Open ovirta opened 6 years ago
Additional comment to the issue with refreshing tokens.
We are able to use above mentioned function to refresh tokens before access token has expired.
POST
header: 'Content-Type': 'application/x-www-form-urlencoded'
body: 'grant_type=refresh_token&client_id=${clientId}&refresh_token=${refreshToken}'
RESPONSE:
access_token:"eyJraWQi...B2iou_z...
expires_in:3600
id_token:"eyJraW...eXBlIjo
token_type:"Bearer"
Why is refresh succeeding before access token has expired?
I dont know if this could help in your case. Maybe you could try using this:
auth.refreshSession(refreshtoken);
I think this method creates the same request you're trying to do
@tbpolicarpio You are right, it did the same thing and additionally it caches new tokens. (same as parseCognitoWebResponse() method)
Thank you both for your responses. Will need to look into those.
We are having hard time refreshing our tokens forcing clients to login after 1h.
We have AWS Cognito service in use for user authentication.
We have no problems getting a the access, ID and refresh tokens. They are saved in local storage and are fine (IMHO).
We are also able to renew tokens before expiration. But after access token is expired we are unable to refresh using the saved refresh token.
This is the function where we try to do the refresh:
curl: https://OUR_URL.eu-west-1.amazoncognito.com/oauth2/token
Body of the message: "grant_type=refresh_token&client_id=3i1t......glde&refresh_token=eyJjd.....uEW-OA"
Response: "Http failure response for https://OUR_URL.eu-west-1.amazoncognito.com/oauth2/token: 400 Bad Request"
Error: "invalid_client"
We don't have client_secret specified for the app.
Any insight what could go wrong in our scenario?