Cognito: Unable to verify secret hash for client

[maff91]

Problem.

CognitoUser.getSession initiated with "USER_PASSWORD" authentication type does not send secret hash with the in auth request which leads to: "NotAuthorizedException: Unable to verify secret hash for client"

To help us solve your problem better, please answer the following list of questions.

• What service are you using?

Cognito

• In what version of SDK are you facing the problem?

aws-android-sdk-cognitoauth:2.6.23

• Is the issue limited to Simulators / Actual Devices?

Any

• Can your problem be resolved if you bump to a higher version of SDK?

There is no higher SDK version at the moment

• Is this problem related to specific Android/OS version?

No

• Can you give us steps to reproduce with a minimal, complete, and verifiable example? Please include any specific network conditions that might be required to reproduce the problem.

I tracked problem down to: CognitoUser.initiateUserPasswordAuthRequest, it doesn't add SECRET_HASH parameter to the auth request.

Reproduce:
Call CognitoUser.getSession(...) with such a code in the AuthenticationHandler:

        @Override
        public void getAuthenticationDetails(AuthenticationContinuation authenticationContinuation, String username)
        {
            AuthenticationDetails authDetails = new AuthenticationDetails(username, password, null);
            authDetails.setAuthenticationType(CognitoServiceConstants.CHLG_TYPE_USER_PASSWORD);
            authenticationContinuation.setAuthenticationDetails(authDetails);
            authenticationContinuation.continueTask();
        }

Auth request will be sent without "SECRET_HASH" property set, which leads to "...NotAuthorizedException: Unable to verify secret hash for client..." exception.

• Please include a stacktrace if applicable.

com.amazonaws.services.cognitoidentityprovider.model.NotAuthorizedException: Unable to verify secret hash for client iDontWantToShareClint (Service: AmazonCognitoIdentityProvider; Status Code: 400; Error Code: NotAuthorizedException; Request ID: 1616d336-7d20-11e8-aa2a-79a1678c9988)
      at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:730)
      at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:405)
      at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:212)
      at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.invoke(AmazonCognitoIdentityProviderClient.java:5200)
      at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.initiateAuth(AmazonCognitoIdentityProviderClient.java:3580)
      at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.startWithUserPasswordAuth(CognitoUser.java:2571)
      at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.initiateUserAuthentication(CognitoUser.java:773)
      at com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.AuthenticationContinuation.continueTask(AuthenticationContinuation.java:115)
      at com.shutterfly.android.commons.usersession.providers.CognitoAuthentication$LoginHandler.getAuthenticationDetails(CognitoAuthentication.java:192)
      at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getSession(CognitoUser.java:744)
      at com.shutterfly.android.commons.usersession.providers.CognitoAuthentication.login(CognitoAuthentication.java:86)
      at com.shutterfly.android.commons.usersession.AuthDataManager.loginSync(AuthDataManager.java:574)
      at com.shutterfly.android.commons.usersession.AuthDataManager.lambda$login$1$AuthDataManager(AuthDataManager.java:532)
      at com.shutterfly.android.commons.usersession.AuthDataManager$$Lambda$1.run(Unknown Source:24)
      at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:457)
      at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1162)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:636)
      at java.lang.Thread.run(Thread.java:764)

If you need help with understanding how to implement something in particular then we suggest that you first look into our developer guide. You can also simplify your process of creating an application by using Mobile Hub.

[minbi]

A fix has been released in version 2.6.24

[usmanrana07]

Error is still producing even in 2.13.1.

[minbi]

Hi @usmanrana07 ,

Can you provide a stacktrace or details about the reproduction? Is it the same as the original problem stacktrace?

[usmanrana07]

@minbi here I've added the of producing issue steps:
#889

[minbi]

@usmanrana07 , The team will follow up with you on your new issue.

This is a closed issue, feel free to create an issue so that we can better track it's progression. Closed issues are not generally monitored.