Multi-Auth with IAM provider for public access not working #3136
Comments
sebaland
added
datastore
|
Thanks for opening this issue. The team will investigate and get back to you as soon as we have more information. |
|
Hi @tobias-feldmann, could you confirm if your auth userpool is configured to allow for unauthenticated users? You can do this by checking the |
|
Hi @alharris-at, yes allowUnauthenticatedIdentities is set to true in the cli-inputs.json. If I use API_KEY instead of IAM for unauthenticated users it works for me. |
|
Hello, I am experiencing that when the schema is only However, when the schema is both We will post here with updates. Thank you for your patience with this. |
|
Fix has been merged. We will update here once it is released. |
|
@tobias-feldmann Please check the latest release for an update. https://github.com/aws-amplify/amplify-swift/releases/tag/2.18.2 |
|
@thisisabhash Great, thank you very much for the fix. The unauthorized errors should be OK because this concerns the models of the authorized users. However, the error: "DataStoreError: An error occurred syncing Guest..." should not be there. The guest model should be able to be synchronized. To better understand the log: User, UserTask, UserProject, TaskHistory => @auth (rules: [ { allow: owner } ]) |
|
Hello, Would you be able to share your schema so that I can try to reproduce it? Also, could you collect and paste the before calling On the off chance, are you using SyncExpressions? |
|
Hi @thisisabhash Here is the complete init code: and here the complete log when I saved the guest model with SyncExpressions and the app comes out of the background. So here it no longer works: |
|
The Github notify action didn't work because the log was too long. |
|
Hello, Thank you for the update and your patience with this. We will investigate it and post further updates in this thread. |
|
I just wanted to share that I'm dealing with this as well. This is what I'm trying to query: type Question
@model
@auth(
rules: [
{ allow: owner }
{ allow: public, provider: iam, operations: [read] }
]
) {
id: ID!
title: String
body: String
user: User @belongsTo(fields: ["userId"])
userId: ID! @index(name: "byUser")
tags: [String]
createdAt: AWSDateTime
updatedAt: AWSDateTime
answers: [Answer] @hasMany(indexName: "byQuestion", fields: ["id"])
comments: [Comment] @hasMany(indexName: "byQuestion", fields: ["id"])
votes: [Vote] @hasMany(indexName: "byQuestion", fields: ["id"])
moderationActivities: [ModerationActivity]
@hasMany(indexName: "byQuestion", fields: ["id"])
bestAnswersIds: [ID]
netVoteCount: Int! @default(value: "0")
}I'm able to query this table successfully while authenticated, but without auth I get a 403 error. I am also properly passing the proper authMode with my query. |
|
I think the The fix is in 12.6.0 of the CLI. Can you try upgrading and see if that resolves the issue. |
|
@tobias-feldmann I can confirm that I am no longer seeing this issue in CLI v12.6.0 after upgrading from v12.4.0. Please upgrade to the latest version and let us know if you're still facing the issue. |
|
Great, now it works. :) |
|
Thanks @tobias-feldmann , I'm glad to hear that. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Since I upgraded from Amplify v1 to v2 the following use case doesn't work anymore:
I have 2 models:
Registered users use the Cognito user pool. Unauthenticated guests should be handled through the IAM provider.
When a user sign in via the user pool, the creation of a user model works.
However, the creation of the guest model via the IAM provider does not work for a guest without a login.
The model is created locally, but no sync to DynamoDB.
I don't use the API directly, only the DataStore.
IAM is defined as the default authorization type and additional Cognito user pool.
Conflict detection and auto merge is enabled.
If I use API_KEY as the default type without 'provider: iam' in the model, then it also works.
The DatastorePlugin is configured like this:
amplifyconfiguration.json file:
Steps To Reproduce
Expected behavior
It should be possible to handle models using different providers.
Amplify Framework Version
2.15.2
Amplify Categories
DataStore
Dependency manager
Swift PM
Swift version
5.8.1
CLI version
12.2.3
Xcode version
14.3.1
Relevant log output
No response
Is this a regression?
Yes
Regression additional context
No response
Platforms
iOS
OS Version
iOS 16.6
Device
iPhone14
Specific to simulators
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: