Trying to test a new user signup flow using Cognito's Hosted UI. When I sign up with a new username / email address, I get the verification code in email, copy it, and paste it into the Cognito Hosted UI's confirmation page. Cognito then tells me that the user couldn't be confirmed and that the code was invalid. A second attempt to confirm the user, however, fails with a message that the user is already confirmed (which I can verify is true in the aws console). If I start over at the login UI, the user can login. Not sure what I could be doing wrong here. Appears to be a bug.
Additional Info: It seems to have something to do with data passed in the state parameter. If I pass url encoded json for the state I will sometimes get this incorrect behavior and sometimes not (depending on the specifics of the json... haven't been able to narrow down the exact trigger). If I simply base64 encode the json instead (intentionally not url encoding, so "=" stays "=" and not "%3D", everything seems to work. No idea why the contents of the state param should have any effect on the outcome of verification (state param is supposed to be opaque). Still seems like a bug to me. But the base64 workaround is good enough for now.
AWS 官方已更新 1 年前