chore(auth): Add more verbose logging for easier debugging (#2713)

Author: royjit

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Operations/Helpers/FetchAuthSessionOperationHelper.swift

@@ -8,7 +8,7 @@
 import Foundation
 import Amplify
 
-class FetchAuthSessionOperationHelper {
+class FetchAuthSessionOperationHelper: DefaultLogger {
 
     static let expiryBufferInSeconds = TimeInterval.seconds(2 * 60)
 
@@ -23,20 +23,26 @@ class FetchAuthSessionOperationHelper {
             throw error
         }
 
+        log.verbose("Fetching current state")
         switch authorizationState {
         case .configured:
             // If session has not been established, ask statemachine to invoke fetching
             // a fresh session.
+            log.verbose("No session found, fetching unauth session")
             let event = AuthorizationEvent(eventType: .fetchUnAuthSession)
             await authStateMachine.send(event)
             return try await listenForSession(authStateMachine: authStateMachine)
+
         case .sessionEstablished(let credentials):
+            log.verbose("Session exists, checking validity")
             return try await postAuthSessionEvent(
                 forCredential: credentials,
                 authStateMachine: authStateMachine,
                 forceRefresh: forceRefresh)
+
         case .error(let error):
             if case .sessionExpired = error {
+                log.verbose("Session is expired")
                 let session = AuthCognitoSignedInSessionHelper.makeExpiredSignedInSession()
                 return session
             } else if case .sessionError(_, let credentials) = error {
@@ -45,6 +51,7 @@ class FetchAuthSessionOperationHelper {
                     authStateMachine: authStateMachine,
                     forceRefresh: forceRefresh)
             } else {
+                log.verbose("Session is in error state \(error)")
                 let event = AuthorizationEvent(eventType: .fetchUnAuthSession)
                 await authStateMachine.send(event)
                 return try await listenForSession(authStateMachine: authStateMachine)
@@ -114,6 +121,7 @@ class FetchAuthSessionOperationHelper {
     func listenForSession(authStateMachine: AuthStateMachine) async throws -> AuthSession {
 
         let stateSequences = await authStateMachine.listen()
+        log.verbose("Waiting for session to establish")
         for await state in stateSequences {
             guard case .configured(let authenticationState, let authorizationState) = state  else {
                 let message = "Auth state machine not in configured state: \(state)"
@@ -138,6 +146,7 @@ class FetchAuthSessionOperationHelper {
     func sessionResultWithError(_ error: AuthorizationError,
                                 authenticationState: AuthenticationState)
     throws -> AuthSession {
+        log.verbose("Received error - \(error)")
 
         var isSignedIn = false
         if case .signedIn = authenticationState {

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Operations/Helpers/HostedUISignInHelper.swift

@@ -8,7 +8,7 @@
 import Foundation
 import Amplify
 
-struct HostedUISignInHelper {
+struct HostedUISignInHelper: DefaultLogger {
 
     let request: AuthWebUISignInRequest
 
@@ -26,11 +26,13 @@ struct HostedUISignInHelper {
 
     func initiateSignIn() async throws -> AuthSignInResult {
         try await isValidState()
+        log.verbose("Start signIn flow")
         return try await doSignIn()
     }
 
     func isValidState() async throws {
         let stateSequences = await authStateMachine.listen()
+        log.verbose("Wait for a valid state")
         for await state in stateSequences {
             guard case .configured(let authenticationState, _) = state else {
                 continue
@@ -70,6 +72,7 @@ struct HostedUISignInHelper {
         }
         let stateSequences = await authStateMachine.listen()
         await sendSignInEvent(oauthConfiguration: oauthConfiguration)
+        log.verbose("Wait for signIn to complete")
         for await state in stateSequences {
             guard case .configured(let authNState,
                                    let authZState) = state else { continue }
@@ -128,7 +131,9 @@ struct HostedUISignInHelper {
     }
 
     private func waitForSignInCancel() async {
+        log.verbose("Sending cancel signIn")
         await sendCancelSignInEvent()
+        log.verbose("Wait for signIn to cancel")
         let stateSequences = await authStateMachine.listen()
         for await state in stateSequences {
             guard case .configured(let authenticationState, _) = state else {

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Support/Helpers/UserPoolSignInHelper.swift

@@ -9,29 +9,40 @@ import Foundation
 import Amplify
 import AWSCognitoIdentityProvider
 
-struct UserPoolSignInHelper {
+struct UserPoolSignInHelper: DefaultLogger {
 
     static func checkNextStep(_ signInState: SignInState)
     throws -> AuthSignInResult? {
 
+        log.verbose("Checking next step for: \(signInState)")
+
         if case .signingInWithSRP(let srpState, _) = signInState,
            case .error(let signInError) = srpState {
             return try validateError(signInError: signInError)
+
         } else if case .signingInWithSRPCustom(let srpState, _) = signInState,
                   case .error(let signInError) = srpState {
             return try validateError(signInError: signInError)
+
         } else if case .signingInViaMigrateAuth(let migratedAuthState, _) = signInState,
                   case .error(let signInError) = migratedAuthState {
             return try validateError(signInError: signInError)
+
         } else if case .signingInWithCustom(let customAuthState, _) = signInState,
                   case .error(let signInError) = customAuthState {
             return try validateError(signInError: signInError)
-        } else if case .resolvingChallenge(let challengeState, let challengeType, _) = signInState,
-                  case .waitingForAnswer(let challenge, _) = challengeState {
-            return try validateResult(for: challengeType, with: challenge)
+
         } else if case .signingInWithHostedUI(let hostedUIState) = signInState,
                   case .error(let hostedUIError) = hostedUIState {
             return try validateError(signInError: hostedUIError)
+
+        } else if case .resolvingChallenge(let challengeState, _, _) = signInState,
+                  case .error(_, _, let signInError) = challengeState {
+            return try validateError(signInError: signInError)
+
+        } else if case .resolvingChallenge(let challengeState, let challengeType, _) = signInState,
+                  case .waitingForAnswer(let challenge, _) = challengeState {
+            return try validateResult(for: challengeType, with: challenge)
         }
         return nil
     }

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Task/AWSAuthChangePasswordTask.swift

@@ -10,7 +10,7 @@ import Amplify
 import AWSPluginsCore
 import AWSCognitoIdentityProvider
 
-class AWSAuthChangePasswordTask: AuthChangePasswordTask {
+class AWSAuthChangePasswordTask: AuthChangePasswordTask, DefaultLogger {
     typealias CognitoUserPoolFactory = () throws -> CognitoUserPoolBehavior
 
     private let request: AuthChangePasswordRequest
@@ -33,10 +33,12 @@ class AWSAuthChangePasswordTask: AuthChangePasswordTask {
     }
 
     func execute() async throws {
+        log.verbose("Starting execution")
         do {
             await taskHelper.didStateMachineConfigured()
             let accessToken = try await taskHelper.getAccessToken()
             try await changePassword(with: accessToken)
+            log.verbose("Received success")
         } catch let error as ChangePasswordOutputError {
             throw error.authError
         } catch let error {
@@ -46,7 +48,9 @@ class AWSAuthChangePasswordTask: AuthChangePasswordTask {
 
     func changePassword(with accessToken: String) async throws {
         let userPoolService = try userPoolFactory()
-        let input = ChangePasswordInput(accessToken: accessToken, previousPassword: request.oldPassword, proposedPassword: request.newPassword)
+        let input = ChangePasswordInput(accessToken: accessToken,
+                                        previousPassword: request.oldPassword,
+                                        proposedPassword: request.newPassword)
         _ = try await userPoolService.changePassword(input: input)
     }
 }

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Task/AWSAuthClearFederationToIdentityPoolTask.swift

@@ -18,7 +18,8 @@ public extension HubPayload.EventName.Auth {
     static let clearedFederationToIdentityPoolAPI = "Auth.federationToIdentityPoolCleared"
 }
 
-public class AWSAuthClearFederationToIdentityPoolTask: AuthClearFederationToIdentityPoolTask {
+public class AWSAuthClearFederationToIdentityPoolTask: AuthClearFederationToIdentityPoolTask,
+                                                       DefaultLogger {
     private let authStateMachine: AuthStateMachine
     private let clearFederationHelper: ClearFederationOperationHelper
     private let taskHelper: AWSAuthTaskHelper
@@ -34,7 +35,10 @@ public class AWSAuthClearFederationToIdentityPoolTask: AuthClearFederationToIden
     }
 
     public func execute() async throws {
+        log.verbose("Starting execution")
         await taskHelper.didStateMachineConfigured()
-        return try await clearFederationHelper.clearFederation(authStateMachine)
+        try await clearFederationHelper.clearFederation(authStateMachine)
+        log.verbose("Cleared federation")
+        return
     }
 }

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Task/AWSAuthConfirmResetPasswordTask.swift

@@ -11,7 +11,7 @@ import AWSPluginsCore
 import ClientRuntime
 import AWSCognitoIdentityProvider
 
-class AWSAuthConfirmResetPasswordTask: AuthConfirmResetPasswordTask {
+class AWSAuthConfirmResetPasswordTask: AuthConfirmResetPasswordTask, DefaultLogger {
     private let request: AuthConfirmResetPasswordRequest
     private let environment: AuthEnvironment
     private let authConfiguration: AuthConfiguration
@@ -27,10 +27,12 @@ class AWSAuthConfirmResetPasswordTask: AuthConfirmResetPasswordTask {
     }
 
     func execute() async throws {
+        log.verbose("Starting execution")
         if let validationError = request.hasError() {
             throw validationError
         }
         do {
+            
             try await confirmResetPassword()
         } catch let error as ConfirmForgotPasswordOutputError {
             throw error.authError

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Task/AWSAuthConfirmSignInTask.swift

@@ -8,7 +8,7 @@ import Foundation
 import Amplify
 import AWSPluginsCore
 
-class AWSAuthConfirmSignInTask: AuthConfirmSignInTask {
+class AWSAuthConfirmSignInTask: AuthConfirmSignInTask, DefaultLogger {
 
     private let request: AuthConfirmSignInRequest
     private let authStateMachine: AuthStateMachine
@@ -29,7 +29,7 @@ class AWSAuthConfirmSignInTask: AuthConfirmSignInTask {
     }
 
     func execute() async throws -> AuthSignInResult {
-
+        log.verbose("Starting execution")
         await taskHelper.didStateMachineConfigured()
 
         //Check if we have a user pool configuration
@@ -48,8 +48,6 @@ class AWSAuthConfirmSignInTask: AuthConfirmSignInTask {
             "User is not attempting signIn operation",
             AuthPluginErrorConstants.invalidStateError, nil)
 
-
-
         guard case .configured(let authNState, _) = await authStateMachine.currentState,
               case .signingIn(let signInState) = authNState,
               case .resolvingChallenge(let challengeState, _, _) = signInState else {
@@ -58,12 +56,14 @@ class AWSAuthConfirmSignInTask: AuthConfirmSignInTask {
 
         switch challengeState {
         case .waitingForAnswer, .error:
+            log.verbose("Sending confirm signIn event: \(challengeState)")
             await sendConfirmSignInEvent()
         default:
             throw invalidStateError
         }
 
         let stateSequences = await authStateMachine.listen()
+        log.verbose("Waiting for response")
         for await state in stateSequences {
                guard case .configured(let authNState, let authZState) = state else {
                    continue
@@ -72,38 +72,17 @@ class AWSAuthConfirmSignInTask: AuthConfirmSignInTask {
                case .signedIn:
                    if case .sessionEstablished = authZState {
                        return AuthSignInResult(nextStep: .done)
+                   } else {
+                       log.verbose("Signed In, waiting for authorization to complete")
                    }
                case .error(let error):
                    throw AuthError.unknown("Sign in reached an error state", error)
 
                case .signingIn(let signInState):
-                   if case .resolvingChallenge(let challengeState, _, _) = signInState,
-                      case .error(_, _, let signInError) = challengeState {
-                       let authError = signInError.authError
-                       if case .service(_, _, let serviceError) = authError,
-                          let cognitoError = serviceError as? AWSCognitoAuthError,
-                          case .passwordResetRequired = cognitoError {
-                           return AuthSignInResult(nextStep: .resetPassword(nil))
-
-                       } else if case .service(_, _, let serviceError) = authError,
-                                 let cognitoError = serviceError as? AWSCognitoAuthError,
-                                 case .userNotConfirmed = cognitoError {
-                           return AuthSignInResult(nextStep: .confirmSignUp(nil))
-                       } else {
-                           throw authError
-                       }
-                   } else if case .resolvingChallenge(let challengeState, _, _) = signInState {
-                       switch challengeState {
-                       case .waitingForAnswer:
-                           guard let result = try UserPoolSignInHelper.checkNextStep(signInState) else {
-                               continue
-                           }
-                           return result
-
-                       default:
-                           continue
-                       }
+                   guard let result = try UserPoolSignInHelper.checkNextStep(signInState) else {
+                       continue
                    }
+                   return result
                case .notConfigured:
                    throw AuthError.configuration(
                     "UserPool configuration is missing",

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Task/AWSAuthConfirmSignUpTask.swift

@@ -9,7 +9,7 @@ import Foundation
 import Amplify
 import AWSCognitoIdentityProvider
 
-class AWSAuthConfirmSignUpTask: AuthConfirmSignUpTask {
+class AWSAuthConfirmSignUpTask: AuthConfirmSignUpTask, DefaultLogger {
 
     private let request: AuthConfirmSignUpRequest
     private let authEnvironment: AuthEnvironment
@@ -24,17 +24,18 @@ class AWSAuthConfirmSignUpTask: AuthConfirmSignUpTask {
     }
 
     func execute() async throws -> AuthSignUpResult {
+        log.verbose("Starting execution")
         try request.hasError()
         let userPoolEnvironment = authEnvironment.userPoolEnvironment
         do {
-
             let metadata = (request.options.pluginOptions as? AWSAuthConfirmSignUpOptions)?.metadata
             let client = try userPoolEnvironment.cognitoUserPoolFactory()
             let input = ConfirmSignUpInput(username: request.username,
                                            confirmationCode: request.code,
                                            clientMetadata: metadata,
                                            environment: userPoolEnvironment)
             _ = try await client.confirmSignUp(input: input)
+            log.verbose("Received success")
             return AuthSignUpResult(.done)
         } catch let error as AuthError {
             throw error

AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Task/AWSAuthDeleteUserTask.swift

@@ -9,7 +9,7 @@ import Foundation
 import Amplify
 import AWSPluginsCore
 
-class AWSAuthDeleteUserTask: AuthDeleteUserTask {
+class AWSAuthDeleteUserTask: AuthDeleteUserTask, DefaultLogger {
     private let authStateMachine: AuthStateMachine
     private let taskHelper: AWSAuthTaskHelper
     private let configuration: AuthConfiguration
@@ -26,12 +26,15 @@ class AWSAuthDeleteUserTask: AuthDeleteUserTask {
     }
 
     func execute() async throws {
+        log.verbose("Starting execution")
         await taskHelper.didStateMachineConfigured()
         let accessToken = try await taskHelper.getAccessToken()
 
         do {
             try  await deleteUser(with: accessToken)
+            log.verbose("Received Success")
         } catch {
+            log.verbose("Delete user failed, reconfiguring auth state. \(error)")
             await waitForReConfigure()
             throw error
         }
@@ -41,6 +44,7 @@ class AWSAuthDeleteUserTask: AuthDeleteUserTask {
         let stateSequences = await authStateMachine.listen()
         let deleteUserEvent = DeleteUserEvent(eventType: .deleteUser(token))
         await authStateMachine.send(deleteUserEvent)
+        log.verbose("Waiting for delete user to complete")
         for await state in stateSequences {
             guard case .configured(let authNState, _) = state else {
                 let error = AuthError.invalidState("Auth state should be in configured state and authentication state should be in deleting user state", AuthPluginErrorConstants.invalidStateError, nil)
@@ -63,6 +67,7 @@ class AWSAuthDeleteUserTask: AuthDeleteUserTask {
     }
 
     private func waitForReConfigure() async {
+
         let event = AuthEvent(eventType: .reconfigure(configuration))
         await authStateMachine.send(event)
         await taskHelper.didStateMachineConfigured()