0

I have an Android(Native) app with Amplify Backend(amplify SDK version 1.6.4)

The Refresh Token from AWS-Cognito UserPool is expiring after 30 days, as mentioned in

AWS Amplify "Refresh Token has expired" after less than configured time (30 days)

The doc mentions that we can set between 60 minutes and 10 years https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-the-refresh-token.html

From the UserPool I tried updating it (900 days), but still the refresh token seems to be expiring after 30 days (And this is causing problems in the App).

So, the question is How do I increase the Refresh Token Expiration Time ??

Steps that i followed to update the Refresh Token Expiration time:

  • Select the User Pool (Switch to New Amazon Cognito Console)
  • Goto "App Integration"
  • Goto "App clients and analytics">"App client name"
  • "App client information",Click Edit, Update the "Refresh token expiration"

enter image description here

Another question that i have related to this is, when the refresh token expires (assuming that it is expiring after 30 days), inside the function Amplify.Auth.fetchAuthSession(), result.isSignedIn returns True, but Amplify.Auth?.currentUser returns Null (and hence the Amplify.Auth?.currentUser?.userId is empty)

enter code here
Amplify.Auth.fetchAuthSession(
        { result ->
            runOnUiThread {
                Toast.makeText(this, "fetchAuthSession success", Toast.LENGTH_SHORT).show()
            }

            val refreshToken = (result as AWSCognitoAuthSession).userPoolTokens.value?.refreshToken ?: "empty"
            val accessToken = (result as AWSCognitoAuthSession).userPoolTokens.value?.accessToken ?: "empty"
            val idToken = (result as AWSCognitoAuthSession).userPoolTokens.value?.idToken ?: "empty"

            runOnUiThread {
                Toast.makeText(this, "fetchAuthSession success: RT: $refreshToken, AT: $accessToken, IT: $idToken", Toast.LENGTH_SHORT).show()
            }

            if (result.isSignedIn) {
                runOnUiThread {
                    Toast.makeText(this, "isSignedIn True", Toast.LENGTH_SHORT).show()
                }

                val currentUser = Amplify.Auth?.currentUser?.userId ?: "userId empty"
                runOnUiThread {
                    Toast.makeText(this, "fetchAuthSession isSignedIn: $currentUser", Toast.LENGTH_SHORT).show()
                }
                //
            } else {
                runOnUiThread {
                    Toast.makeText(this, "isSignedIn False", Toast.LENGTH_SHORT).show()
                }
                //

            }
        },
        { error ->
           

            runOnUiThread {
                Toast.makeText(this, "fetchAuthSession error", Toast.LENGTH_SHORT).show()
            }

        }
)

So should i logout the User from the App when userId is null/empty or when refresh token is null/empty ?? Or Can't we update the refresh token ??

Amit Gupta
  • 633
  • 1
  • 8
  • 19

0 Answers0