Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(auth): Fix for retry sign in when resourceNotFoundException is raised #2605

Merged
merged 5 commits into from
Oct 17, 2023
Merged

fix(auth): Fix for retry sign in when resourceNotFoundException is raised #2605

merged 5 commits into from
Oct 17, 2023

Conversation

gpanshu
Copy link
Contributor

@gpanshu gpanshu commented Oct 10, 2023
edited
Loading

  • PR title and description conform to Pull Request guidelines.

Issue #, if available: #2603

Description of changes: Reported via JS team. After signing in and calling rememberDevice(), calling forgetDevice(id) on another device or manually forgetting the device via Cognito leads to the device being unable to sign in. The issue is that the original device still has the deviceMetadata and deviceId and provides it to Cognito, which no longer recognizes it as valid. The error we get back from Cognito is ResourceNotFoundException{message=Could not find the requested online resource., cause=ResourceNotFoundException(message=Device does not exist.)}. Swift/Flutter apparently have retries in place to catch this and resubmit without the device metadata.

How did you test these changes?
Manually and integration tested

Documentation update required?

  • No
  • Yes (Please include a PR link for the documentation update)

General Checklist

  • Added Unit Tests
  • Added Integration Tests
  • Security oriented best practices and standards are followed (e.g. using input sanitization, principle of least privilege, etc)

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@gpanshu gpanshu self-assigned this Oct 10, 2023
@gpanshu gpanshu requested a review from a team as a code owner October 10, 2023 17:54
@gpanshu gpanshu force-pushed the fix-retry-signin-when-resourcenotfoundexception branch from 8645266 to 7683608 Compare October 10, 2023 18:12
tjleing
tjleing approved these changes Oct 10, 2023
View reviewed changes
Copy link
Contributor

@tjleing tjleing left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

approving because the code looks the way I would expect code that fixes this issue to look and because the tests look like they properly test the feature. not huge due diligence here, I'm not an auth expert

@codecov-commenter
Copy link

codecov-commenter commented Oct 11, 2023
edited
Loading

Codecov Report

Merging #2605 (e47d420) into main (7cba616) will decrease coverage by 0.03%.
Report is 1 commits behind head on main.
The diff coverage is 19.67%.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

@@            Coverage Diff             @@
##             main    #2605      +/-   ##
==========================================
- Coverage   41.76%   41.73%   -0.03%     
==========================================
  Files         900      900              
  Lines       28814    28852      +38     
  Branches     4093     4098       +5     
==========================================
+ Hits        12033    12041       +8     
- Misses      15463    15488      +25     
- Partials     1318     1323       +5

@gpanshu gpanshu enabled auto-merge (squash) October 12, 2023 14:29
@tylerjroach
Copy link
Member

"After signing in and calling rememberDevice(), calling forgetDevice(id) on another device or manually forgetting the device via Cognito leads to the device being unable to sign in."

Can you clarify this? Is the user unable to sign in again after a sign out? Or does this impact their signed in user.

Does this behavior now match Swift exactly?

@gpanshu
Copy link
Contributor Author

gpanshu commented Oct 17, 2023

"After signing in and calling rememberDevice(), calling forgetDevice(id) on another device or manually forgetting the device via Cognito leads to the device being unable to sign in."

Can you clarify this? Is the user unable to sign in again after a sign out? Or does this impact their signed in user.
If the device ID is forgotten either through the console or through another session of the same user, after logout if they login on the same device whose deviceID was forgotten they will get a resourceNotFoundException which is now mitigated by this logic add.

Does this behavior now match Swift exactly?
Yes it does exactly match Swift now.

@gpanshu gpanshu merged commit 12fab2f into main Oct 17, 2023
1 check passed
@gpanshu gpanshu deleted the fix-retry-signin-when-resourcenotfoundexception branch October 17, 2023 18:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tjleing tjleing tjleing approved these changes

@tylerjroach tylerjroach tylerjroach approved these changes

Assignees

@gpanshu gpanshu

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@gpanshu @codecov-commenter @tylerjroach @tjleing