Social Sign In Redirect Error when there are multiple redirect_sign_in_uris and redirect_sign_out_uris #3078
Description
Before creating a new issue, please confirm:
- I have searched for duplicate or closed issues.
- I have read the guide for submitting bug reports.
Which UI component?
Authenticator
Gradle script dependencies
amplifyVersion = "2.27.3"
amplifyAuthenticatorVersion = "1.4.2"Environment information
# Put output below this line
------------------------------------------------------------
Gradle 8.11.1
------------------------------------------------------------
Build time: 2024-11-20 16:56:46 UTC
Revision: 481cb05a490e0ef9f8620f7873b83bd8a72e7c39
Kotlin: 2.0.20
Groovy: 3.0.22
Ant: Apache Ant(TM) version 1.10.14 compiled on August 16 2023
Launcher JVM: 17.0.4 (Amazon.com Inc. 17.0.4+8-LTS)
Daemon JVM: /Library/Java/JavaVirtualMachines/amazon-corretto-17.jdk/Contents/Home (no JDK specified, using current Java home)
OS: Mac OS X 15.4.1 aarch64
Please include any relevant guides or documentation you're referencing
https://docs.amplify.aws/android/build-a-backend/auth/connect-your-frontend/sign-in/
Describe the bug
I am setting up Sign In with Google on my Android app with AWS Amplify Gen 2. However, clicking the sign in with google button shows the below error:
This is the url that the sign in view opened
https://<domain>.auth.us-west-2.amazoncognito.com/error?error=redirect_mismatch&client_id=<client_id>
This issue is identical to this closed issue from 2019. That issue focuses on the case where the user has two redirct uris: myapp:// and localhost. In my case, this issue happens even if the other redirect URI is not localhost.
Reproduction steps (if applicable)
- Set up an Amplify project with social sign in and multiple redirect URIs in auth
export const auth = defineAuth({
loginWith: {
email: true,
externalProviders: {
signInWithApple: {
google: {
clientId: secret("GOOGLE_CLIENT_ID"),
clientSecret: secret("GOOGLE_CLIENT_SECRET"),
attributeMapping: {
email: ProviderAttribute.GOOGLE_EMAIL.attributeName,
fullname: ProviderAttribute.GOOGLE_NAME.attributeName,
givenName: ProviderAttribute.GOOGLE_GIVEN_NAME.attributeName,
profilePicture: ProviderAttribute.GOOGLE_PICTURE.attributeName,
},
scopes: ["email", "profile"],
},
callbackUrls: [
"myapp://callback/",
"http://localhost:5173/",
],
logoutUrls: [
"myapp://signout/",
"http://localhost:5173/",
],
},
},
});- The usual Amplify Gen 2 android setup
- Add a Google Sign In button
Authenticator(
footerContent = {
GoogleSignInButton( // I defined the google sign in button to be a button that does the below onClick
onClick = {
// Sign in with Google using Amplify
Amplify.Auth.signInWithSocialWebUI(
AuthProvider.google(),
this,
{ Log.i("AuthQuickstart", "Sign in OK: $it") },
{ Log.e("AuthQuickstart", "Sign in failed", it) }
)
},
modifier = Modifier.padding(16.dp)
)
}
) { state ->
HomeScreen(state)
}- Deploy the app and try clicking the sign in with google button. This will bring up the error screenshot I previously pasted.
- Remove the
localhostor any redirect URL from theauth/resource.tsthat is not the localmyappurl, and the social sign in works again.
Code Snippet
Included in reproduction steps
Log output
The authenticator component does not log anything that happens in the web interface.
The error URL is
https://<domain>.auth.us-west-2.amazoncognito.com/error?error=redirect_mismatch&client_id=<client_id>
amplifyconfiguration.json
No response
Additional information and screenshots
My app has an existing Swift and React web interface, both social sign in works. Only Android has this issue with social sign in.