Amplify.Auth.resetPassword not detecting failure

[brunovsiqueira]

Hey there.

I was testing the Amplify resetPassword method and I noticed that when you send an incorrect and a correct username it responds the same way. When an nonexistent username is unputed, no exception is thrown nor does the ResetPasswordResult object differs.

However, I would like to let my user know when he inputed the wrong username. Is there anyway to achieve this?

[brunovsiqueira]

Any updates on this?

[haverchuck]

@brunovsiqueira We have refactored our error handling library-wide as part of an upcoming release. This should help satisfy the use case you've outlined.

[haverchuck]

@brunovsiqueira I have tested, and we throw an AuthException when a non-existant user is passed to the resetPassword method IF the UserPool is configured to not prevent a User Existance error:

You can find this configuration in the User Pool console, under the App Clients section.

[haverchuck]

Closing this issue due to inactivity and inability to reproduce.

[brunovsiqueira]

Sorry for the late response.

My "Prevent User Existence Errors" is configured as Enabled and when I send any non existing username to the resetPassword method no AuthException is thrown and I get this response:

result = {CognitoResetPasswordResult} isPasswordReset = false nextStep = {ResetPasswordStep} additionalInfo = {_InternalLinkedHashMap} size = 0 codeDeliveryDetails = {AuthCodeDeliveryDetails} updateStep = "CONFIRM_RESET_PASSWORD_WITH_CODE"

@haverchuck in the documentation I found:
"The error response works when the status is ENABLED and the user doesn't exist. "

Shouldn't an UserNotFoundException be thrown?

Additionally, resetPassword method is returning the response mentioned above when user exists but is in the FORCE_CHANGE_PASSWORD status. I think the response should not be the same for these different use cases.

Can you please reopen it?