By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Official Documentation is Incorrect

0

I'm following this guide

https://aws.amazon.com/premiumsupport/knowledge-center/cognito-user-pool-remembered-devices/

to set up remembered devices and I'm doing most things from scratch because there is no Ruby library like Warrant.

First off, let me just say the PasswordVerifier formula in this doc is incorrect/lacks information (when calling ConfirmDevice). I had to look at js source code and warrant source code to reverse-engineer what it was actually looking for.

errors

Next for, Call RespondToAuthChallenge for DEVICE_PASSWORD_VERIFIER it seems like the forumla given does not work at all. Is there any open source code

The formula for S_USER = (SRP_B - k * g^(x))^(a + ux) does not seem to be using modular exponentiation and is returning a number so large, that my code isn't able to deal with it without some extra libraries. That does not seem like it's expected if all the other S values in open source code is using modular exponentiation.

Please provide some client-side code where this final formula for DEVICE_PASSWORD_VERIFIER actually works. There does not seem to be a working example anywhere, and it seems like AWS is just posting incorrect guides.

Edit: I'm looking at the code in these places to respond to device password verifier and it's completely different from what is described in the blog post:

Topics
Security, Identity, & Compliance
Tags
Amazon CognitoAmazon Cognito User Pools
Language
English
repost-user-kc
asked 2 years ago260 views
1 Answer
1

Hi,

Please provide feedback via the 'Submit feedback' link on the page.

Thanks.

AWS
Rajarshi_D
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content