amplify-android: Refresh access token doesn't work

Before opening, please confirm:

• I have searched for duplicate or closed issues and discussions.

Language and Async Model

Kotlin

Amplify Categories

Authentication

Gradle script dependencies

Environment information

# Put output below this line

Please include any relevant guides or documentation you’re referencing

No response

Describe the bug

I’m using the following process in my app: (fresh install)

• Amplify.Auth.signIn -> The user correctly sign in.
• Once the authentication is done, I use Amplify.Hub.subscribe(HubChannel.AUTH) to check all the events.
• When the user is loggedin, I used “Amplify.Auth.fetchUserAttributes()” to get the user information.

To get the tokens, I’m using:

“Amplify.Auth.fetchAuthSession” before each call to our API.

The configuration about the user pool we’re using:

Acces token + ID token validity = 7 minutes Refresh token = 3 hours

The problem:

When the app is killed / Restarted, we are trying to use “fetchUserAttributes” and we have the exception : "NotAuthorizedException{message=Failed since user is not authorized., cause=NotAuthorizedException(message=Access Token has expired), recoverySuggestion=Check whether the given values are correct and the user is authorized to perform the operation.} " which is expected actually, because it was after 7 minutes.

BUT, when calling “Amplify.Auth.fetchAuthSession” to get a new access token usable, we’re still getting the previous one… Impossible to get a new one until we force a logout / login, which is not expected at all. We expect to be able to receive a new access token using a refresh token still valid…

I saw the first time the tokens were generated, everything was “correct” for the IAT / Exp properties. Then, I expect to be able with Amplify to have a new access token automatically when calling “fetchAuthSession”.

How to proceed?