UserCancelledException after first Google Social Login / Logout #2744
Comments
|
@iolandarosavoid I will try and replicate the issue. It is expected that you will not be signed out from Google on a hosted ui social sign in. Since the authentication cookie is in the browser (ex: chrome) and for a non-cognito site, we cannot sign the Google user out. It is not expected that a subsequent sign in attempt completely fails though. I'll try to replicate with my own google hosted ui sign in app and send an update. |
tylerjroach
added
auth
|
I tested with my sample app with Google Social sign ins and I am able to sign in and out continuously without error. Just to confirm, both your sign in and sign out redirect uris configured on Cognito side start with Would also be good to double check Google sign in settings for Authorized JavaScript origins includes your Amplify hostedui endpoint, and that Authroized redirect URIs includes /oauth2/idpresponse |
|
Yes, I confirm that the redirect URI starts with Additionally, I was able to replicate the current bug with another Samsung phone running Android 14, using the default browser app as Chrome (Galaxy A53 5G). However, when I used another phone (TCL 30) with Android 12, the bug did not occur, and everything proceeded as expected. Furthermore, I discovered that if I have Chrome browser and more than one Google account associated with the device, the bug never occurs, even when using the Samsung phones that previously exhibited the bug. Hence, this seems to be a very specific situation that I was able to reproduce only on Samsung devices until now running Android 14 and with only one Google account associated with the device. I'm not sure if you attempted to reproduce the bug under these conditions. |
|
Also very important to point out is that I installed a previous version of the app that still uses authentication version 1 (1.37.5) and this bug does not happen on the same devices and with the conditions I explained before. This only started to happen after update to version 2. |
|
@iolandarosavoid I'll try and replicate this on Android 14. I am aware of another issue we observed with Hosted UI in one of our other libraries: aws-amplify/aws-sdk-android#3530. It would be helpful to understand what the launchMode is for the Activity that sign in and sign out are occurring on. My tests involved a single Google account signed into the browser on a phone, but I believe I was testing with Android 13 at the time. One thing I want to mention is that there is a difference in sign out behavior for Amplify v1 and Amplify v2. Amplify v1 does not rely on a successful sign out from the browser to complete the sign out process and locally clear credentials on the device. To ensure we were more thorough in ensuring proper sign outs, Amplify v2 requires that the browser acknowledges it has signed out, before continuing to sign out locally (wiping stored credentials). Its likely that in your v1 testing, a similar issue is being encountered, but silently continuing. |
tylerjroach
added
pending-community-response
|
@tylerjroach thank you so much for pointing out that issue. The activity that launches the web sign-in was indeed set in manifest with the Thanks for your help. |
github-actions
bot
removed
the
pending-community-response
|
That's great to hear! Thank you for your feedback. I wasn't sure if this scenario was also going to be relevant to your case but happy to hear that it resolved the issue for you. If you determine that "singleInstance" is required in your application, be sure to see the wrapper workaround that I posted: aws-amplify/aws-sdk-android#3530 (comment) |
|
This issue is now closed. Comments on closed issues are hard for our team to see. |
Before opening, please confirm:
Language and Async Model
Kotlin - Coroutines
Amplify Categories
Authentication
Gradle script dependencies
Environment information
Please include any relevant guides or documentation you're referencing
https://docs.amplify.aws/android/build-a-backend/auth/sign-in-with-web-ui/
Describe the bug
Device used to test: Samsung Galaxy S21 FE 5G (Android version: 14) (tested with default browser app, Samsung Internet, and also Chrome browser)
Description of the problem:
During the first sign-up/sign-in using Google login, everything proceeds successfully.
However, after logging out and attempting to sign in again, I have the exception UserCancelledException, continuously. This issue persists after changing the default browser app to Chrome. To resolve it, I had to clear the browser app's data. It appears to be related to cached data within the browser app.
Reproduction steps (if applicable)
Code Snippet
// Put your code below this line.Log output
amplifyconfiguration.json
{ "UserAgent": "aws-amplify-cli/2.0", "Version": "1.0", "api": { "plugins": { "awsAPIPlugin": { "webhookEndpoint": { "endpointType": "REST", "endpoint": "xxxx", "region": "us-east-1", "authorizationType": "AWS_IAM" }, "outfitterEndpoint": { "endpointType": "REST", "endpoint": "xxxx", "region": "us-east-1", "authorizationType": "AWS_IAM" }, "outfitterGQL": { "endpointType": "GraphQL", "endpoint": "xxxx", "region": "us-east-1", "authorizationType": "AMAZON_COGNITO_USER_POOLS" } } } }, "auth": { "plugins": { "awsCognitoAuthPlugin": { "UserAgent": "aws-amplify-cli/0.1.0", "Version": "0.1.0", "IdentityManager": { "Default": {} }, "CredentialsProvider": { "CognitoIdentity": { "Default": { "PoolId": "xxxx", "Region": "us-east-1" } } }, "CognitoUserPool": { "Default": { "PoolId": "xxxx", "AppClientId": "xxxx", "Region": "us-east-1" } }, "GoogleSignIn": { "Permissions": "email,profile,openid", "ClientId-WebApp": "xxxx" }, "FacebookSignIn": { "AppId": "xxxx", "Permissions": "public_profile" }, "Auth": { "Default": { "OAuth": { "WebDomain": "xxxx", "AppClientId": "xxxx", "SignInRedirectURI": "xxxx", "SignOutRedirectURI": "xxxx", "Scopes": [ "phone", "email", "openid", "profile", "aws.cognito.signin.user.admin" ] }, "authenticationFlowType": "USER_SRP_AUTH", "loginMechanisms": [ "EMAIL", "FACEBOOK", "GOOGLE", "APPLE" ], "signupAttributes": [ "EMAIL" ], "passwordProtectionSettings": { "passwordPolicyMinLength": "-", "passwordPolicyCharacters": [] }, "mfaConfiguration": "OFF", "mfaTypes": [ "SMS" ] } }, "S3TransferUtility": { "Default": { "Bucket": "xxxx", "Region": "us-east-1" } }, "DynamoDBObjectMapper": { "Default": { "Region": "us-east-1" } }, "AppSync": { "Default": { "ApiUrl": "xxxx", "Region": "us-east-1", "AuthMode": "AMAZON_COGNITO_USER_POOLS", "ClientDatabasePrefix": "xxxx" }, "outfitterGQL_AWS_IAM": { "ApiUrl": "xxxx", "Region": "us-east-1", "AuthMode": "AWS_IAM", "ClientDatabasePrefix": "xxxx" } } } } }, "storage": { "plugins": { "awsS3StoragePlugin": { "bucket": "xxxx", "region": "us-east-1", "defaultAccessLevel": "guest" }, "awsDynamoDbStoragePlugin": { "partitionKeyName": "xxxx", "sortKeyName": "xxxx", "sortKeyType": "x", "region": "us-east-1", "arn": "xxxx", "streamArn": "xxxx", "partitionKeyType": "X", "name": "xxxx" } } } }GraphQL Schema
Additional information and screenshots
AndroidManifest info
The text was updated successfully, but these errors were encountered: