-
Notifications
You must be signed in to change notification settings - Fork 119
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
confirmResetPassword returns generic error message if incorrect verificationCode is provided. #2866
Comments
The described steps are supposed to result in a |
Thanks for the additional info @ashwani-trivediat, that is very helpful. There's definitely something odd going on here - the stack trace indicates that the Kotlin SDK actually couldn't parse the response. That explains why the generic error message was returned instead of the correct code mismatch exception. To double check, I used the Authenticator Sample App and the returned exception has the correct type and message: The difference appears to be that my backend returned a body in the response, while yours did not: You can see in your headers that the content-length is specified as 100 bytes, but the body has an actual contentLength of 0. This explains the error, but I'm not sure why the body would be missing. Can you double check what values you are sending for the confirmation code? Does your backend have any custom lambda triggers involved in the reset password process? |
Hi @vincetran, we don't have any custom trigger for password reset. We have following two lembda triggers, will reset password trigger them? |
@mattcreaser @vincetran do you need more information on this, I need to identify why my AWS instance is returning null body after migrating to V2 API, it was working fine with V1 API. |
Sorry for the slow reply @ashwani-trivediat. There may or may not be any actual change in what your backend is returning between V1 and V2, instead it could just be that the AWS Android SDK (what V1 was built on) is tolerant of the missing response body, while AWS Kotlin SDK (What V2 is built on) is not. According to the Cognito docs, the pre sign-up trigger will be invoked during a password reset, so it's possible that is the source of the error. Can you temporarily delete that trigger and see if the issue persists? |
@mattcreaser I tried with deleting pre sign-up flow, but the issue still remains the same. |
We may need to engage someone from the Kotlin SDK or Cognito teams here to determine why the response is empty. |
Before opening, please confirm:
Language and Async Model
Kotlin
Amplify Categories
Authentication
Gradle script dependencies
Environment information
Please include any relevant guides or documentation you're referencing
https://docs.amplify.aws/gen1/android/build-a-backend/auth/manage-passwords/#reset-password
Describe the bug
Amplify SDK authentication version 2.19.1 seems to throw and generic error message if user types incorrect verificationCode while trying to reset password. Here are the steps:
On investigating the root cause it appears that inside
RealAWSCognitoAuthPlugin
whenever any type of error is encountered a generic error message is returned, here is the message:"There is a possibility that there is a bug if this error persists. Please take a look at \n" +
"https://github.com/aws-amplify/amplify-android/issues to see if there are any existing issues that \n" +
"match your scenario, and file an issue with the details of the bug if there isn't.";
Following appears to be problematic code:
Reproduction steps (if applicable)
No response
Code Snippet
// Put your code below this line.
Log output
amplifyconfiguration.json
No response
GraphQL Schema
Additional information and screenshots
No response
The text was updated successfully, but these errors were encountered: