|
@howardkitto |
|
Hi! Experiencing this as well -- also confident of my setup on the Apple + Cognito side. |
|
To add a Sign in with Apple identity provider (IdP)
You should be good to go. If it still doesn't work, could you please provide a screenshot of the identity pool provider, similar to what I am adding in this comment 
|
harsh62
added
pending-community-response
|
Hmm, so I do see a difference, but now I'm getting the output below. Here are my settings.
|
|
Thanks @harsh62. That has certainly helped me but now it looks like the iam role permissions are wrong. Can you tell me what permissions it needs (normally I would be able to tell from cloudwatch but that doesn't work in this case) Here are the role details: and |
|
I guess your role and attributes for access control are not correctly configured. To see things work set claim mapping to 
But I strongly suggest to figure out what is not correctly configured between your attributes and role. |
|
@harsh62 So that worked -- sorta! However, I don't see the user anywhere in my user pool on Cognito. Also, I was wondering if you had an example of a correctly configured attribute/role pair anywhere. P.S thank you so much for being so helpful regarding this issue. |
I guess there is some confusion around that. To be clear, this API is not meant to federate in the User Pools. Hence, the new user not appearing in your user pool. Unfortunately, there is no API at the moment to federate into user pools. If you need this feature, you would need to use HostedUI (i.e. signInWithWebUI API). There is a feature request open #1121 to create an API that would federate into user pools and our team is looking to prioritize it in the near future. |
harsh62
added
the
closing soon
|
Thanks @harsh62 I got a success - by turning off the claim mapping. However this is useless if I can't map this identity to a userpool. Is there a way we can get this issue higher up in the priority list? Or are there some instructions about how to do this ourselves so that I can use this identity with api gateway?
Thanks so much for your help with this |
|
@harsh62 I just want to clarify on your earlier reply, |
|
@CoryZestDev Right. You are correct. I have corrected the step as follows:
How to register a Services ID
|
|
Please watch #1121 to get updates on federation to User Pools. |
github-actions
bot
removed
pending-community-response
|
Hello, I'm facing the same issue. I have just added
I can create users directly from my browser by tapping the 
but when I try to create users using my app, I receive the error previously shared in this issue (and I use the same code): // Button inside my SwiftUI View
SignInWithAppleButton(
.signIn,
onRequest: configure,
onCompletion: handle
)
...
// Other class with Sign In With Apple related code
func configure(_ request: ASAuthorizationAppleIDRequest) {
request.requestedScopes = [.email]
}
func handle(_ authResult: Result<ASAuthorization, Error>) {
switch authResult {
case .success(let authorization):
guard
let credential = authorization.credential as? ASAuthorizationAppleIDCredential,
let identityToken = credential.identityToken
else { return }
signIn(with: identityToken)
case .failure(let error):
print(error)
}
}
func signIn(with token: Data) {
guard
let tokenString = String(data: token, encoding: .utf8),
let plugin = try? Amplify.Auth.getPlugin(for: "awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin
else {
return
}
Task {
do {
print("🔥🔥🔥 Token \(tokenString)")
let result = try await plugin.federateToIdentityPool(withProviderToken: tokenString,
for: .apple)
print("Successfully federated user to identity pool with result:", result)
} catch {
print("Failed to federate to identity pool with error:", error)
}
}
}But the result is the same, I'm not Authorized Here is my entire log when I press the I removed all my config files and pulled again, just in case any change in my JSON files would fix the issue, but without luck. After executing amplify pull, my awsconfiguration and amplifyconfiguration files remain the same.
{
"UserAgent": "aws-amplify-cli/2.0",
"Version": "1.0",
"api": {
"plugins": {
"awsAPIPlugin": {
"Metrics": {
"endpointType": "GraphQL",
"endpoint": "https://[REDACTED].appsync-api.eu-west-3.amazonaws.com/graphql",
"region": "eu-west-3",
"authorizationType": "API_KEY",
"apiKey": "[REDACTED]"
}
}
}
},
"auth": {
"plugins": {
"awsCognitoAuthPlugin": {
"UserAgent": "aws-amplify/cli",
"Version": "0.1.0",
"IdentityManager": {
"Default": {}
},
"AppSync": {
"Default": {
"ApiUrl": "https://[REDACTED].appsync-api.eu-west-3.amazonaws.com/graphql",
"Region": "eu-west-3",
"AuthMode": "API_KEY",
"ApiKey": "[REDACTED]",
"ClientDatabasePrefix": "Metrics_API_KEY"
},
"Metrics_AWS_IAM": {
"ApiUrl": "https://[REDACTED].eu-west-3.amazonaws.com/graphql",
"Region": "eu-west-3",
"AuthMode": "AWS_IAM",
"ClientDatabasePrefix": "Metrics_AWS_IAM"
}
},
"CredentialsProvider": {
"CognitoIdentity": {
"Default": {
"PoolId": "eu-west-3:[REDACTED]",
"Region": "eu-west-3"
}
}
},
"CognitoUserPool": {
"Default": {
"PoolId": "eu-west-[REDACTED]",
"AppClientId": "24uodve[REDACTED]",
"Region": "eu-west-3"
}
},
"Auth": {
"Default": {
"OAuth": {
"WebDomain": "metrics06[REDACTED].auth.eu-west-3.amazoncognito.com",
"AppClientId": "24uodve[REDACTED]",
"SignInRedirectURI": "mymetrics://",
"SignOutRedirectURI": "mymetrics://",
"Scopes": [
"phone",
"email",
"openid",
"profile",
"aws.cognito.signin.user.admin"
]
},
"authenticationFlowType": "USER_SRP_AUTH",
"mfaConfiguration": "OFF",
"mfaTypes": [
"SMS"
],
"passwordProtectionSettings": {
"passwordPolicyMinLength": 8,
"passwordPolicyCharacters": []
},
"signupAttributes": [
"EMAIL"
],
"socialProviders": [
"APPLE"
],
"usernameAttributes": [
"EMAIL"
],
"verificationMechanisms": [
"EMAIL"
]
}
}
}
}
}
}Do you have any clue what I should try next? It's seems like something is wrong in my iOS app (maybe a configuration file?) because all the flow is working on web (so, Apple part is correctly configured Service Id, Certificate, etc) Thank you, |
|
Same issue here spent hours banging my head on this issue, when using the native button never works I get the Unauthorized error reported above.
but when using this method invoked from a standard button
everything works fine, seems like a bug with the amplify implementation to me |
|
Reiterating. Amplify ATM only supports federation to user pools using the |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
I am following these instructions:
https://aws.amazon.com/blogs/mobile/federating-users-using-sign-in-with-apple-and-aws-amplify-for-swift/
Federation fails and the output doesn't help me to debug
Steps To Reproduce
Expected behavior
I would expect to see the xcode console message "Successfully federated user to identity pool with result: ###"
Amplify Framework Version
12.2.3
Amplify Categories
Auth
Dependency manager
Swift PM
Swift version
4
CLI version
12.2.3
Xcode version
14.3.1
Relevant log output
Is this a regression?
No
Regression additional context
No response
Platforms
iOS
OS Version
16.4
Device
iphone 14
Specific to simulators
No response
Additional context
here is my source code:
Content view
amplifyconfiguration.json
The text was updated successfully, but these errors were encountered: