Open nerdifydev opened 1 day ago
I am also facing the same issue.
@ashishsoniDotsquares Are you also on Amplify JS version 5.x?
Hi @nerdifydev, thanks for providing the details.
It throws an error in the catch block of Auth.currentSession.
Do you have any details of the caught error, such as the message and error name it contained?
Also regarding to this detail:
Also, I do not store tokens locally in the app and makes every time call to Auth.currentSession to fetch the latest token
Can you elaborate? Do you mean you are preventing Amplify library from storing the auth token in the underlying AsyncStorage? Or do you mean you don't keep a reference to the object returned by a successful call of Auth.currentSession()
?
Hi @HuiSF, It says something like error - network error. It is something weird as users have proper network connectivity and it happens only when token expires.
The token expires but does not renew, so for now, I had to set the ID token expiration to 24 hours and the refresh token to more than a month.
Thanks for the addition details @nerdifydev, also and @ashishsoniDotsquares do you get the same error when this issue happened?
Could you both determine, did this happen at a occasion, for example, when the end users reopened the Android app from background? Also are you able to collect details of the Android devices that encountered this issue, such as Android OS version, device type etc.?
Hi @HuiSF, I wanted to just add another point that I always fetch the latest token from Auth.currentSession.
Can you elaborate? Do you mean you are preventing Amplify library from storing the auth token in the underlying AsyncStorage? Or do you mean you don't keep a reference to the object returned by a successful call of Auth.currentSession()?
Sorry about the segmented requests @nerdifydev could you also confirm, after the error Network error
happened, was the end user able to continue using the app, e.g. re-signing in, and did other Auth functionalities work?
@HuiSF @haverchuck, I'm on version 5.3 and encountering a similar error where the token expires but does not refresh, causing the error to be caught in the catch block. This is somewhat unreliable, as I am seeing unauthorized requests from users on both older and the latest Android OS versions (10 to 14), across various devices (Samsung, Pixel, Moto, etc.).
Are you also on Amplify JS version 5.x?
Unfortunately, I don't have any specific data on whether this happens on particular occasions.
do you get the same error when this issue happened? Could you both determine, did this happen at a occasion, for example, when the end users reopened the Android app from background? Also are you able to collect details of the Android devices that encountered this issue, such as Android OS version, device type etc.?
Hi @HuiSF, Regarding to this detail:
@nerdifydev could you also confirm, after the error Network error happened, was the end user able to continue using the app, e.g. re-signing in, and did other Auth functionalities work?
Yes, as per the current functionality, we log users out of the app if an error occurs in Auth.currentSession, requiring them to sign in again. Upon re-signing, users receive a new token, so the error doesn't occur initially. However, when the token expires, Auth.currentSession is unable to renew it, and the cycle repeats.
Before opening, please confirm:
JavaScript Framework
React Native
Amplify APIs
Authentication
Amplify Version
v5
Amplify Categories
auth
Backend
Amplify CLI
Environment information
Describe the bug
Auth.currentSession is not refreshing tokens automatically for some users, specifically on Android devices. I spent a lot of time debugging it, but I was never able to reproduce the issue, even when going offline for a while and coming back online to receive a new token before the token expiration. The issue seems somewhat unreliable, as I checked a few Android devices where the token was refreshing seamlessly. It throws an error in the catch block of Auth.currentSession. I'm not sure if there's a way to force a token refresh in Auth.currentSession with AWS Amplify v5 for React Native.
Also, I do not store tokens locally in the app and makes every time call to Auth.currentSession to fetch the latest token.
Expected behavior
Auth.currentSession should automatically refresh the token when it expires and should not throw an error in catch block of Auth.currentSession.
Reproduction steps
Note: The issue is not consistently reproducible, making it challenging to debug.
Code Snippet
Log output
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response