When the Cognito identity id (cwr_i) is present in localStorage, GetOpenIdToken (basic authflow) can fail in a way that is not recoverable (see #497). For example, this can happen when a ResourceNotFound error is returned by Cognito.
This change (1) invalidates the identity Id when Cognito throws an error during basic authflow, (2) extends error handling to unknown errors for both authflows, and (3) adds a re-try mechanism to both authflows.
I have reproduced the failures with both standard and enhanced authflows and verified the patch in an integration test environment.
Resolves #497.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
When the Cognito identity id (
cwr_i
) is present in localStorage,GetOpenIdToken
(basic authflow) can fail in a way that is not recoverable (see #497). For example, this can happen when a ResourceNotFound error is returned by Cognito.This change (1) invalidates the identity Id when Cognito throws an error during basic authflow, (2) extends error handling to unknown errors for both authflows, and (3) adds a re-try mechanism to both authflows.
I have reproduced the failures with both standard and enhanced authflows and verified the patch in an integration test environment.
Resolves #497.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.