Comments (13)
After discussion with Jordan, we decided to re-open because the underlying issue is not solved.
To me the issue is that using Auth.federatedSignIn
the AuthState the UI get in return is always verifyContact.
I assume it is due to the fact that for all external IdP Cognito mark the email_verified
as false and Amplify use that to decide what state to go on.
This does not make sense. Since the identity is managed by a trusted IdP we have no valid reason to ask for email confirmation.
So, Amplify Auth should instead look at the Account Status
and not go for verifyContact if the value is Enabled / EXTERNAL_PROVIDER
from amplify-ui.
Confirmed that this behavior exists and is undesirable.
-
Clicking "Sign in with Google"
-
After the redirect, I'm prompted to verify my email:
-
However, when refreshing the page, I get the desired experience:
from amplify-ui.
It shouldn't! Federated sign in flows through its own logic path in our state machine, so it really shouldn't ever transition to that "verify" screen. I've included a video showing the federated behavior on the new authenticator. Closing this issue since this is fixed in the new version of the authenticator and you aren't working with amplify anymore.
recording.mov
from amplify-ui.
Hey @liamaws, unfortunately I don't have access to that repo but It seems it is you are using Translations
to customize the SIGN_UP_EMAIL_PLACEHOLDER
or VERIFY_CONTACT_EMAIL_LABEL
and that might cause a conflict for retrieving the correct value here. Can you find [email protected]
in your codebase and share the code with me?
from amplify-ui.
Oh good catch. I searched [email protected]
in the amplify-js repo and couldn't find where it was coming from but I didn't think to look in my own code. 🤦♂️
I will pm you the code.
from amplify-ui.
After speaking offline, we determined that this was a translation assignment in your application. Going to close this particular issue as the originally described issue is solved.
from amplify-ui.
Guys what the status on this issue. I am facing same issue while connecting Cognito with my custom IDP(Keycloack)
from amplify-ui.
Summarizing the problem: When adding the federal entity of Apple Id, the Verify contact screen always appears every time you login even though the email is already verified.
The problem occurs because in the mapping of the attributes in Apple there is no email_verified field, therefore every time it is consulted in amplify's login it asks for it to be verified.
If you try removing the email_verified mapping in google, the Verify Contact screen will always appear when logging in with google as well.
The solution to this problem is to create a lambda function that adds the attribute automatically and configure it in the userpool triggers called “Post authentication” and “Post confirm”.
This publication explains the solution to this problem in a complete way.
Something that is not considered in the referenced manual is the security policy, in which you must be given access to the lambda function so that you can update the attributes of the cognito users.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"cognito-idp:AdminUpdateUserAttributes",
],
"Resource": "cognito_user_pool_arn"
}
]
}
from amplify-ui.
Commenting here again that this is still an issue. I was able to reproduce it this morning. I will be taking a deeper look at it.
I noticed that I did get an error back from OAuth after logging in with Google. I'm guessing that this error is being caught and so even though the login through Google was successful, it isn't hitting our piece of code that would correctly change the auth state to recognize the user as already being verified.
from amplify-ui.
Just a small update - I haven't found a super reliable fix for this yet. This will require a bit further investigation from our side.
from amplify-ui.
This comes up repeatedly, so as we validate behavior for our @next
release we need to determine:
-
If verification is skipped for social sign-ins (or if we can even determine that in the UI)
-
If this is a documentation/configuration issue that can be resolved to successfully allow verification:
from amplify-ui.
Hey everyone, @liamaws , this shouldn't be a problem any longer in the new version of our authenticator (under the @next
tag). Here are our docs if you want to take a look - https://ui.docs.amplify.aws/ui/getting-started/installation?platform=react
Screenshot of what the VerifyContact
screen should look like now -
If you'd like, you can give the new version a shot and see if it takes care of your issue for you.
from amplify-ui.
Ok great. I'm not actively working with Amplify anymore, but I'm wondering if this screen is still showing up after sign in with a federated identity?
from amplify-ui.
Related Issues (20)
- bug(StorageManager/a11y): Upload status is not announced to screen readers
- SERVER_ERROR: Signature expired: 20240614T145057Z is now earlier than 20240614T154633Z HOT 1
- Allow further customization of Amplify
- onFileRemove does not receive updated key from processFile in StorageManager
- [FR] provide file to StorageManager event callbacks
- Wrong error message validation on "Email verification" when signin HOT 1
- Amplify Studio tutorial feedback HOT 2
- Make the loading screen or that rainbow color customizable HOT 2
- Cannot get accessToken within Authenticator element
- Showing Passoword in the place of Email HOT 8
- Auto close the "Verifying..." loader HOT 5
- useAuthenticator is making me unauthenticated. HOT 10
- Accessibility Bug: "X" button in search component is not accessible via keyboard
- Liveness showing not live on production HOT 1
- Accessibility bug - Input fields are not described by their error messages HOT 2
- Authenticator Override Function calls for handleResetPassword and handleConfirmResetPassword are missing HOT 2
- processFile in StorageManager causing endless uploads HOT 10
- Translations for password error messages HOT 1
- Performance Warning in amplify-liveness: Canvas2D getImageData should use willReadFrequently
- Customize Login Page HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from amplify-ui.