amazon-cognito-auth-js icon indicating copy to clipboard operation
amazon-cognito-auth-js copied to clipboard

Published 20 hours ago verified publisher icon amazon-archives

Do we need to manually refresh the Id token and Access token with refresh token?

Open clin9 opened this issue 7 years ago • 3 comments

I'm not sure if there is method to automatically refresh the Id token and Access token when they are expired? Or we are able to use getCacheSession or getSession directly to refresh them.

clin9 avatar Sep 20 '18 09:09 clin9

Yes, you have to do it manually once token expired (after 1 hour ). You can do it via refreshSession() method.

let user = auth.getCachedSession(); auth.refreshSession(user.getRefreshToken().getToken())

chamathsilva avatar Sep 20 '18 11:09 chamathsilva

It seems that getSession() does that for you:

    /**
     * This is used to get a session, either from the session object
     * or from the local storage, or by using a refresh token
     * @param {string} RedirectUriSignIn Required: The redirect Uri,
     * which will be launched after authentication.
     * @param {array} TokenScopesArray Required: The token scopes, it is an
     * array of strings specifying all scopes for the tokens.
     * @returns {void}
     */
    getSession() {
      const tokenScopesInputSet = new Set(this.TokenScopesArray);
      const cachedScopesSet = new Set(this.signInUserSession.tokenScopes.getScopes());
      const URL = this.getFQDNSignIn();
      if (this.signInUserSession != null && this.signInUserSession.isValid()) {
        return this.userhandler.onSuccess(this.signInUserSession);
      }
      this.signInUserSession = this.getCachedSession();
      // compare scopes
      if (!this.compareSets(tokenScopesInputSet, cachedScopesSet)) {
        const tokenScopes = new CognitoTokenScopes(this.TokenScopesArray);
        const idToken = new CognitoIdToken();
        const accessToken = new CognitoAccessToken();
        const refreshToken = new CognitoRefreshToken();
        this.signInUserSession.setTokenScopes(tokenScopes);
        this.signInUserSession.setIdToken(idToken);
        this.signInUserSession.setAccessToken(accessToken);
        this.signInUserSession.setRefreshToken(refreshToken);
        this.launchUri(URL);
      } else if (this.signInUserSession.isValid()) {
        return this.userhandler.onSuccess(this.signInUserSession);
      } else if (!this.signInUserSession.getRefreshToken()
      || !this.signInUserSession.getRefreshToken().getToken()) {
        this.launchUri(URL);
      } else {
        this.refreshSession(this.signInUserSession.getRefreshToken().getToken());
      }
      return undefined;
    }

YoniH avatar Dec 04 '18 15:12 YoniH

how to handle same situationat nodejs backend? please share if any resource or poc available on Cognito nodejs backend

bala1074 avatar Jul 28 '19 18:07 bala1074