Pkce.java - encodeBase64 Wrapping response

[gavinharris-dev]

To help us solve your problem better, please answer the following list of questions.

• What service are you using?
  Testing AmazonCognitoAuthDemo with User Pool Federated Identity.

• In what version of SDK are you facing the problem?
  2.4.4

• Is the issue limited to Simulators / Actual Devices?
  Actual Devices (project will not run on Emulator without Chrome browser installed)

• Can your problem be resolved if you bump to a higher version of SDK?
  No higher version available

• Is this problem related to specific Android/OS version?
  Not that I can tell. Testing on Android 7.0

• Can you give us steps to reproduce with a minimal, complete, and verifiable example? Please include any specific network conditions that might be required to reproduce the problem.
  Using the supplied Demo app; Configure Cognito as:

    Auth.Builder builder = new Auth.Builder()
            .setAppClientId(getString(R.string.cognito_client_id))
            .setAppClientSecret(getString(R.string.cognito_client_secret))
            .setAppCognitoWebDomain(getString(R.string.cognito_web_domain))
            .setApplicationContext(getApplicationContext())
            .setAuthHandler(new callback())
            .setSignInRedirect(getString(R.string.app_redirect))
            .setSignOutRedirect(getString(R.string.app_redirect));
  

Note: Client ID and Secret can be supplied if needed.
Test Case:

In Main activity; onCreate

Log.i(TAG, "initCognito: " + Pkce.encodeBase64("Basic sdfgfdgfdgfdgdfgfd:dfguhwuifgiewufdsgfiwgeiufewsdbviusd"));

Output is:

initCognito: 

QmFzaWMgc2RmZ2ZkZ2ZkZ2ZkZ2RmZ2ZkOmRmZ3Vod3VpZmdpZXd1ZmRzZ2Zpd2dlaXVmZXdzZGJ2
aXVzZA==

Suggested resolution:

In Class Pkce.java; function encodeBase64 change:

return Base64.encodeToString(data, Base64.DEFAULT);

to:

return Base64.encodeToString(data, Base64.NO_WRAP); 

• Please include a stacktrace if applicable.

[ankitnaugariya]

Thank you for your suggestion. We really appreciate it.

In code we call encodeBase64 for appId:secret and for the string it would not make any difference if we use Default or NO_WRAP.

For string: sdfgfdgfdgfdgdfgfd:dfguhwuifgiewufdsgfiwgeiufewsdbviusd
Default: c2RmZ2ZkZ2ZkZ2ZkZ2RmZ2ZkOmRmZ3Vod3VpZmdpZXd1ZmRzZ2Zpd2dlaXVmZXdzZGJ2aXVzZA==
NoWrap:
c2RmZ2ZkZ2ZkZ2ZkZ2RmZ2ZkOmRmZ3Vod3VpZmdpZXd1ZmRzZ2Zpd2dlaXVmZXdzZGJ2aXVzZA==

There is no functionality break. We are keeping the code as it is.

[gavinharris-dev]

Thank you for your reply; I will review my issue and see if it is resolved.
I think that the issue is minor in any effect, it just stopped me from being able to use an App Client Secret (which is of limited use on a native device anyway, as it would be simple to reverse engineer).

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.