Custom auth callback not reset on signOut
#2261
Labels
bug
Something isn't working
mobile client
Issues related to AWSMobileClient
work in progress
Issues was triaged and investigation done
The tl;dr is that when I call
AWSMobileClient.default().signOut()
there's a custom auth challenge task (UserPoolOperationsHandler.sharedInstance.customAuthChallengeTaskCompletionSource
which is an internal API) that isn't reset, so when I subsequently callAWSMobileClient.default().signIn(...)
it tries to sign in via a custom auth challenge and then I get an error "Missing required parameter ANSWER".The reason I'm getting into this state is that I'm working on a feature where the flow is that a user can enter a phone number to sign in, which is implemented on AWS as a custom auth challenge which sends a code, which the user then inputs to confirm, and they're signed in.
Part of the requirement is that the user can tap on a "I didn't receive a code" button, which takes them back, and they can change their phone number or just sign in again to retrigger the flow.
The problem I'm running into is that once
AWSMobileClient
signs in and is issued a custom auth challenge, it sets acustomAuthChallengeTaskCompletionSource
task, which is then what's used duringconfirmSignIn
to perform the confirmation. I can see that this is also used insignIn
if it is populated, and after it's used is the only time that it's set back tonil
.The problem that this poses is that if
AWSMobileClient.default().signOut()
is called, there's a flow internally which checks for populated callbacks and eventually callsinvalidateSignInCallbacks
, which sets the sign in callbacks to nil, but the auth tasks aren't included in this and don't have any apparent way to be reset.It seems to me like
signOut()
would also be the place to reset thecustomAuthChallengeTaskCompletionSource
value and the other auth tasks, since ifsignOut()
is invoked, it doesn't seem to make sense for the API to still be in a state where it's going to try and fill a custom auth challenge when a user signs in again?There's a good chance I'm misunderstanding the SDK and how it works internally, so if anyone cares to correct me, please do, and if anyone has a workaround or a way this is meant to be used, I'd appreciate it!
It's worth noting that aside from this one edge case, the rest of the custom auth works properly, so our implementation is doing what it's meant to do aside from this.
Thanks,
Tim
The text was updated successfully, but these errors were encountered: