-
Notifications
You must be signed in to change notification settings - Fork 116
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DeviceKey is empty after logging in again after remembering device #2609
Comments
Thank you for the detailed report! Someone on our team will be taking a look. |
6 tasks
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Before opening, please confirm:
Language and Async Model
Kotlin - Coroutines
Amplify Categories
Authentication
Gradle script dependencies
Environment information
Please include any relevant guides or documentation you're referencing
https://docs.amplify.aws/lib/auth/device_features/q/platform/android/#terminology
Describe the bug
Each time we login we're getting a new deviceKey even though the user should be remembered after entering the MFA code. In the console the device tracking is set to "always remember".
It seems to be caused by the key at which the deviceKey is being saved as, when using the debugger, the data is still available after logging in again.
When looking at the
AWSCognitoAuthCredentialStore
this can be validated, saving the deviceKey (available in the dashboard as well) is used with a key like this (in thesaveDeviceMetadata
method):How the key is being generated is fine, however the crucial part is the username in the middle:
f9663a13-13db-40b1-bb7d-85d653915a67
.After logging out and logging in again the device metadata is being retrieved using this key:
As you could see, the first one is using some kind of backend user ID and the second one is using the actual username the user filled in.
The interesting part is when using the key from above (with the backend user ID) the device metadata can be successfully retrieved when having a breakpoint in the
retrieveDeviceMetadata
method inAWSCognitoAuthCredentialStore.kt
.With the iOS SDK this is working fine, we also double checked the authenticationFlowType which all seem to be matching the documentation.
Reproduction steps (if applicable)
Code Snippet
// Put your code below this line.
Log output
amplifyconfiguration.json
No response
GraphQL Schema
Additional information and screenshots
As shown this is the retrieveDeviceMetadata function, the username is in this case the actual email of the user. The first line in the normal debug window shows getting the metadata like it does now. It returns null.
The window on top is showing getting the metadata with using the backend user ID, this returns deviceMetadata with the deviceKey which probably should be used to skip the MFA flow.
The text was updated successfully, but these errors were encountered: