I've been building an AWS amplify app for days. I've been logged in to my app while doing this. Today, I believe that the login expired and now, I am getting the error :
[ERROR] 37:22.581 AuthError -
Error: Amplify has not been configured correctly.
The configuration object is missing required auth properties.
This error is typically caused by one of the following scenarios:
1. Did you run `amplify push` after adding auth via `amplify add auth`?
See https://aws-amplify.github.io/docs/js/authentication#amplify-project-setup for more information
2. This could also be caused by multiple conflicting versions of amplify packages, see (https://docs.amplify.aws/lib/troubleshooting/upgrading/q/platform/js) for help upgrading Amplify packages.
I don't understand this. The app has been working. I was logged in. I was adding data to tables through the app. I haven't changed anything about the auth (though I have changed the schema for graphql and pushed that).
When I do an amplify push, it tells me that there are no changes. I have no idea what to do now?
Related
I set up my Cognito UserPool as UserPoolOnly at creation a few months back, before my team considered that we would possibly need an Identity Pool later on for gathering user data. This was set up from an existing user base, so it was configured as an imported User Pool.
We now have hundreds of active users and I am trying to add Amazon Pinpoint to gather user session data to improve our UX, but am getting the following error because I don't have an identity pool in our Amplify project
Error: Current auth configuration is: userPoolOnly, but identityPoolOnly was required.
Auth configuration is required to allow unauthenticated users, but it is not configured properly.
I tried creating a new identity pool, basing it off the Cognito UserPool and adding the same app id and federated identity app ids to "attach" it, but this does not change the error after running amplify pull - I think because it is still not associated with Amplify.
When running amplify update auth I get the error Updating imported Auth resource is not supported.
How can I fix the issue of not having an identity pool associated with my Amplify project but needing it for Pinpoint?
Note:
Trying to use Kinesis Streams instead of Pinpoint gives the same Error about identityPoolOnly being required
My current setup is like this. The entire project was built using the official docs here - https://identityserver4.readthedocs.io/en/latest/
API Server
Auth Server with local login, google login and github login
Console based c# client
JS based client
MVC based client.
(all of it, as described in the official docs)
Locally, all of them work beautifully. Able to login, access api endpoints, logout, redirect, the whole thing works smooth.
I have deployed all 5 of them to five different azure web apps. They all have the standard xyz.azurewebsites.net domains ready to use. Now, I have run into some problems.
the console C# client is able to talk to the deployed auth server, collect token using a local account on the auth server and make calls to the deployed API server. Based on this, I assume that both the api server and the auth server working hand in hand, as they should.
Problem #1 - the JS client keeps saying
'The login is blocked because of CORS Missing Allow Origin '
Problem #2 - the MVC client loads the auth server, and then the auth server gives me this error.
Sorry, there was an error : unauthorized_client
Request Id: 80005c0f-0000-eb00-b63f-84710c7967bb
Note : I have set the CORS policy on the auth server, both these clients, under client definition as follows. I am not too concerned about keeping the auth server open, so dont mind if any and every domain can call the auth server.
AllowedCorsOrigins = { "*.*" },
Also Note : I have set the URLS in the code before deployment. all loclahost:port number lines have been replaced correctly with the corresponding now published URLs.
So, what am I missing out here?
Update 1
I was able to solve the CORS issue. Have posted a answer here on another question.
Not able to enable CORS for identity server 4 in asp.net core
Update 2
So, now, both the JS client and the MVC client, are giving identical errors.
Sorry, there was an error : unauthorized_client
Request Id: 80005c0f-0000-eb00-b63f-84710c7967bb
Update 3
I have opened an issue which has log details.
https://github.com/IdentityServer/IdentityServer4/issues/4691
I am not sure if this counts as an answer, but posting for my own question, as it might might help others. Also, this is only a guess at this point.
I found out that the redirects were permanently stored in the database I used with EF migrations. That mean, local in memory redirects were being overwritten anyway by the database stored migrations. I believe this is the issue.
I also realized that the console app is working fine for it does not depend on redirect URLs where as the JS and MVC based clients dont work because they do depend on redirect URLs.
At this point, the best thing to do and for you (if you used EF migrations to store your auth server configuration) on database would be start over and switch to in memory only. Alternatively, you can try and update the database to suit your deployment requirements.
Ultimately, I believe, unless it is absolutely necessary, keep the auth server config (like redirects and CORS settings) in memory as they dont take up much value and are rarely changed.
I am trying to use Mongo Realm (v10.0.0-beta.9) ; I use a JWT authentication (token being generated by AWS Cognito). It works pretty well since a user has been created (in Mongo Realms Users menu) and I was able to insert a data in my realm. But...
1. Empty user object
One strange thing nevertheless: the user I get from the authentication is empty
const credentials = Realm.Credentials.custom(jwt)
// Authenticate the user
const user: Realm.User = await app.logIn(credentials)
console.log("logged in with Jwt, user:", user) // display "logged in with Jwt, user: {}"
Is it normal? Examples speak about a identity field: console.log(`Logged in as ${newUser.identity}`);
2. React Native hot reload
A bothering thing: I can't reconnect to a realm when reloading the app (pressing r in the console where I npm started). I don't get any error, I just get... nothing. No log appears in Realm console.
The only solution I get is to kill the app, then restart it.
Did I miss a trick to handle that reconnection with RN hot relad?
I've had some troubles converting any Realm objects to printable strings; I always get {} just like you do. I think it could be related to this (unresolved) task on their GitHub.
On a similar note, there are some bugs in Realm's authentication system. I'm trying to get email/password, Facebook, and Google authentication going in my application but all of them currently seem to be broken on Realm's side.
Here are some related issues on their GitHub that you can follow for a solution.
Facebook
Google
Email/pass (fixed, but not released in the latest beta)
I don't have any information about JWT specifically but given these other authentication issues there's a good chance the issue isn't on your side. I recommend opening an Issue on their repository.
I have a React App with multiple passing tests. When running them through Travis, I get the following error:
API request failed.
Message: The requested API endpoint was not found. Are you using the right HTTP verb (i.e.GETvs.POST), and did you specify your intended version with theAcceptheader?
I use the .env to set a variable to the heroku URL. Then i set the same variable in the Travis .env on their website. I suspect that the API fails for the action tests, but I can't seem to fix it.
Anyone had a similar experience and knows where to fix the issues? Will provide any additional code examples
Fixed it by doing this:
deploy:
provider: heroku
api_key:
secure: ENCRYPTED-PW
app: boiling-spring-21825 <------------
on:
repo: xyz/project-name
Before, I had the app name as https://boiling-spring-21825:21825, hence Travis was unable to fetch the project from heroku. I can imagine the API was looking for https://boiling-spring-21825:21825/https://boiling-spring-21825:21825 or something similar that didn't make sense.
Lesson here is to only write out the simple heroku app name as found in your heroku projects page.
I have an app that already successfully uses google oauth, but now I am trying to setup a staging deployment. It is a rails app with devise and omniauth, but I think there might be a problem with how I configured Google.
In the google api admin panel (https://code.google.com/apis/console) I can see the existing app. I created another one with a different callback url (because it is staging). Using Postman (a fancy way to edit the url parameters) I can send a get request to google with the current production client_id and redirect_url and it works fine. When I copy and paste in the new clients (staging's) client_id and redirect_url I always get the error Error: invalid_client.
I'm sure where to start with trying to the figure out the problem, but I've tried a lot of different steps, renaming the urls, changing the client secret, or recreating the client in the admin panel. Any ideas? This error is rather cryptic.
We had a temporary issue with a small set of client ids. The issue should be resolved. If you are still having problems please follow up.