Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Apple External Identity Provider Missing Email Attribute #2374

Open
Jagalite opened this issue Dec 29, 2024 · 1 comment
Open

Apple External Identity Provider Missing Email Attribute #2374

Jagalite opened this issue Dec 29, 2024 · 1 comment
Labels
auth Issue pertaining to Amplify Auth pending-response Issue is pending response from author pending-triage Incoming issues that need categorization

Comments

@Jagalite
Copy link

Environment information

macOS 14.6.1
  CPU: (8) arm64 Apple M1
  Memory: 153.16 MB / 8.00 GB
  Shell: /bin/zsh
Binaries:
  Node: 23.5.0 - ~/.nvm/versions/node/v23.5.0/bin/node
  Yarn: undefined - undefined
  npm: 10.9.2 - ~/.nvm/versions/node/v23.5.0/bin/npm
  pnpm: undefined - undefined
NPM Packages:
  @aws-amplify/auth-construct: Not Found
  @aws-amplify/backend: Not Found
  @aws-amplify/backend-auth: Not Found
  @aws-amplify/backend-cli: Not Found
  @aws-amplify/backend-data: Not Found
  @aws-amplify/backend-deployer: Not Found
  @aws-amplify/backend-function: Not Found
  @aws-amplify/backend-output-schemas: Not Found
  @aws-amplify/backend-output-storage: Not Found
  @aws-amplify/backend-secret: Not Found
  @aws-amplify/backend-storage: Not Found
  @aws-amplify/cli-core: Not Found
  @aws-amplify/client-config: Not Found
  @aws-amplify/deployed-backend-client: Not Found
  @aws-amplify/form-generator: Not Found
  @aws-amplify/model-generator: Not Found
  @aws-amplify/platform-core: Not Found
  @aws-amplify/plugin-types: Not Found
  @aws-amplify/sandbox: Not Found
  @aws-amplify/schema-generator: Not Found
  aws-amplify: Not Found
  aws-cdk: Not Found
  aws-cdk-lib: Not Found
  typescript: Not Found
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!                                                                                                                      !!
!!  This software has not been tested with node v23.5.0.                                                                !!
!!  Should you encounter odd runtime issues, please try using one of the supported release before filing a bug report.  !!
!!                                                                                                                      !!
!!  This software is currently running on node v23.5.0.                                                                 !!
!!  As of the current release of this software, supported node releases are:                                            !!
!!  - ^22.0.0 (Planned end-of-life: 2027-04-30)                                                                         !!
!!  - ^20.0.0 (Planned end-of-life: 2026-04-30)                                                                         !!
!!  - ^18.0.0 (Planned end-of-life: 2025-04-30)                                                                         !!
!!                                                                                                                      !!
!!  This warning can be silenced by setting the JSII_SILENCE_WARNING_UNTESTED_NODE_VERSION environment variable.        !!
!!                                                                                                                      !!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
AWS environment variables:
  AWS_STS_REGIONAL_ENDPOINTS = regional
  AWS_NODEJS_CONNECTION_REUSE_ENABLED = 1
  AWS_SDK_LOAD_CONFIG = 1
No CDK environment variables

Describe the bug

When first creating resources, it created a cognito userpool setting email as required.

This is no good when signing in with Apple, as only the first time sign in will Apple send the email. Any subsequent log ins will fail because cognito will try to map the incoming email attribute to the cognito attribute.

Even when creating a new cognito user pool, you can select required username, but it also requires an email or phone.

Perhaps implement the following:

  • Update the Gen 2 docs auth/identity provider specifying this issue (more info in warning).
  • Disable signInWithApple support until this is addressed.
  • Amplify to create a cognito pre-trigger lambda to be able to put a fake/placeholder email address during the sign-on process.

Reproduction steps

Deploy a Gen 2 App following this: https://docs.amplify.aws/react/build-a-backend/auth/concepts/external-identity-providers/.

Use with signInWithApple.

First login will work, but any subsequent will fail.
@Jagalite Jagalite added the pending-triage Incoming issues that need categorization label Dec 29, 2024
@ykethan
Copy link
Member

ykethan commented Dec 30, 2024

Hey @Jagalite, thank you for reaching out. The issue appears to be similar to aws-amplify/amplify-js#14019 and https://forums.developer.apple.com/forums/thread/649760

Does the Apple developer settings currently have private relay setup?
Additionally, could you let us know if there are any attribute currently being setup as required?

@ykethan ykethan added pending-response Issue is pending response from author auth Issue pertaining to Amplify Auth labels Dec 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auth Issue pertaining to Amplify Auth pending-response Issue is pending response from author pending-triage Incoming issues that need categorization
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Jagalite @ykethan