visionOS Unable to fetch/update AuthUserAttribute

[C0D3-BL00D3D]

Describe the bug

I'm able to use Amplify.Auth.signUp and Amplify.Auth.confirmSignUp to create a new user in a Cognito User Pool with email as the only sign-in option enabled. I can see the user is created, and the email verified in the AWS Console.

However, calling Amplify.Auth.fetchUserAttributes or Amplify.Auth.update(userAttribute: AuthUserAttribute) results in AuthError: User does not exist.

I have Keychain Sharing enabled in Signing & Capabilities.

I'm using a Cognito User Pool that wasn't created with Amplify. I have the PoolId, AppClientId, Region, and authenticationFlowType values specified in the amplifyconfiguration.json file.

Steps To Reproduce

Steps to reproduce the behavior:
1. Call Amplify.Auth.signUp with a valid email and password.
2. Observe the Amplify Hub receive a payload for the "Auth.signUpAPI" as successful.
3. Call Amplify.Auth.confirmSignUp with the same email and a valid confirmation code.
4. Observe the Amplify Hub receive a payload for the "Auth.confirmSignUpAPI" as successful.
5. Manually confirm the user is created and verified in the Cognito User Pool via AWS Console.
6. Call Amplify.Auth.fetchUserAttributes, or Amplify.Auth.update(userAttribute: AuthUserAttribute) with a valid attribute name and value.
7. See AuthError: User does not exist.

Expected behavior

I expected to be able to fetch user attributes for the authenticated user from the Cognito User Pool. I also expect to be able to update custom user attributes for the authenticated user in the Cognito User Pool.

Amplify Framework Version

visionos-preview (61994b9)

Amplify Categories

Auth

Dependency manager

Swift PM

Swift version

5.9.2

CLI version

N/A

Xcode version

Version 15.3 beta 2 (15E5188j)

Relevant log output

No response

Is this a regression?

No

Regression additional context

No response

Platforms

visionOS (Preview)

OS Version

visionOS 1.0 / visionOS 1.1

Device

Apple Vision Pro (only using simulator at the moment)

Specific to simulators

Apple Vision Pro

Additional context

No response

[harsh62]

@LarissaKim Thanks for raising the issue. From the steps that you listed out, I didn't see you performing a Sign In step. To fetch or update user attributes, the user needs to be signed in first.

If the user is signed in and you are seeing the issue, would you be able to share the error output and verbose logs when the issue happens.
You can enable verbose logging to the console by doing this before calling Amplify.configure:

Amplify.Logging.logLevel = .verbose

[C0D3-BL00D3D]

@harsh62 Yes, that would be because when I attempt to signIn the user when confirmSignUp is successful, I get the AuthError "There is already a user in signedIn state. SignOut the user first before calling signIn".
This seems to indicate confirmSignUp automatically signs in the user?

[harsh62]

This is really strange..

This seems to indicate confirmSignUp automatically signs in the user?

Amplify doesn't have this kind of a feature built in.

"There is already a user in signedIn state. SignOut the user first before calling signIn".

Did you ever in your testing try the sign In API and got actually signed in (with an app that has the same bundle identifier). This could result in credentials getting persisted in the keychain and Amplify thinking a user is already signed in.

Could you share some logs, when running API's?

[C0D3-BL00D3D]

@harsh62 I've actually been in the process of verifying if fetchUserAttributes and updateUserAttributes works during the signIn flow to ensure this was only a problem during the signUp flow.

After creating the new user, I stopped the simulator then re-ran the app. I was able to successfully sign in to the app, and also successfully completed fetchUserAttributes. I stopped the simulator again (without signing out), and re-attempted to sign in again to test out updateUserAttributes, but it seems the credentials are getting persisted in the keychain because Amplify.Auth.signIn is resulting in an AuthError for invalidState with the message "There is already a user in signedIn state. SignOut the user first before calling signIn.".

I'm trying to verify if force signing out then signing back in resolve the issue, at least for the sign in flow. Will update with logs shortly.

[harsh62]

@LarissaKim The Amplify session is persisted across app launches, and would only be removed once sign out is called. It feels like your use case can utilize the fetchAuthSession API to check if there is a valid user signed in. You should only ever call sign In when you know there is NO user signed In. Following is the code snippet I envision you would need:

   func fetchAttributes() async throws {
        if try await checkIfUserIsSignedIn() {
            let userAttributes = try await Amplify.Auth.fetchUserAttributes()
        } else {
            // call Amplify.Auth.signIn again and call fetchAttributes method
        }
    }

    func checkIfUserIsSignedIn() async throws -> Bool {
        let session = try await Amplify.Auth.fetchAuthSession()
        return session.isSignedIn
    }

[C0D3-BL00D3D]

@harsh62 I'll try that out and see if it works for the sign-up flow as well. Curious that the user is automatically signed in during confirmSignUp, though.

Would Amplify.Hub.publisher(for: .auth) provide the state of the Amplify session across app launches, or are these events only emitted as a result of app-initiated operations?

[harsh62]

As I said earlier, confirmSignUp will not automatically sign in the user. Amplify doesn't have a feature like that. If that is happening, I would be curious to see the verbose logs and observe what is really happening.

Hub events are resultant of App initiated operations. Hub events won't be triggered on app launches.

[C0D3-BL00D3D]

@hard62 Thanks for the clarification on the Hub events.

Interestingly, the issue has resolved itself. I no longer get the AuthError "There is already a user in signedIn state. SignOut the user first before calling signIn" when calling signIn after calling confirmSignUp, and I'm also able to call Amplify.Auth.fetchUserAttributes and Amplify.Auth.update(userAttribute: AuthUserAttribute) without any errors.

The only thing that was changed was adding the suggested Amplify.Auth.fetchAuthSession check when fetching the attributes, everything else including the Cognito User Pool configuration and Amplify configuration are the same.

I will re-open the issue with logs should the issue reappear. Thank you for your time.

[github-actions]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.