weird sign-in error: 'null failed with error Generate callenges lambda cannot be called.'

[stefan-lz]

This occurs when a valid user is signing in with a blank password (we're using a custom sign-in react component)

"aws-amplify": "1.0.6",
"aws-amplify-react": "1.0.6"

Window debug messages:

[DEBUG] 14:29.772 AuthClass - signIn failure:
code: "UnexpectedLambdaException"
message: "null failed with error Generate callenges lambda cannot be called.."
name: "UnexpectedLambdaException"

[DEBUG] 14:29.773 Analytics - on hub capsule auth:
data:
  code: "UnexpectedLambdaException"
  message: "null failed with error Generate callenges lambda cannot be called.."
  name: "UnexpectedLambdaException"
event: "signIn_failure"

I am mapping the error to something more meaningful for the user as a workaround for now.

if(/null.*error/.test(message)) {    return "Incorrect username or password"; }

[shitalpimpale]

facing same issue for cognito login functionality

[xtebs]

Still the same on :
aws-amplify : 1.1.3
aws-amplify-react-native : 2.0.3

[bkonkle]

Seeing the same issue here on v1.0.5

[digicontributer]

Still seeing this on 1.1.6-unstable.2, Unable to use passwordless login.

[Akumar96]

Facing this issue as well

[andrwh]

+1

[rmadugula]

Has anyone else seen or dealt with this issue? I have a pretty plain setup with the amplify authenticator component and the apple App Store reviewers are getting this error message :/ I cannot duplicate it for the life of me or figure out next steps. I've tested ipv6, simulators, devices, etc. Works perfectly for me but the apple App Store reviewers can't seem to login at all. Using Cognito, standard username and password workflow (with sms verification on account creation)

[vapolonio]

+1

[ColinRyan]

+1

[cbartram]

Same here +1

[goatandsheep]

The challenge happens after you create a new user and the new user has to create a new password. If they type a blank temporary password, this happens. It also happens when you change your password value.

[rmadugula]

I hope this helps someone, I just posted in #2537
For me. I had a simple Amplify Authenticator setup. If you try and copy and paste your credentials in, it will generate one of these two problems
"Username cannot be found"

once you manually enter your username in, and try to paste in your password... you run into
"null failed with error Generate challenges lamda cannot be called.'

@goatandsheep helped me put two and two together with his last post. When you copy paste into the component, either username or password, it isn't working. You have to manually input them. It thinks it is blank if you copy and paste and will throw the error. IMHO a bug. hope this helps someone.

[jernejcic]

I'd definitely call this a bug. In a world where password managers are becoming increasingly common, a form has to support copy/paste.

[Lasim]

+1

[cpphen]

Encountering this issue for custom application. During sign up process for my app, two scenarios can happen:

1. If a user leaves before validating the email code sent out by Auth.signUp and they return to the sign up flow, we have it setup so they don't fill out personal info again such as Name, Password etc since they are already signed up. We use the existing signed up email that is not verified along with a blank password (password is optional params to Auth.signIn) to sign them in. This is where the error occurs. Even though I get this exception UnexpectedLambdaException, if I refresh the page, my apps state will be Authenticated for the user.
2. This error does not happen if user goes through my entire sign up process without leaving. This is because if they go through the entire process the first time without leaving, they signup for an account and all the information they provided such as Password, Name etc, gets passed to Auth.signIn()

[goatandsheep]

@henhen87 instead of giving them a blank password, can you send a random initial password to their email?

[cpphen]

@goatandsheep I do not think that will work, because the user is already signed up at this point with a Password associated with their account; they are just not verified. So if I try to Auth.signIn() and pass a wrong password, it will probably give a wrong password error.

[sprucify]

Stumbled into this bug as well today
It happens when you try to submit the signin form with a valid existing username and an empty password field.

I use the i18n module to translate the error to a human understandable error message.

[mlncstr]

Still an issue.

+1

[markcarroll]

Just hit this too. Valid user name, blank password, vanilla implementation of amplify auth using Cognito.

    "@aws-amplify/auth": "^1.2.19",
    "@aws-amplify/ui": "^1.0.18",
    "aws-amplify-react": "^2.3.3",

[jarodsmk]

So I'm not sure if I can speak for the other parts of the package, but here's some info and findings from debugging the aws-amplify-angular side of things. :)

The issue:

Only a (keyup) event is being used on the username/password inputs, which after the field takes focus and you paste a string into it, would fire the event for the current content of the input, leaving you with the exact same value.

amplify-js/packages/aws-amplify-angular/src/components/authenticator/sign-in-component/sign-in.component.ionic.ts

Line 35 in cdcdb69

(keyup)="setUsername($event.target.value)"

To solve it:

Personally, I had some other issues with the UI of the plugin that I had to curb a couple weeks ago, so I made my own customized UI, based off the Amplify code, but just so I could tinker with the styling, input field naming, etc a little easier.

Angular can handle (paste) events. Slap that on your input, and have some code handle the ClipboardData object that gets returned from this event. (Some decent code I found was here).

I changed the form to be Template-Driven, which handles the input changes and events firing better than what's in the code already. Maybe there's a reason why it's neither model bound or reactive, but meh.

Lastly, I suggest the same for now as @stefan-lz suggested to suppress the terrible error:

if(/null.*error/.test(message)) { return "Incorrect username or password"; }

Will see if I can get the time and add a PR into this project to get this sorted...

[Wintereise]

There's another form of this, manifests as null failed with error Construct callenges lambda cannot be called..

What this means is that you forgot to assign a trigger to the Create Challenge Lambda on the Cognito pool.

Sheesh.

[vitaly-zdanevich]

@Wintereise I created empty lambda (it test execution is succeeded):

package main

import (
	"context"

	"github.com/aws/aws-lambda-go/lambda"
)

type eventIncomming struct {
}

func main() {
	lambda.Start(handleRequest)
}

func handleRequest(ctx context.Context, event eventIncomming) (string, error) {
	return "", nil
}

And attached it to Create Auth Challenge:
but still I am getting the same UnexpectedLambdaException: null failed with error Generate callenges lambda cannot be called..

Update: set this empty lambda to Define Auth Challenge and now I see another output: InvalidLambdaResponseException: Unrecognizable lambda output.

[Wintereise]

@Wintereise I created empty lambda (it test execution is succeeded):

Update: set this empty lambda to Define Auth Challenge and now I see another output: InvalidLambdaResponseException: Unrecognizable lambda output.

Your output format is wrong (empty string is not acceptable), see the Cognito event declaration to learn how they need to be.

[ahummel25]

I'm also getting this error when trying to initiate a passwordless user auth by calling cognitoUser.initiateAuth. Is there any solution?

I'm using amazon-cognito-identity-js@3.0.12. I also got this issue when calling initiateAuth through the main aws-sdk library. Looks like the issue stems from there.

[nurseiit]

Also happens when the authenticationFlowType is set to CUSTOM_AUTH on client and there are no triggers enabled on UserPool Settings.

Took me some time to find out.

[colemars]

I'm facing the same problem as henhen87.

My code is roughly:

 try {
      await Auth.confirmSignUp(email, confirmationCode);
      await Auth.signIn(email, password);  
      setLoggedIn(true);
    } catch (e) {
      console.log(e);
    }

This error always occurs if Auth loses context (i.e. navigate away from page and come back to confirm later).

User is still authenticated despite the error being thrown.

What is the appropriate way to handle allowing a user to confirm their email at a later time?

[sammartinez]

@stefan-lz Are you still experiencing this issue on the latest version of Amplify? Please let us know

[stale]

This issue has been automatically closed because of inactivity. Please open a new issue if are still encountering problems.

[github-actions]

This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels or Discussions for those types of questions.