Handle FORCE_CHANGE_PASSWORD without delegate for AWSCognitoIdentityUser

[mrmrdolph]

Iv'e created a custom AWSIdentityProviderManager to provide login maps from either Google or user pool. Because i need to support login trough both Im not using the AWSCognitoIdentityInteractiveAuthenticationDelegate as its tightly coupled with user pool sign in flow. However i have basically copied the behaviour with a custom generic "sign in controller" that signs in user pool users explicitly through getSession(***, password: **.... But now when i've moved to our live pool users are created in the console with FORCE_CHANGE_PASSWORD and i've encountered a problem.

Expected behaviour on "pool sign in": error message that user. needs to change password. handle navigation and changePassword(" ", proposedPassword: " ") myself explicitly.

What i get on pool sign in: "startNewPasswordRequired not implemented by authentication delegate" on change password: Authentication delegate not set

Do i need to implement the delegate? I don't see how that would work when supporting google in the same login controller that is pushed on the ui, as the completion for that delegate is built around supplying a username and password.

[minbi]

If you are re-implementing the functionality of the SDK, then you will need a handle for startNewPasswordRequired. If Google does not have this functionality, then your implementation need not call the handle when handling a Google sign-in.

[mrmrdolph]

I ended up having to make the signin controller an AWSCognitoIdentityInteractiveAuthenticationDelegate itself (only if user clicks pool signin) to be able to respond to force change password as get session will look for a delegate in its source code on fail, there seems to be no other way.

This works but also introduces some memory leek as the sigin controllen can never be deallocated now because that AWS delegate is not marked as weak and cant be set to nil.

I dont understand why amazon does not support this outside of using their terrible mobile hub signin or a websignin.

[rohandubal]

Hello @mrmrdolph

To simplify this use-case and some other use-cases, we have released an updated version of AWSMobileClient with SDK version 2.7.x+

You can now do that with simple signIn and confirmSignIn APIs without setting any delegates. You can find the documentation here:

https://aws-amplify.github.io/docs/ios/authentication#force-change-password

Please let us know if this resolves your use-case.

Thanks,
Rohan

[stale]

This issue has been automatically closed because of inactivity. Please open a new issue if are still encountering problems.