반응형
문제 발생
Caused by: NotAuthorizedException{message=Failed since user is not authorized., cause=com.amazonaws.services.cognitoidentityprovider.model.NotAuthorizedException: Temporary password has expired and must be reset by an administrator. (Service: AmazonCognitoIdentityProvider; Status Code: 400; Error Code: NotAuthorizedException; Request ID: a28d40a9-5e7c-4661-9453-f2adeb8c4b61), recoverySuggestion=Check whether the given values are correct and the user is authorized to perform the operation.}
at com.amplifyframework.auth.cognito.util.CognitoAuthExceptionConverter.lookup(CognitoAuthExceptionConverter.java:108)
at com.amplifyframework.auth.cognito.AWSCognitoAuthPlugin$5.onError(AWSCognitoAuthPlugin.java:441)
at com.amazonaws.mobile.client.internal.InternalCallback.call(InternalCallback.java:77)
at com.amazonaws.mobile.client.internal.InternalCallback.onError(InternalCallback.java:67)
at com.amazonaws.mobile.client.AWSMobileClient$6$1.onFailure(AWSMobileClient.java:1358)
at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$6.onFailure(CognitoUser.java:1158)
at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$23.run(CognitoUser.java:2952)
at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser$24.run(CognitoUser.java:3002)
at com.amazonaws.mobileconnectors.cognitoidentityprovider.continuations.AuthenticationContinuation.continueTask(AuthenticationContinuation.java:147)
at com.amazonaws.mobile.client.AWSMobileClient$6$1.getAuthenticationDetails(AWSMobileClient.java:1322)
at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.getSession(CognitoUser.java:1035)
at com.amazonaws.mobile.client.AWSMobileClient$6.run(AWSMobileClient.java:1254)
at com.amazonaws.mobile.client.internal.InternalCallback$1.run(InternalCallback.java:101)
at java.lang.Thread.run(Thread.java:1012)
Caused by: com.amazonaws.services.cognitoidentityprovider.model.NotAuthorizedException: Temporary password has expired and must be reset by an administrator. (Service: AmazonCognitoIdentityProvider; Status Code: 400; Error Code: NotAuthorizedException; Request ID: a28d40a9-5e7c-4661-9453-f2adeb8c4b61)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:742)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:420)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:229)
at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.invoke(AmazonCognitoIdentityProviderClient.java:6781)
at com.amazonaws.services.cognitoidentityprovider.AmazonCognitoIdentityProviderClient.respondToAuthChallenge(AmazonCognitoIdentityProviderClient.java:5263)
at com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUser.respondToChallenge(CognitoUser.java:2923)
... 7 more
테스트를 위해 테스트 계정이 필요해서 AWS에서 직접 계정을 생성했는데 Confirmation status가 Force change password 상태로 계정이 생성되었습니다.
이 계정으로 앱에서 인증절차를 수행하려고 하니 Temporary password has expired and must be reset by an administrator 에러가 발생하였습니다
테스트를 위해 AWS 에서 직접 계정을 생성하면 당연하게도 인증되지 않은 사용자이므로 관리자가 패스워드를 reset하라는 메시지가 발생합니다.
해결 방법
이를 위해서는 Confirmation status를 confirmed 상태로 만들어야 하며 aws-cli로 해결이 가능합니다.
aws cognito-idp admin-set-user-password \
--user-pool-id <your-user-pool-id> \
--username <username> \
--password <password> \
--permanent위의 명령어를 통해 비밀번호를 세팅해주면 정상적으로 계정이 Confirmed 상태로 변하는 것을 확인할 수 있습니다
감사합니다!
반응형
