fetchAuthSession returns isSignedIn=false when login is performed via external app

[arctop-sk]

Before opening, please confirm:

• I have searched for duplicate or closed issues and discussions.

Language and Async Model

Kotlin - Coroutines

Amplify Categories

Authentication

Gradle script dependencies

// Put output below this line
// Amplify core dependency
    implementation 'com.amplifyframework:core-kotlin:2.15.1'
    // Amplify cognito auth
    implementation 'com.amplifyframework:aws-auth-cognito:2.15.1'
    // Support for Java 8 features
    coreLibraryDesugaring 'com.android.tools:desugar_jdk_libs:2.0.4'
    // Authenticator dependency
    implementation 'com.amplifyframework.ui:authenticator:1.1.0'

Environment information

# Put output below this line

8.0

Please include any relevant guides or documentation you're referencing

No response

Describe the bug

We have the ability for another app to call our login screen to allow the user to access our backend.
This works via a service that access our backend, and an activity that launches the Authenticator UI.
Our app uses the same service.
When a user logs in via the activity from another app, although I can see in the hooks that the user is signed in, and if I close the 3rd party app the user is logged in our app, fetchAuthSession returns a signedIn = false
This means the actual signIn is working, but the authSession request returns false information.
I've also tried using the option to force refresh to no avail.

Reproduction steps (if applicable)

No response

Code Snippet

// Put your code below this line.

Log output

// Put your logs below this line

amplifyconfiguration.json

No response

GraphQL Schema

// Put your schema below this line

Additional information and screenshots

No response

[mattcreaser]

Hi @arctop-sk, thanks for filing this issue.

I am wondering if you can expand on your use case a little bit. Here's how I am understanding your description, please let me know if I am interpreting anything incorrectly.

1. External app invokes your App's exported login Activity via an Intent. This Activity uses Authenticator to allow user to sign in with Amplify.
2. External app then uses an exported Service from your App to interact with your backend, using the credentials from Amplify.
3. User closes the external app.
4. Back in your application, you try to call fetchAuthSession, but it returns isSignedIn = false.

Is that an accurate description? Does the user need to log in again in your application?

[arctop-sk]

Not exactly.

1. External app binds to our exported service and requests to check if the user is logged in.
2. Service calls fetchAuthSession, and returns result.
3. External app, if user is not logged in, invoke our app's exported activity via intent, using the authenticator to sign in.
4. Once signed in, our activity closes and returns RESULT_OK
5. Back in external app, it calls the service again to check a different option. That option reports, after checking fetchAuthSession, that the user is not logged in.
6. If at this point I close the external app, and relaunch our app, the user is signed in.
7. Additionally, If I close the external app and re-open it, (without opening my app again), the service now reports that the user is signed in.

[mattcreaser]

Thanks for the clarifications, that should be enough to reproduce this issue. We'll need to investigate. Please keep this issue updated if you find any additional information!

[arctop-sk]

I just did a quick check looking for workarounds.
If in the External app I unbind and rebind to the service after signIn, the status correctly updates.

[arctop-sk]

Another update that I have just found, and perhaps a missing piece of information. The Service runs in it's own process independent of the App. Our app works with the service in the same manner as any other app.
I just found that within our app we have the same issue. So:

1. Sign in with user A, the user signs in and the service recognizes it.
2. Click signOut -> Generates a call to both the Authenticator (see other issue) and Amplify.Auth.signOut.
3. Sign in with a different user -> Service doesn't recognize that user is signed in. (fetchAuthSession signedIn = false)

Note that all calls to fetchAuthSession are done via a wrapper singleton and I have verified that the same instance is called by both the service and the rest of the app.

[arctop-sk]

so one last comment and this is probably the issue. Our service is running in its own process, so the context in which the AWS session runs in is different between the app itself and the service, hence the discrepancies.

I wouldn't know what would be a solution for this, but I believe this is the problem

[arctop-sk]

final update. Moving our service to the app's process solves the issue.
I'm not sure if there is anyway to handle Auth cross process. I'll leave the issue open for now if you wish to investigate solutions. If not, you can close it.

[joon-won]

Hi @arctop-sk, glad your issue has been resolved! Thank you for providing your steps and findings, we believe it will be valuable when we work on the issue in the future. Please re-open the issue should you wish to revisit it.

[github-actions]

This issue is now closed. Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.