Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS-Amplify API is always returning 403 unauthorized with angular #2810

Closed
khaledshamat opened this issue Mar 5, 2019 · 8 comments
Closed

AWS-Amplify API is always returning 403 unauthorized with angular #2810

khaledshamat opened this issue Mar 5, 2019 · 8 comments
Labels
API Related to REST API issues pending-close-response-required A response is required for this issue to remain open, it will be closed within the next 7 days. question General question

Comments

@khaledshamat
Copy link

AWS-Amplify using API.get() with angular to call Serverless API with IAM authentication is always returning 403 unauthorized, even though that I have followed all the instructions posted on GitHub and stackoverfolw,

here is my code for using api.get:

` async testApiCall() {
const user = await Auth.currentAuthenticatedUser();
const token = user.signInUserSession.idToken.jwtToken;

const request = {
    headers: {
        Authorization: token
    }
};

var response = await API.post('orders', '/orders', request)
    .catch(error => {
        alert('error' + error);
    });
    alert(response);
document.getElementById('output-container').innerHTML = JSON.stringify(response);

}`

and here is my config.ts:

export default { MAX_ATTACHMENT_SIZE: 5000000, s3: { REGION: "eu-central-1", BUCKET: "xxxxxx" }, apiGateway: { REGION: "eu-central-1", URL: "xxxxxxxx" }, cognito: { REGION: "eu-central-1", USER_POOL_ID: "xxxxxxxxxxxxxxxxx", APP_CLIENT_ID: "xxxxxxxxxxxxxxxxx", IDENTITY_POOL_ID: "xxxxxxxxxxxxxxxxx" } };

And here is what I have in environment.ts:

export const environment = { production: true, amplify: { Auth: { identityPoolId: 'xxxxxxxxxxx', region: 'eu-central-1', userPoolId: 'xxxxxxxxx', userPoolWebClientId: 'xxxxxxxxxxx' }, API: { endpoints: [ { name: "orders", endpoint: "xxxxxxxxx" } ] } } };
any suggestions please?
@powerful23
Copy link
Contributor

@khaledshamat I don't think you need to configure the header because Amplify will do that for you. Can you check the following items:

  1. Did you use Cognito Federated Identity Pool to retrieve the AWS Credentials?
  2. Which authorization type are you using? https://aws-amplify.github.io/docs/js/api#manual-configuration

@powerful23 powerful23 added API Related to REST API issues question General question labels Mar 5, 2019
@khaledshamat
Copy link
Author

khaledshamat commented Mar 5, 2019 via email

@powerful23
Copy link
Contributor

@khaledshamat if you are using IAM authentication, and as I could assume based on your config, you are using the Cognito Federated Identity Pool service right? In that case, you shouldn't do the following:

const request = {
    headers: {
        Authorization: token
    }
};

The amplify library will fetch the credentials internally and sign the request. Can you also open the debug mode by putting window.LOG_LEVEL='DEBUG' to get more info?

@khaledshamat
Copy link
Author

yeah after long time of researching I managed to get my request signed automatically but with this approach Im getting a weird behavior you can check my stack overflow post again I have updated it, I can get the right data from the request after signing in, but if I signed out and signed in again without refreshing the page it will throw 403 error till I hit refresh it will get the data.

If I signed out after a successful call its still able to get the data from the api without authentication!

Any advice on that?

@elorzafe
Copy link
Contributor

elorzafe commented Mar 7, 2019

@khaledshamat can you open your developer tools and check on Application section -> Local Storage., there you could find the data that is stored by the library. On sign out should clean the tokens.

@haverchuck haverchuck added pending-close-response-required A response is required for this issue to remain open, it will be closed within the next 7 days. and removed pending-close-response-required A response is required for this issue to remain open, it will be closed within the next 7 days. labels Mar 15, 2019
@stale
Copy link

stale bot commented Jun 15, 2019

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the pending-close-response-required A response is required for this issue to remain open, it will be closed within the next 7 days. label Jun 15, 2019
@stale
Copy link

stale bot commented Jun 22, 2019

This issue has been automatically closed because of inactivity. Please open a new issue if are still encountering problems.

@stale stale bot closed this as completed Jun 22, 2019
@github-actions
Copy link

This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels or Discussions for those types of questions.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 12, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
API Related to REST API issues pending-close-response-required A response is required for this issue to remain open, it will be closed within the next 7 days. question General question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@haverchuck @powerful23 @elorzafe @khaledshamat