3

I have been searching for the proper way to refresh token after the token generated by the AWS as Federated Identity has expired. My application uses cognito to log, and sign up users and then take the Access Token and then hit the apis using RetroFit.

Retrofit call

 HttpLoggingInterceptor interceptor = new HttpLoggingInterceptor();
        interceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
        OkHttpClient client = new OkHttpClient.Builder().addInterceptor(interceptor).build();
        //end

        OkHttpClient.Builder httpClient = new OkHttpClient.Builder();
        httpClient.readTimeout(45, TimeUnit.SECONDS);
        httpClient.connectTimeout(120, TimeUnit.SECONDS);
        httpClient.interceptors().add(new AuthInterceptor());
        httpClient.addInterceptor(interceptor); //debugging

        httpClient.addInterceptor(new Interceptor() {
            @Override
            public Response intercept(Chain chain) throws IOException {
                Request original = chain.request();

                // Customize the request
                Request request = original.newBuilder()
                        .header("Content-type", "application/json")
                        .header("Authorization", "auth-token")
                        .header("Accept", "application/json")
                        .header("deviceType", "android") //experimental
                        .header("Version", "v1")
                        .method(original.method(), original.body())
                        .build();

                Response response = chain.proceed(request);
                return response;
            }
        });

        Retrofit retrofit = new Retrofit.Builder()
                .baseUrl(BuildConfig.BASE_URL)
                .client(httpClient.build())
                .addConverterFactory(ToStringConverterFactory.create())
                .addConverterFactory(GsonConverterFactory.create())
                .build();

        return retrofit.create(RetroInterface.class);

AuthInterceptor

...
  if (jsonObject.getInt("status") == 0 && jsonObject.getJSONObject("data").getInt
                    ("code")
                    == 99) {
                IS_TOKEN_EXIPRED = true;

//                HashMap<String, String> logins = new HashMap<String, String>();
                logins.put("cognito-idp.us-east-1.amazonaws.com/" + BuildConfig.USERPOOLID,
                        Cognito.getInstance().getCurrSession().getIdToken().getJWTToken());

                CognitoLogin.credentialsProvider.setLogins(logins);

                String newtoken = Cognito.getInstance().getCurrSession().getAccessToken().getJWTToken();

                Log.e("refy", newtoken);

                BaseApplication.getApp().doSaveSharedString(AppConstants.USER_ACCESS_TOKEN, newtoken);
                BaseApplication.getApp().doWriteLog("AuthInterceptor Here: ");
            }

        } catch (JSONException e) {
            BaseApplication.getApp().redirectToLoginActivity();
            e.printStackTrace();
        }
...

I am stuck this problem., The token expires in 1 hour and then I cant do anything. There is not information available to refresh token in Android. All I can see is that Android AWS SDK refreshes the token by itself as long as Refresh Token as validity.

Ahmed S. Durrani
  • 1,535
  • 2
  • 17
  • 41

1 Answers1

5

So after searching online for three days, I got the answer. All you have to do is call the getSession(..) to get the refreshed tokens. Here how it is done:

 Cognito.getPool().getUser().getSession(new CognitoLogin(BaseApplication.getApp().getApplicationContext(), Cognito.getCurrUser(), Cognito.getPasswordForFirstTimeLogin()));
                String newtoken =  Cognito.getInstance().getCurrSession().getAccessToken().getJWTToken();

Reference Cognito User Pool: How to refresh Access Token Android

Ahmed S. Durrani
  • 1,535
  • 2
  • 17
  • 41