Session issue : No cached session about aws-sdk-android HOT 10 OPEN

If I interogate the SDK like this after I get that error and warnings I have this results:

AWSMobileClient.getInstance().getUsername() - same like before getting the error
AWSMobileClient.getInstance().isSignedIn() - true
AWSMobileClient.getInstance().getIdentityId() - another identity

from aws-sdk-android.

I have more information about this issue:
-appear after 1H when the aws should refresh the session.
-in UserStateDetails there is a exception but that method is protected and you can not interogate the skd
to see if is null or not.

As you can see in image the state for user is SIGNED_IN but there no good session also
if I as for AWSMobileClient.getInstance().getIdentityId() now I have a new one instead the real one.
What I see here the SDK is not changing the user state into GUEST or SIGNED_OUT.

I tried also to intercept that exception but is not working:

public boolean isSessionExpired() {
UserStateDetails userState;
try {
userState = AWSMobileClient.getInstance().currentUserState();
} catch (Exception ex) {
return true;
}
........

Is weird because in SDK there is a catch
@workerthread
public UserStateDetails currentUserState() {
try {
return _currentUserState().await();
} catch (Exception e) {
throw new RuntimeException("Failed to retrieve user state.", e);
}
}
but is not going into catch block.

So I have no idea how to manage this situation @tylerjroach, do you have a suggestion for me?

from aws-sdk-android.

Hi @lolucosmin ,

Thanks for reaching out, we will take a look into the issue and provide updates here.

from aws-sdk-android.

@lolucosmin Huewei devices may be tricky.Are these older devices with Google Play Services, or the newer Huewei devices withouth Google support.

I'm afraid these devices look like they do not appear to have proper Android KeyStore implementations.

Error in decrypting data. javax.crypto.AEADBadTagException
at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517)
at javax.crypto.Cipher.doFinal(Cipher.java:2055)```

This crash is coming directly from OS KeyStore implementation.

from aws-sdk-android.

@lolucosmin Huewei devices may be tricky.Are these older devices with Google Play Services, or the newer Huewei devices withouth Google support.

I'm afraid these devices look like they do not appear to have proper Android KeyStore implementations.

Error in decrypting data. javax.crypto.AEADBadTagException
at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517)
at javax.crypto.Cipher.doFinal(Cipher.java:2055)```

This crash is coming directly from OS KeyStore implementation.

Indeed, there are 2 types with Google Services and without, I tested on devices(4 devices) without Google Services and on all of them I have same issue, the sign in is successful but after 1h no session refresh.

But I have a question related to AWSMobileClient SDK.
Why there int this function is a catch if you want to throw that exception? Also why that exception from my image above is not
in state of user? At least if it will be in state of user we can check that variable.
@workerthread
public UserStateDetails currentUserState() {
try {
return _currentUserState().await();
} catch (Exception e) {
throw new RuntimeException("Failed to retrieve user state.", e);
}
}

from aws-sdk-android.

@tylerjroach any news related to this issue?

from aws-sdk-android.

@lolucosmin Are you only seeing this on Huewei devices? And if so, is it all Huewei devices you have tested. We have a Huewei device we can attempt to test with to see if we can replicate the issue.

from aws-sdk-android.

@lolucosmin Are you only seeing this on Huewei devices? And if so, is it all Huewei devices you have tested. We have a Huewei device we can attempt to test with to see if we can replicate the issue.

Hi @tylerjroach , so our app is using aws login system and we have a lot of users for our app which has Huawei devices, almost every day we are getting complains about this issue. This issue appear on both types of devices: devices without google services which is very easy to reproduce it, because appear every 1H. For the other types looks like this issue is randomly. But main purpose is to find a fix for that devices which has no google services to make a better experience for our users.

Thx.

from aws-sdk-android.

@tylerjroach any news about this issue? I see "No one assigned" and is a old one and is important.

from aws-sdk-android.

We do not have a path forward for a fix at the moment.

AWS Android SDK and Amplify both use the Android KeyStore, although they each have different implementations. Amplify v2 uses EncryptedSharedPreferences library from Google.

These devices appear to have problematic implementations of the Android KeyStore. A functioning KeyStore is critical to securely encrypt data at rest on the device. We have no way to work around it.

from aws-sdk-android.