AWS Cognito android unauthenticated credentials issue

1
votes

I am trying to integrate a Cognito identity pool with an android application and firstly need to be able to access AWS resources from an unauthenticated user. I am using the sample code provided in the Cognito console but when I try to run that section I keep getting errors. I have created a sandbox environment with only one button and all it is doing is running the code provided by the Cognito console.

Here is the code:

CognitoCachingCredentialsProvider credentialsProvider = new CognitoCachingCredentialsProvider(
    getApplicationContext(),
    "[IDENTITYPOOLID]", // Identity pool ID
    Regions.US_EAST_1 // Region
);

Here are the errors:

I/AWSKeyValueStore: Detected Android API Level = 30
    Creating the AWSKeyValueStore with key for sharedPreferencesForData = com.amazonaws.android.auth
E/AWSKeyValueStore: com.amazonaws.internal.keyvaluestore.KeyNotFoundException: Error occurred while accessing AndroidKeyStore to retrieve the key for keyAlias: com.amazonaws.android.auth.aesKeyStoreAlias
I/AWSKeyValueStore: Deleting the encryption key identified by the keyAlias: com.amazonaws.android.auth.aesKeyStoreAlias
E/AWSKeyValueStore: Error in retrieving the decryption key used to decrypt the data from the persistent store. Returning null for the requested dataKey = [IDENTITYPOOLID].identityId
D/CognitoCachingCredentia: Loading credentials from SharedPreferences
E/AWSKeyValueStore: com.amazonaws.internal.keyvaluestore.KeyNotFoundException: Error occurred while accessing AndroidKeyStore to retrieve the key for keyAlias: com.amazonaws.android.auth.aesKeyStoreAlias
I/AWSKeyValueStore: Deleting the encryption key identified by the keyAlias: com.amazonaws.android.auth.aesKeyStoreAlias
E/AWSKeyValueStore: Error in retrieving the decryption key used to decrypt the data from the persistent store. Returning null for the requested dataKey = [IDENTITYPOOLID].expirationDate
E/AWSKeyValueStore: com.amazonaws.internal.keyvaluestore.KeyNotFoundException: Error occurred while accessing AndroidKeyStore to retrieve the key for keyAlias: com.amazonaws.android.auth.aesKeyStoreAlias
I/AWSKeyValueStore: Deleting the encryption key identified by the keyAlias: com.amazonaws.android.auth.aesKeyStoreAlias
E/AWSKeyValueStore: Error in retrieving the decryption key used to decrypt the data from the persistent store. Returning null for the requested dataKey = [IDENTITYPOOLID].identityId

All other questions and documentation with the same errors have not provided a solution that works.

Android studio: 4.0

Emulators tried:

Pixel 3 XL API 30
Pixel 2 API 27

Gradle dependencies:

    implementation 'com.amazonaws:aws-android-sdk-cognitoidentityprovider:2.16.12'
    implementation 'com.amazonaws:aws-android-sdk-core:2.16.12'

Identity Pool has access to unauthenticated identities enabled and a role associated with the unauthenticated identities. Please advise on how to get the credentialsProvider working for use with other AWS services from an Identity Pool.

1
javaandroidamazon-web-servicesamazon-cognito

1 Answers

1
votes

I encountered same issue

020-10-03 08:07:14.759 11293-11293/com.example.uandus I/AWSKeyValueStore: Creating the AWSKeyValueStore with key for sharedPreferencesForData = com.amazonaws.android.auth 2020-10-03 08:07:14.772 11293-11293/com.example.uandus E/AWSKeyValueStore: com.amazonaws.internal.keyvaluestore.KeyNotFoundException: Error occurred while accessing AndroidKeyStore to retrieve the key for keyAlias: com.amazonaws.android.auth.aesKeyStoreAlias

Following are things I did which worked for me:

  1. Missing details in aws configuration file. Make sure you have awsconfiguration.json in app/res/raw and have following content

    { "Version": "0.1.0", "IdentityManager": { "Default": {} }, "CredentialsProvider": { "CognitoIdentity": { "Default": { "PoolId": "us-east-1:XXXXX", "Region": "us-east-1" } } }, "CognitoUserPool": { "Default": { "AppClientId": "XXXXX", "PoolId": "us-east-1_XXXXX", "Region": "us-east-1" } } }

Please replace XXX with actual values, you must have these in aws console and search for cognito, you should see Manage user pool and Manage identity pool, if you haven't created please create user pool and pool and then enter identify poolid and user pool poolid and c lientid details in your aws configuration file

  1. If may probably get below error

    Process: com.example.uandus, PID: 15529 android.os.NetworkOnMainThreadException at android.os.StrictMode$AndroidBlockGuardPolicy.

Make sure you below code before hitting dynamodb or any aws service

  int SDK_INT = android.os.Build.VERSION.SDK_INT;
    if (SDK_INT > 8)
    {
        StrictMode.ThreadPolicy policy = new StrictMode.ThreadPolicy.Builder()
                .permitAll().build();
        StrictMode.setThreadPolicy(policy);
    }

These options worked for me.