Description of changes: When the ID and Access tokens have expired, and the Refresh token too, the user is now redirected to the Cognito Hosted UI to sign-in. Previously, this resulted in the custom Auth@Edge error page to be shown, which made the user explicitly click the sign-in button to be redirected to the Cognito Hosted UI to sign-in. That page should be shown for edge cases only.
Implemented as follows:
RefreshAuth function: if the refresh fails with invalid_grant message from Cognito, we assume the refresh token expired and clear the cookie
CheckAuth function: if the ID and Access token are expired and there is no refresh token (because it was now cleared), the user is redirected to Cognito for sign-in
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Issue #, if available: N/A
Description of changes: When the ID and Access tokens have expired, and the Refresh token too, the user is now redirected to the Cognito Hosted UI to sign-in. Previously, this resulted in the custom Auth@Edge error page to be shown, which made the user explicitly click the sign-in button to be redirected to the Cognito Hosted UI to sign-in. That page should be shown for edge cases only.
Implemented as follows:
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.