Skip to content

Missing Session UUID with MFA challenge #392

New issue
New issue
Open
Open
Missing Session UUID with MFA challenge#392
@yabab-dev

Description

@yabab-dev
yabab-dev
opened on Aug 7, 2024

Hi,

I'm trying to use cognito-local MFA challenge (SMS) with Amplify SDK v2 but got an error when I send the code to cognito:

SignInException: 
			An error occurred during the sign in process. 
			
			This most likely occurred due to:
			1. signIn was not called before confirmSignIn.
			2. signIn threw an exception.
			3. page was refreshed during the sign in flow.

https://github.com/aws-amplify/amplify-js/blob/main/packages/auth/src/providers/cognito/apis/confirmSignIn.ts#L69-L84 (signInSession is undefined at this point)

I tried to find the cause of this issue and it seems that the initiateAuth function does not return the sign in session ID for MFA case. If I put Session variable in verifyMfaChallenge() (like in newPasswordChallenge()) it works:

  return {
    ChallengeName: "SMS_MFA",
    ChallengeParameters: {
      CODE_DELIVERY_DELIVERY_MEDIUM: "SMS",
      CODE_DELIVERY_DESTINATION: deliveryDestination,
      USER_ID_FOR_SRP: user.Username,
    },
    Session: v4(),
  };

https://github.com/jagregory/cognito-local/blob/master/src/targets/initiateAuth.ts#L83-L90

I don't know if this is intentional or an omission ?

Thank you!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions