amplify-android icon indicating copy to clipboard operation
amplify-android copied to clipboard
verified publisher icon aws-amplify

If a user is offline and their access token expires, but their refresh token is still valid (unexpired at last sync), the isSigned function for the session should return true. Currently it returns false.

Open aneeshjoshi opened this issue 1 year ago • 7 comments

Before opening, please confirm:

Language and Async Model

Kotlin - Coroutines

Amplify Categories

Authentication

Gradle script dependencies

// Put output below this line
    implementation("com.amplifyframework:aws-storage-s3:2.15.1")
    implementation("com.amplifyframework:aws-auth-cognito:2.15.1")
    implementation("com.amplifyframework:core-kotlin:2.15.1")

Environment information

# Put output below this line

Welcome to Gradle 8.1!

Here are the highlights of this release:
 - Stable configuration cache
 - Experimental Kotlin DSL assignment syntax
 - Building with Java 20

For more details see https://docs.gradle.org/8.1/release-notes.html


------------------------------------------------------------
Gradle 8.1
------------------------------------------------------------

Build time:   2023-04-12 12:07:45 UTC
Revision:     40ba32cde9d6daf2b92c39376d2758909dd6b813

Kotlin:       1.8.10
Groovy:       3.0.15
Ant:          Apache Ant(TM) version 1.10.11 compiled on July 10 2021
JVM:          21.0.1 (Oracle Corporation 21.0.1+12-29)
OS:           Mac OS X 14.2.1 aarch64

Please include any relevant guides or documentation you're referencing

https://docs.amplify.aws/flutter/build-a-backend/auth/accessing-credentials/

Describe the bug

If a user is offline and their access token expires, but their refresh token is still valid (unexpired at last sync), the isSigned function for the session should return true. Currently it returns false.

The behaviour should work similar to how the Amplify Flutter library resolved this in https://github.com/aws-amplify/amplify-flutter/pull/2585 to address Issue https://github.com/aws-amplify/amplify-flutter/issues/2398

Alternatively, there should be a way for the api users to determine that the reason for the null access token. Currently the exception being thrown is aws.smithy.kotlin.runtime.http.HttpException: java.net.UnknownHostException and it's several layers deep within the error object

Reproduction steps (if applicable)

Setup a user pool client to have 7 min access & id token expiry and refresh token set to 60 days Sign in to an android app app using that user pool client Request the auth session on app launch, observe isSignedIn as true from the session retrieved Set your device to Airplane Mode (no wifi or cell network) Wait 8 mins, launch the app, observe isSignedIn as false from the session retrieved

Code Snippet

// Put your code below this line.

Log output

// Put your logs below this line

amplifyconfiguration.json

No response

GraphQL Schema

// Put your schema below this line

Additional information and screenshots

No response

aneeshjoshi avatar Apr 19 '24 21:04 aneeshjoshi

Thank you for your report. Our team will take a look into the issue

joon-won avatar Apr 19 '24 21:04 joon-won

Hi @aneeshjoshi, I'll be taking a look at this issue starting today. Will keep you updated as I dig further into the auth code and the Flutter issue (thanks for linking that!)

vincetran avatar Apr 23 '24 20:04 vincetran

We've had this issue in out apps since we're using the latest versions of amplifys frequent updates, We had to fix it somehow so we logged out the user from the app before every login unconditionally since the fetch session give faulty info about the user being signed in or not.

Hope this gets fixed soon 🙏

sami-khleaf avatar May 22 '24 15:05 sami-khleaf

Hi @sami-khleaf,

I'm working on a fix now.

I'll update the ticket with progress as I have updates.

tylerjroach avatar May 22 '24 20:05 tylerjroach

I wanted to provide a quick update that the fix is being worked on here: https://github.com/aws-amplify/amplify-android/pull/2830. It isn't quite ready yet, as we are still working through some edge cases that need to be properly handled. I'll update the ticket when the fix is merged and released.

tylerjroach avatar Jun 03 '24 13:06 tylerjroach

@tylerjroach thank you , any updates?

sami-khleaf avatar Jun 09 '24 06:06 sami-khleaf

Yes, we were still working through a few edge cases at the end of last week. We are close to being able to merge the PR in.

tylerjroach avatar Jun 10 '24 13:06 tylerjroach

Sorry for the late notification here. The fix was released with Amplify Android 2.19.1!

tylerjroach avatar Jul 11 '24 20:07 tylerjroach

This issue is now closed. Comments on closed issues are hard for our team to see. If you need more assistance, please open a new issue that references this one.

github-actions[bot] avatar Jul 11 '24 20:07 github-actions[bot]