-
Notifications
You must be signed in to change notification settings - Fork 594
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AWS Cognito client SDK v3 returns 'byteLength' of undefined when running Admin disable user command #2160
Comments
I also had an issue with the same error message when using the identity provider to assumeRoles with mfaProvider codes. The bug for me was that the STS AssumeRole command returns capital case keys as Full Sample Code:import { STSClient, AssumeRoleCommand } from "@aws-sdk/client-sts";
import { Credentials } from "@aws-sdk/types";
import { AssumeRoleParams } from "@aws-sdk/credential-provider-ini";
import { fromIni } from "@aws-sdk/credential-provider-ini";
import {
DynamoDBClient,
ListTablesCommand,
ListTablesCommandOutput,
} from "@aws-sdk/client-dynamodb";
export const roleAssumer = async (
sourceCredentials: Credentials,
params: AssumeRoleParams
): Promise<Credentials> => {
const client = new STSClient({
region: "eu-west-2",
credentials: sourceCredentials,
});
const command = new AssumeRoleCommand(params);
const response = await client.send(command);
// Here the keys must be remapped or I get the error `byteLength` of undefined when assuming roles.
return {
...response.Credentials,
accessKeyId: response.Credentials.AccessKeyId,
secretAccessKey: response.Credentials.SecretAccessKey,
sessionToken: response.Credentials.SessionToken,
};
};
const credentials = fromIni({
profile,
roleAssumer,
mfaCodeProvider: (mfaSerial: string): Promise<string> => {
return new Promise((resolve) => resolve(mfaCode));
},
});
console.info("Credentials", { credentials });
const client = new DynamoDBClient({
region: "eu-west-2",
credentials,
logger: console,
});
result = await client.send(new ListTablesCommand({ Limit: 10 })); Looking at the credentials type in the provider you mention, the keys are listed as Capital keys: aws-sdk-js-v3/clients/client-cognito-identity/models/models_0.ts Lines 501 to 521 in 5d9bc5f
I believe then the error arises when the HMAC verification between the session token and the AWS access keys is trigger. This is why we ended up on with the same error in separate modules. |
still no luck with this unfortunately |
Wish I had read this GitHub issue earlier... same issue for me ( Suggest either updating the SDK to return both upper and lower case props (only returns upper currently) or make a change in the following code (of course there could be additional places to update we haven't discovered yet). These seem to be the offending lines (32,33) in
|
This may have been addressed by #2221 as the default role assumer for services is performing the remapping t the downcased keys. |
@simonireilly will have to test it and then update the issue. Any idea of the release data of this merge? |
@Monir-Shembesh it is out already, you need to upgrade to v3.12.0 👍 |
I have commented out my remapping and installed all 3.12.0 versions and the 'byteLength' issue still persists. One noted difference is I am using the 'AssumeRoleWithSAMLCommand' command. |
Hi @Monir-Shembesh, I am not quite able to reproduce the issue, I just use the commands. Is it a persisting issue with latest version of the SDK? |
hi @ajredniwja, yes it is still. Tbh I just went back to using V2 of the SDK as I have tried multiple solutions and nothing worked. EDIT 1: Typos |
I had a similar issue with V3 and I was setting the credentials like how you were doing it: const aws_creds = {
accessKeyId: process.env.ACCESS_KEY_ID,
secretAccessKey: process.env.SECRET_ACCESS_KEY,
}; What solved the issue for me was to use the environment variables keys With that said, you won't need to pass the credentials when instantiating your |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread. |
Describe the bug
I am trying to disable users from my node JS backend using the AWS SDK v3. everything works normally except for the disable/enable user command.
Your environment
SDK version number
"@aws-sdk/client-cognito-identity-provider": "^3.8.1",
Is the issue in the browser/Node.js/ReactNative?
Node.js
Details of the browser/Node.js/ReactNative version
v14.16.0
Steps to reproduce
Then in my route I am running this try / catch block
Observed behavior
Returns the following error
Expected behavior
returns '200' and user is either disabled or enabled
Additional context
The Disable/Enable feature works normally in v2 of the SDK but for some reason it is not in V3. Every other command I tried worked normally like its intended to but these two.
The text was updated successfully, but these errors were encountered: