Android: confirm sign-in throws exception in custom auth flow

[kalaiselvan369]

This issue happens in android app. I am implementing passwordless authentication feature where user will receive OTP on signing in their phone number. I am successfully receiving OTP but when I use confirm sign in function from AWSMobileClient SDK for verification, it throws an exception and I could not find any message printed from the exception as well.

I am using the following snippet as mentioned in AWS Documentation:

public void confirmSignIn() {
    Map<String, String> res = new HashMap<String, String>();
    res.put(CognitoServiceConstants.CHLG_RESP_ANSWER, "<CHALLENGE_RESPONSE>");
    AWSMobileClient.getInstance().confirmSignIn(res, new Callback<SignInResult>() {
        @Override
        public void onResult(final SignInResult signInResult) {
            runOnUiThread(new Runnable() {
                @Override
                public void run() {
                    Log.d(TAG, "Sign-in callback state: " + signInResult.getSignInState());
                    switch (signInResult.getSignInState()) {
                        case DONE:
                            Log.d(TAG, "Sign-in done.");
                            break;
                        case SMS_MFA:
                            Log.d(TAG, "Please confirm sign-in with SMS.");
                            break;
                        case NEW_PASSWORD_REQUIRED:
                            Log.d(TAG, "Please confirm sign-in with new password.");
                            break;
                        default:
                            Log.d(TAG, "Unsupported sign-in confirmation: " + signInResult.getSignInState());
                            break;
                    }
                }
            });
        }

        @Override
        public void onError(Exception e) {
            Log.e(TAG, "Confirm Custom auth Sign-in error", e);
        }
    });
}

I am following this article for deploying the backend
https://itnext.io/passwordless-sms-authentication-backend-9932391c49dc

Environment Information:

• AWS Android SDK Version: [2.6.12]
• Device: [Pixel XL, Simulator]
• Android Version: [Nougat]

Libraries used:
implementation 'com.amazonaws:aws-android-sdk-mobile-client:2.16.12'
implementation 'com.amazonaws:aws-android-sdk-auth-userpools:2.16.12'
implementation 'com.amazonaws:aws-android-sdk-auth-ui:2.16.12'

[kalaiselvan369]

I think CUSTOM_CHALLENGE case is unimplemented. This is found in AWSMobileClient class in 2.16.12 version. When I downgraded the version, I found CUSTOM_CHALLENGE case is implemented and confirmSignIn fuction returned SignInResult when passing the correct challenge response.

[desokroshan]

@kalaiselvan369 I see that CUSTOM_CHALLENGE case is implemented in the 2.16.12 since there is no break statement between CUSTOM_CHALLENGE and NEW_PASSWORD_REQUIRED. Are you able to do custom auth successfully on 2.16.11? Can you share you share your stacktrace for 2.16.12 to help identify the issue?

[kalaiselvan369]

Hi @desokroshan

// function used for verifying OTP
 private fun verifyOTP(otp: String) {
        Log.d(TAG, otp)
        val res: HashMap<String, String> =
            HashMap()
        res.put(CognitoServiceConstants.CHLG_RESP_ANSWER, "<CHALLENGE_RESPONSE>")

        AWSMobileClient.getInstance().confirmSignIn(res, object : Callback<SignInResult> {
            override fun onResult(result: SignInResult?) {
                runOnUiThread {
                    Log.d(TAG, result.toString())
                    val state: SignInState = result!!.signInState
                    when (state) {
                        SignInState.CUSTOM_CHALLENGE -> {
                            Log.d("confirm sign in ", "custom challenge")
                        }
                    }
                }
            }
            override fun onError(e: Exception) {
                Log.e(TAG, printStackTrace(e.stackTrace))
            }
        })
    }

// stack trace
java.util.Collections$UnmodifiableMap.(Collections.java:1488)
java.util.Collections.unmodifiableMap(Collections.java:1475)
com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.ChallengeContinuation.setClientMetaData(ChallengeContinuation.java:108)
com.amazonaws.mobile.client.AWSMobileClient$8.run(AWSMobileClient.java:1376)
com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
java.lang.Thread.run(Thread.java:764)

In onError menthod, if I log e.localizedMessage it throws null pointer exception.

[ahmedkoshek]

Any updates? I am facing the same issue

[kalaiselvan369]

Hi @akoshek,
No updates. I couldn't crack this.

[ahmedkoshek]

Hi @kalaiselvan369 ,
I handled this issue by adding the latest version for AWSMobileClient
implementation 'com.amazonaws:aws-android-sdk-mobile-client:2.16.13'

[kalaiselvan369]

That's nice @akoshek

[AntoEko]

Hello,

I still have the issue.

I'm using those dependencies:

"
def amplify_version = "1.1.2"
implementation "com.amplifyframework:core:$amplify_version"
implementation "com.amplifyframework:aws-auth-cognito:$amplify_version"
implementation 'com.amazonaws:aws-android-sdk-mobile-client:2.17.1'"

But the code used in "AWSMobileClient" doesn't have the case for CUSTOM_AUTH_CHALLENGE:

                switch (signInState) {
                    case SMS_MFA:
                        signInMfaContinuation.setMfaCode(signInChallengeResponse);
                        signInMfaContinuation.setClientMetaData(clientMetadata);
                        detectedContinuation = signInMfaContinuation;
                        signInCallback = new InternalCallback<SignInResult>(callback);
                        break;
                    case NEW_PASSWORD_REQUIRED:
                        ((NewPasswordContinuation) signInChallengeContinuation)
                                .setPassword(signInChallengeResponse);
                        signInChallengeContinuation.setClientMetaData(clientMetadata);
                        detectedContinuation = signInChallengeContinuation;
                        signInCallback = new InternalCallback<SignInResult>(callback);
                        break;
                    case DONE:
                        callback.onError(new IllegalStateException("confirmSignIn called after signIn has succeeded"));
                        return;
                    default:
                        callback.onError(new IllegalStateException("confirmSignIn called on unsupported operation, " +
                                "please file a feature request"));
                        return;
                }```

What's the solution ?! 

[assemblethis]

Hi @kalaiselvan369 ,
I handled this issue by adding the latest version for AWSMobileClient
implementation 'com.amazonaws:aws-android-sdk-mobile-client:2.16.13'

This worked for me! Thanks.