AWS Cognito: “Unauthenticated access is not supported for this identity pool.”

Question

i am fighting with an issue "Unauthenticated access is not supported for this identity pool." from AWS Cognito in my Swift iOS Application. I previously used Firebase for authentication & storage and have decided to migrate to AWS Mobile Hud for reasons outside the scope of this question.

I use / have set up:

1. Amazon Mobile Hud to provision all services
2. AWS Cognito through Mobile Hud for Authentication / Identities
3. Facebook as Identity Provider activated
4. AWS DynamoDB activated in console but not yet used
5. AWS S3 activated in console but not yet used

I downloaded the sample app generated for my project and run it.

Through the sample app, I am able to successfully register / authenticate through Facebook and Cognito.

What works?: I have integrated all SDK/Frameworks of AWS into my project and am able to build successfully (note: all AWS frameworks are integrated through cocoapods, except 'AWSMobileHubHelper' as a static framework).

I can build the app and it opens

What does not work?: The app crashes immediately after opening up with the following crash log:

2017-02-13 15:43:49.825 dates[19823:463495] AWSiOSSDK v2.5.0 [Debug] AWSURLSessionManager.m line:566 | -[AWSURLSessionManager printHTTPHeadersForResponse:] | Response headers:
{
    Connection = "keep-alive";
    "Content-Length" = 111;
    "Content-Type" = "application/x-amz-json-1.1";
    Date = "Mon, 13 Feb 2017 14:43:49 GMT";
    "x-amzn-ErrorMessage" = "Unauthenticated access is not supported for this identity pool.";
    "x-amzn-ErrorType" = "NotAuthorizedException:";
    "x-amzn-RequestId" = "d4f8ec82-f1fa-11e6-bd81-3727ca129d86";
}
2017-02-13 15:43:49.826 dates[19823:463495] AWSiOSSDK v2.5.0 [Debug] AWSURLResponseSerialization.m line:63 | -[AWSJSONResponseSerializer responseObjectForResponse:originalRequest:currentRequest:data:error:] | Response body:
{"__type":"NotAuthorizedException","message":"Unauthenticated access is not supported for this identity pool."}
2017-02-13 15:43:49.826 dates[19823:463495] AWSiOSSDK v2.5.0 [Error] AWSIdentityProvider.m line:309 | __52-[AWSCognitoCredentialsProviderHelper getIdentityId]_block_invoke.255 | GetId failed. Error is [Error Domain=com.amazonaws.AWSCognitoIdentityErrorDomain Code=8 "(null)" UserInfo={__type=NotAuthorizedException, message=Unauthenticated access is not supported for this identity pool.}]
2017-02-13 15:43:49.826 dates[19823:463452] AWSiOSSDK v2.5.0 [Error] AWSCredentialsProvider.m line:565 | __44-[AWSCognitoCredentialsProvider credentials]_block_invoke.349 | Unable to refresh. Error is [Error Domain=com.amazonaws.AWSCognitoIdentityErrorDomain Code=8 "(null)" UserInfo={__type=NotAuthorizedException, message=Unauthenticated access is not supported for this identity pool.}]
2017-02-13 15:43:49.827 dates[19823:463379] -[AWSTask exception]: unrecognized selector sent to instance 0x60800027af00
2017-02-13 15:43:49.828 dates[19823:463379] *** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '-[AWSTask exception]: unrecognized selector sent to instance 0x60800027af00'
*** First throw call stack:
(
    0   CoreFoundation                      0x0000000112abcd4b __exceptionPreprocess + 171
    1   libobjc.A.dylib                     0x000000011251e21e objc_exception_throw + 48
    2   CoreFoundation                      0x0000000112b2cf04 -[NSObject(NSObject) doesNotRecognizeSelector:] + 132
    3   CoreFoundation                      0x0000000112a42005 ___forwarding___ + 1013
    4   CoreFoundation                      0x0000000112a41b88 _CF_forwarding_prep_0 + 120
    5   dates                               0x000000010ef4e917 __35-[AWSIdentityManager completeLogin]_block_invoke_2 + 263
    6   libdispatch.dylib                   0x00000001150f4978 _dispatch_call_block_and_release + 12
    7   libdispatch.dylib                   0x000000011511e0cd _dispatch_client_callout + 8
    8   libdispatch.dylib                   0x00000001150fe8a4 _dispatch_main_queue_callback_4CF + 406
    9   CoreFoundation                      0x0000000112a80e49 __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ + 9
    10  CoreFoundation                      0x0000000112a4637d __CFRunLoopRun + 2205
    11  CoreFoundation                      0x0000000112a45884 CFRunLoopRunSpecific + 420
    12  GraphicsServices                    0x0000000116249a6f GSEventRunModal + 161
    13  UIKit                               0x0000000112ee0c68 UIApplicationMain + 159
    14  dates                               0x000000010edac89f main + 111
    15  libdyld.dylib                       0x000000011516a68d start + 1
    16  ???                                 0x0000000000000001 0x0 + 1
)
libc++abi.dylib: terminating with uncaught exception of type NSException

What have i tried?

1. Compared my code with the sample app: Result - 1:1 match as far as I see
2. Compared Info.plist with the sample app: Result - 1:1 match (i copied the relevant parts)
3. Remove all frameworks, clean, rebuild
4. Clean all simulator data (was referenced by another similar quesiton)
5. Tried approaches from related questions: (check unauthenticated access)

What happens if I allow unauthenticated access?: the same, but a different response header :(

2017-02-13 16:25:06.213 dates[25642:544704] AWSiOSSDK v2.5.0 [Debug] AWSURLSessionManager.m line:566 | -[AWSURLSessionManager printHTTPHeadersForResponse:] | Response headers:
{
    Connection = "keep-alive";
    "Content-Length" = 1612;
    "Content-Type" = "application/x-amz-json-1.1";
    Date = "Mon, 13 Feb 2017 15:25:05 GMT";
    "x-amzn-RequestId" = "98feb58d-f200-11e6-9de9-471b5799b768";
}
2017-02-13 16:25:06.213 dates[25642:544704] AWSiOSSDK v2.5.0 [Debug] AWSURLResponseSerialization.m line:63 | -[AWSJSONResponseSerializer responseObjectForResponse:originalRequest:currentRequest:data:error:] | Response body:
{"Credentials":{"AccessKeyId":"ASIAISM6BUQFY6FJ4EFQ","Expiration":1.487003106E9,"SecretKey":"rlILMNjU7oeg1NEYgj1y3E1v/5L3IOJNWtZ7jsOf","SessionToken":"AgoGb3JpZ2luEFMaCWV1LXdlc3QtMSKAAgM0QlWyWW3xJ0H3+suiuuekGl6LUznBSikSWbYgLD9C6nPywAyKIlI5EVSN0q7o80q30ZWX8KE/Yjwo+axii1v/A2Qz9gqXWz4HRFwaJnHLE46nNLSJNNkNUhMkYy+azMCdKnZteUEtBzvHcWAVsyqAHtRSzKjGimXfs8WXs7d14g0GabTm73qj7tvOa4Facnetc9aUZjyLLKBsyOAnJKXwAN1xZja91qGbK2Tirfy2qu4kSDtJKcEPaSEnJTBqBlwdXS9D9JTOQNscNZEfpJpFNLdDmJ6ltbS/BwBNv1GscFjdQ2Dx7I76NwX4MO9qOdiqmxmmgK6p7ikO/Jxuq9Yq9AUI2f//////////ARAAGgwwNjU2MzE4NjczMDEiDHmDLk175KOE3qkTMCrIBTLbj5wXIk725/uIAfGFs0IBvnPMNHKRf6j0iuq1sD2gKy4ScFQQM0TgYskoKvNfuuy200BehQxwxpzkaD/C2mBxpGGbhnAT2s4lAeJzx6UtXmzfihpjI2elbjc7wlRLbQgHq9dY3EACVZ9Ab7WvIjD3vht6eOz3WAEO/J1ocKdBiRjdR+6rp9ALJPr94lHC6ERvmMs1jBHh3dgwTNxizz6ChoklkELvL9tb6m5UZPuhao2k9k/3NRiB03HzvlqBm71ODAQQfTiyOGbM/5BycCfSk2z18GpnO/uSJYzWbzO5KQaGW7KqPe+cWZNtX9cXcp1LXtJSK4I0EnwAuqgBlTQ0Ul4cVRDI2lxHkWgKUKpNgIBh4JjzdTJRnE1e0g5d/YmK+OuDmZ5AqwvD5l1f073YuoYgZ9XWYrWU3CTW3UnZitlGeLA7bFCuTf6xklprHqbxMxYdNmqPwI0R/GqbaQNG4rkiBWasCDhTXw0+/RHwBJwT+6lul6V0BSOR5hxKogO+oAxbJIQrC06YJdwxipSQo34yfan13hlEjOQ5pDxvF01ZR/+JCo2yGfA7DDjt3Q42EgvNEVrFhGMjdJvXa1UPKcbRj2B5JpJVO0aplJWcKNHPOkS0knHi7DtFnHNVUY1FKSLFzeIB7b5CYdHVl9vIG1XTp6iFQqT0M9fFnMzpB/tFv9VGTwF750Cx31SEBeMCXpOEYbZACScnjUj3j3l/JOf7Q0GTMiBUYudoXM5HBlsV9yaU8Qbe4V3Lg53g6HPsCbM7DqcDuPT7V4iphoOmK4G3/lFVkScTrOaO55cJ7jr3LYoIECEDbqWfheCCOyp1gKT6DkiBm6+JQvougWxqsUQzljBLMHzmgoWIl5+h5uvC1q1c3tnF/j/cIVzMqGobPfY25BftoZq6azFvaL/jXIGIDaUT9os0WR0mWybmCCd9Gwo25zsw0p+HxQU="},"IdentityId":"eu-west-1:a9ef3c7f-8be8-411c-9249-48df6f04f4ac"}
2017-02-13 16:25:06.220 dates[25642:544675] -[AWSTask exception]: unrecognized selector sent to instance 0x6180002656c0
2017-02-13 16:25:06.222 dates[25642:544675] *** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '-[AWSTask exception]: unrecognized selector sent to instance 0x6180002656c0'
*** First throw call stack:
(
    0   CoreFoundation                      0x000000010ff21d4b __exceptionPreprocess + 171
    1   libobjc.A.dylib                     0x000000010f98321e objc_exception_throw + 48
    2   CoreFoundation                      0x000000010ff91f04 -[NSObject(NSObject) doesNotRecognizeSelector:] + 132
    3   CoreFoundation                      0x000000010fea7005 ___forwarding___ + 1013
    4   CoreFoundation                      0x000000010fea6b88 _CF_forwarding_prep_0 + 120
    5   dates                               0x000000010c43d917 __35-[AWSIdentityManager completeLogin]_block_invoke_2 + 263
    6   libdispatch.dylib                   0x0000000112559978 _dispatch_call_block_and_release + 12
    7   libdispatch.dylib                   0x00000001125830cd _dispatch_client_callout + 8
    8   libdispatch.dylib                   0x00000001125638a4 _dispatch_main_queue_callback_4CF + 406
    9   CoreFoundation                      0x000000010fee5e49 __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ + 9
    10  CoreFoundation                      0x000000010feab37d __CFRunLoopRun + 2205
    11  CoreFoundation                      0x000000010feaa884 CFRunLoopRunSpecific + 420
    12  GraphicsServices                    0x00000001136aea6f GSEventRunModal + 161
    13  UIKit                               0x0000000110345c68 UIApplicationMain + 159
    14  dates                               0x000000010c29b89f main + 111
    15  libdyld.dylib                       0x00000001125cf68d start + 1
    16  ???                                 0x0000000000000001 0x0 + 1
)
libc++abi.dylib: terminating with uncaught exception of type NSException

The more i look at it it seems to be an issue with AWSTask.

Any ideas where I might head next?

Answer 1

To get past this issue with AWSCognitoIdentityUserPoolConfiguration returning no access, am exploring turning on the un-authenticated access.

When doing that, the App Delegate runs and gets unauthorized access. Then, in the user signup, will uses Sign In API in a Login ViewController to then get AWS credentials for authenticated access.

This allows us (if we want) to access DynamoDB, Lambda, while awaiting the user to logon the first time. We can control what the app has to access by setting the correct policies for both authenticated and unauthenticated users.

This doc, although simple, has the best Swift example that I've found so far.

http://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-integrating-user-pools-with-identity-pools.html

Onto the next step!

Answer 2

AWS通过Swift 3支持进行了更新，解决了该问题。