-
Notifications
You must be signed in to change notification settings - Fork 243
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Access / ID Tokens not getting refreshed #3355
Comments
On debugging I have learnt that the issue lies in the fact that DeviceKeys are not getting stored when using Cognito HostedUI to sign |
Hi @PritamDutt apologies you're dealing with this issue. Can you clarify how you configured the app client to have the expiration times you mentioned above? How did you determine that DeviceKeys were not being stored? |
Hi @fjnoyp,
Lines 706 to 709 in 19834be
|
Hi @PritamDutt thank you for your detailed followup. I am unable to reproduce, this is what I did:
Furthermore, while deviceId isn't saved in the hostedUI sign in/up flow, I validated internally that shouldn't be an issue. The main issue you have seems to be that your refreshToken is not working, and isn't allowing you to get proper access/id tokens. Can you please share which social provider service you are using and how you set it up? Can you try setting up with Google as a provider to see if you have the same error again. |
Hi @PritamDutt thanks for sharing this information. The fact that you're using MFA is key, as we are currently working to support TOTP MFA within the Amplify Flutter library here: I'll check internally later today to confirm if this would fix your issue. As mentioned in the pull request itself, it's a high priority for us though we have no firm timelines for a release. |
May be not @fjnoyp, as I see no change in hosted ui flow there.. all the changes appear to being done in native SignIn flow.. But I may be wrong 😉 |
Hi @PritamDutt, I wasn't able to reproduce this either using the same settings as your backend. Would you be able to share some more code around the Amplify methods you're using after logging in? You mention that you suspect the reason for this is the lack of inclusion of a device key when refreshing the token. However, it is expected that when using Hosted UI no device key is present. Can you confirm this happens on the very first refresh attempt after signing in and that the refresh token itself is not expired? |
Hi @dnys1, I can confirm that it happens on the first refresh attempt. Regarding code, let me see what I can share.. would |
Yes, that would help, thanks |
Hi @PritamDutt are you still experiencing this issue? Unfortunately, I could not reproduce it and will need your assistance to continue investigating. Please let me know- I'll be closing this issue in 7 days if I don't hear from you. |
Closing as we haven't heard back. Please feel free to create a new issue if you continue to experience this problem. |
Description
I am using Cognito Auth UserPool for managing users, and have configured AppClient with
I have API Gateway set to use Cognito Authorizer pool, and I am further using Amplify.API to make REST api calls.
with above scenario I am getting
SessionExpiredException
for any call executed after a gap of 5 minutes, which means that my access/id tokens are not getting refreshed on their own.I have tried making
fetchAuthSession
call before the API call, but that also is not being of any help.SessionExpiredException {
"message": "The tokens could not be refreshed",
"recoverySuggestion": "Invoke Amplify.Auth.signIn
Categories
Steps to Reproduce
No response
Screenshots
No response
Platforms
Flutter Version
3.10.2
Amplify Flutter Version
1.1.1
Deployment Method
Amplify CLI
Schema
No response
The text was updated successfully, but these errors were encountered: