Getting error while call authenticateWithCognitoIdentityPool

[bhavik45]

I have already implemented Cognito in the app and now I'm going to implement the SearchPlaceIndexForPosition feature.

I'm getting errors while calling authenticateWithCognitoIdentityPool.

Here is the error:

java.lang.NoSuchMethodError: No direct method <init>(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/Boolean;Ljava/lang/Boolean;ILkotlin/jvm/internal/DefaultConstructorMarker;)V in class Laws/sdk/kotlin/runtime/endpoint/functions/PartitionConfig; or its super classes (declaration of 'aws.sdk.kotlin.runtime.endpoint.functions.PartitionConfig' appears in /data/app/~~9wE-x5JjvtWIrFAnu3LE8g==/com.app.app.debug-48RH1S5fkKdXCCrOJ-JfFQ==/base.apk)

Cognito Policies

"Action": [
        "geo:SearchPlaceIndexForText",
        "geo:SearchPlaceIndexForPosition"
      ],
      "Resource": "arn:aws:geo:ap-southeast-2:65XXXXXXXX21:place-index/location_service_here"

Code

val locationCredentialsProvider : LocationCredentialsProvider = authHelper.authenticateWithCognitoIdentityPool(<identity_pool_id>)
val locationClient = locationCredentialsProvider.getLocationClient()

val searchPlaceIndexForPositionRequest = SearchPlaceIndexForPositionRequest {
                 indexName = "location_service_here"
                 position = listOf(30.405423, -97.718833)
                 maxResults = 3
                 language = "en"
             }
val nearbyPlaces = locationClient?.searchPlaceIndexForPosition(searchPlaceIndexForPositionRequest) 

[bhavik45]

I have downgraded the dependency and changed the code accordingly. It's solved this crash. But now facing the AccessDeniedException on searchPlaceIndexForPosition.

Exception:

com.amazonaws.services.geo.model.AccessDeniedException: User: arn:aws:sts::65XXXXXXXX21:assumed-role/amplify-app-staging-100004-unauthRole/CognitoIdentityCredentials is not authorized to perform: geo:SearchPlaceIndexForPosition on resource: arn:aws:geo:us-east-1:65XXXXXXXX21:place-index/location_service_here (Service: AmazonLocation; Status Code: 403; Error Code: AccessDeniedException; Request ID: 8c1XXXXa-cXXd-4XX1-b6ea-bXXXXXXXXXX3) 

Code:

val authHelper = AuthHelper(context)
val locationCredentialsProvider : LocationCredentialsProvider = authHelper.authenticateWithCognitoIdentityPool("ap-southeast-2:0XXXXXX2-3XXf-4XX4-aXXa-1XXXXXXXXXXf")
val locationClient = authHelper.getLocationClient(locationCredentialsProvider.getCredentialsProvider()) 
val searchPlaceIndexForPositionRequest = SearchPlaceIndexForPositionRequest().withIndexName("location_service_here").withPosition(arrayListOf(30.405423, -97.718833))
val nearbyPlaces = locationClient.searchPlaceIndexForPosition(searchPlaceIndexForPositionRequest)

Dependencies:

implementation "com.amazonaws:aws-android-sdk-location:2.72.0"
implementation "software.amazon.location:auth:0.0.1"

I also noticed that my AWS account was configured with region 'ap-southeast-2' but the exception shows 'us-east-1'.

Here is the reference link that I followed: https://docs.aws.amazon.com/location/latest/developerguide/dev-location-libraries.html#loc-sdk-auth-mobile-Android

It would be great if anyone could help me to resolve this.

[bridyck]

Hello, let's see if we can help you resolve this issue.

First a couple of follow up questions:

1. On the "I have downgraded the dependency" part I see two dependencies listed below "com.amazonaws:aws-android-sdk-location:2.72.0" and "software.amazon.location:auth:0.0.1" which of these did you downgrade?

2. It looks like the new error you are receiving could be an issue with the IAM role you have set up for the IdentityPoolId you are using. It should look something like this one from the Quick Start guide: https://docs.aws.amazon.com/location/latest/developerguide/qs-setup-authentication-android.html#:~:text=Create%20an%20IAM%20policy%20for%20tracking if you could show me your IAM Role JSON, I can verify whether or not that looks correct.

[bhavik45]

Hello @bridyck,

Thanks for the reply!

On the "I have downgraded the dependency" part I see two dependencies listed below "com.amazonaws:aws-android-sdk-location:2.72.0" and "software.amazon.location:auth:0.0.1" which of these did you downgrade?

I have downgraded both.

• "com.amazonaws:aws-android-sdk-location:2.72.0" from "com.amazonaws:aws-android-sdk-location:2.75.2"
• "software.amazon.location:auth:0.0.1" from "software.amazon.location:auth:0.2.5"

It looks like the new error you are receiving could be an issue with the IAM role you have set up for the IdentityPoolId you are using. It should look something like this one from the Quick Start guide: https://docs.aws.amazon.com/location/latest/developerguide/qs-setup-authentication-android.html#:~:text=Create%20an%20IAM%20policy%20for%20tracking if you could show me your IAM Role JSON, I can verify whether or not that looks correct.

Here is the IAM role policy we are using.

{
	"Version": "2012-10-17",
	"Statement": [
		{
			"Sid": "Search",
			"Effect": "Allow",
			"Action": [
				"geo:SearchPlaceIndexForText",
				"geo:SearchPlaceIndexForPosition"
			],
			"Resource": [
				"arn:aws:geo:ap-southeast-2:65XXXXXXXX21:place-index/location_service_here",
				"arn:aws:geo:ap-southeast-2:65XXXXXXXX21:place-index/location_service_esri"
			]
		}
	]
}

Also, we have reviewed the reference link, which needs the API key to execute API. Is there any way to authenticate using cognito instead of using API keys?

Please let me know if you need any other information.

[bridyck]

That IAM Role looks right. To answer your question, yes you should be able to authenticate using cognito instead of API Keys.

One more sanity check - You have attached the IAM role policy to the IdentityPool correct?

These steps are not Android SDK Specific, but they are in the steps for setting up the needed resources for any of our SDKs: https://docs.aws.amazon.com/location/latest/developerguide/authenticating-using-cognito.html