New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Amplify Federated Sign In not returning Email for Facebook #8823
Comments
Hi @geeshans 👋 thanks for opening this issue! Sorry for the delayed response. I've been having trouble creating a developer account at FB, for some reason I'm not receiving the sms verification code they send. But, I may still be able to help. Can you check if the attributes from facebook are mapped to the user pool attributes similar to the settings below? You can find these in the Cognito console -> User Pools -> select a user pool -> Federation/attribute mapping |
Hi @chrisbonifacio, thanks for looking into this. These are the attribute mappings for Facebook. In the screenshot you share the mappings seem to be for Google so my screenshot does not have a "sub" attribute. But not sure if attribute mapping stage is reached at all since I'm checking the values returned from Facebook at "pre-signup" trigger. |
@geeshans I was able to get the email from the pre-signup trigger like so: exports.handler = async (event) => {
console.log({
email: event.request.userAttributes.email,
event,
});
}; From Cloudwatch logs
|
Hi @chrisbonifacio, This is the output I get with the same pre-signup trigger. 2021-09-14T11:13:30.019Z ba743176-2184-4cb8-961b-12344555 INFO {
email: undefined,
event: {
version: '1',
region: 'eu-west-1',
userPoolId: 'eu-west-x_xxxxxxxx',
userName: 'Facebook_xxxxxxx',
callerContext: {
awsSdkVersion: 'aws-sdk-unknown-unknown',
clientId: 'xxxxxxxxxxxxxxxx'
},
triggerSource: 'PreSignUp_ExternalProvider',
request: { userAttributes: [Object], validationData: {} },
response: {
autoConfirmUser: false,
autoVerifyEmail: false,
autoVerifyPhone: false
}
}
} Will you be able to share the configurations for your userpool? |
@geeshans Sure, here's my user pool config. You may also want to check for any differences between our OAuth config so I shared my {
"UserPool": {
"Id": "us-east-1_xxxxxxxx",
"Name": "xxxxxxxxxxxx_userpool_xxxxxxxx-dev",
"Policies": {
"PasswordPolicy": {
"MinimumLength": 8,
"RequireUppercase": false,
"RequireLowercase": false,
"RequireNumbers": false,
"RequireSymbols": false,
"TemporaryPasswordValidityDays": 7
}
},
"LambdaConfig": {
"PreSignUp": "arn:aws:lambda:us-east-1:xxxxxxxx:function:xxxxxxXXXXXXPreSignup-dev"
},
"LastModifiedDate": "2021-09-13T17:05:05.535000-04:00",
"CreationDate": "2021-08-20T14:24:25.080000-04:00",
"SchemaAttributes": [
{
"Name": "sub",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": false,
"Required": true,
"StringAttributeConstraints": {
"MinLength": "1",
"MaxLength": "2048"
}
},
{
"Name": "name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "given_name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "family_name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "middle_name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "nickname",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "preferred_username",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "profile",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "picture",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "website",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "email",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": true,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "email_verified",
"AttributeDataType": "Boolean",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false
},
{
"Name": "gender",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "birthdate",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "10",
"MaxLength": "10"
}
},
{
"Name": "zoneinfo",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "locale",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "phone_number",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "phone_number_verified",
"AttributeDataType": "Boolean",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false
},
{
"Name": "address",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "updated_at",
"AttributeDataType": "Number",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"NumberAttributeConstraints": {
"MinValue": "0"
}
},
{
"Name": "identities",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {}
}
],
"AliasAttributes": [
"email"
],
"VerificationMessageTemplate": {
"DefaultEmailOption": "CONFIRM_WITH_CODE"
},
"MfaConfiguration": "OFF",
"EstimatedNumberOfUsers": 2,
"EmailConfiguration": {
"EmailSendingAccount": "COGNITO_DEFAULT"
},
"SmsConfiguration": {
"SnsCallerArn": "arn:aws:iam::xxxxxxxx:role/snsxxxxxxxx-dev",
"ExternalId": "xxxxxxxx_role_external_id"
},
"UserPoolTags": {},
"Domain": "xxxxxxxx-dev",
"AdminCreateUserConfig": {
"AllowAdminCreateUserOnly": false,
"UnusedAccountValidityDays": 7
},
"UsernameConfiguration": {
"CaseSensitive": false
},
"Arn": "arn:aws:cognito-idp:us-east-1:xxxxxxxx:userpool/us-east-1_xxxxxxxx"
}
} aws-exports file const awsmobile = {
"aws_project_region": "us-east-1",
"aws_cognito_identity_pool_id": "us-east-1:xxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
"aws_cognito_region": "us-east-1",
"aws_user_pools_id": "us-east-1_xxxxxxxx",
"aws_user_pools_web_client_id": "xxxxxxxxxxxx",
"oauth": {
"domain": "xxxxxx-dev.auth.us-east-1.amazoncognito.com",
"scope": [
"phone",
"email",
"openid",
"profile",
"aws.cognito.signin.user.admin"
],
"redirectSignIn": "http://localhost:3000/",
"redirectSignOut": "http://localhost:3000/",
"responseType": "code"
},
"federationTarget": "COGNITO_USER_AND_IDENTITY_POOLS",
"aws_cognito_login_mechanisms": [
"EMAIL",
"FACEBOOK",
"GOOGLE"
],
"aws_cognito_signup_attributes": [
"EMAIL"
],
"aws_cognito_mfa_configuration": "OFF",
"aws_cognito_mfa_types": [
"SMS"
],
"aws_cognito_password_protection_settings": {
"passwordPolicyMinLength": 8,
"passwordPolicyCharacters": []
},
}; |
@geeshans just out of curiosity, could you try creating a custom button that calls this is React syntax but you can use the Angular equivalent of this: <button onClick={() => Auth.federatedSignIn({ provider: "Facebook" })}>
Sign In with Facebook
</button> |
Thanks @chrisbonifacio, creating a custom button worked! Is this the expected behaviour or a bug? For anyone who want the Angular equivalent: <button slot="federated-buttons" (click)=customSignIn()>Facebook</button> customSignIn(): void{
Auth.federatedSignIn({provider: CognitoHostedUIIdentityProvider.Facebook });
} |
@geeshans This is expected behavior. There are different auth workflows depending on the argument passed to User Pool workflow Auth.federatedSignIn({provider: CognitoHostedUIIdentityProvider.Facebook }); Identity Pool workflow const {
token, // the token you get from the provider
domainOrProviderName, // Either the domain of the provider(e.g. accounts.your-openid-provider.com) or the provider name, for now the library only supports 'google', 'facebook', 'amazon', 'developer'
expiresIn, // the time in ms which describes how long the token could live
user, // the user object you defined, e.g. { username, email, phone_number }
identity_id // Optional, the identity id specified by the provider
} = getFromProvider(); // arbitrary function
Auth.federatedSignIn(
domain,
{
token,
identity_id, // Optional
expires_at: expiresIn * 1000 + new Date().getTime() // the expiration timestamp
},
user
).then(cred => {
// If success, you will get the AWS credentials
console.log(cred);
return Auth.currentAuthenticatedUser();
}).then(user => {
// If success, the user object you passed in Auth.federatedSignIn
console.log(user);
}).catch(e => {
console.log(e)
}); the amplify-facebook-button seems to use the Identity Pool workflow. |
This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs. Looking for a help forum? We recommend joining the Amplify Community Discord server |
Before opening, please confirm:
JavaScript Framework
Angular
Amplify APIs
Authentication
Amplify Categories
auth
Environment information
Describe the bug
I'm using Amplify to add social signing to a webpage and with google I'm getting the email of the user but it's missing in facebook.
I have printed the event received by "Pre sign-up" Lambda and user email is not returned.
Expected behavior
Receive "email" as part of the userAttributes.
Reproduction steps
Code Snippet
// Put your code below this line.
Log output
aws-exports.js
No response
Manual configuration
Additional configuration
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response
The text was updated successfully, but these errors were encountered: