amplify-js: Invalid Refresh Token.
Bug.
Configuration:
- I have set refresh token expiry to 3064 days
- I have setting Device Tracking as ALWAYS
Code to refresh Session I have:
`if (cognitoUser !== null) {
cognitoUser.getSession(function (err, oldSession) {
if (!err) {
var refreshToken = oldSession.getRefreshToken();
console.log("Refreshing session");
cognitoUser.refreshSession(refreshToken, function (err, refreshedSession) {
if (!err) {
console.log("Session refreshed successfully!");
var logins = {};
logins[cognitoEndpoint + "/" + poolData.UserPoolId] = refreshedSession.getIdToken().getJwtToken();
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId: identityPoolId,
Logins: logins
});
// Make the call to obtain credentials
AWS.config.credentials.get(function () {
console.log("Success credentials");
refreshingToken = false;
client = new AWS.CognitoSyncManager();
if (client) {
client.openOrCreateDataset(bnDataSetName, function (err, dataset) {
if (!err) {
bnUserPreferencesDataset = dataset;
} else {
errorLogService(err);
}
});
}
});
deferred.resolve(true);
} else {
err.message = "ResumeAppplicationCognito: Not able to refresh session: User " + cognitoUser.username + ":" + err.message;
err.emailTried = cognitoUser.username;
if (!err.code.match(new RegExp(AppConst.exceptionsCodes.UserNotFoundException)) && !err.message.match(new RegExp(AppConst.exceptionsCodes.incorrectPassword))) {
errorLogService(err);
}
deferred.resolve(false);
}
});
}
});
}`
I got this error due to some reason:
code: NotAuthorizedException, column: 1837305, emailTried: jo****@yahoo.com, line: 1, message: User jo****yahoo.com : Invalid Refresh Token., name: NotAuthorizedException, requestId: a64f28e6-2cd2-11e8-9102-45d988484951, retryable: False, retryDelay: 58.95665571402836 , statusCode: 400, time: 2018-03-21T06:39:48.215Z }
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Comments: 17 (5 by maintainers)
@stripathix This is a long shot, but have you tried turning off Device Tracking in your user pool, if it’s currently on, to see if it makes a difference?
I’m still investigating my particular problem: using Amplify for Auth and the migration trigger seems to result in a User object being returned that doesn’t have a device key cached to local storage. Thus, when I used Auth.currentSession() to refresh the session, Amplify tries to use InitiateAuth with REFRESH_TOKEN_AUTH to get a new set of credentials, but DEVICE_KEY is set to null.
If the associated User Pool is set to use Device Tracking, then InitiateAuth will error out with NotAuthorizedException: Invalid refresh token. However, if I turn Device Tracking off, then the session is refreshed as expected.
Thank you @tcchau, we have the same issue, turning off the Device Tracking fixed it, however, what if I want to use both USER_PASSWORD_AUTH and Device Tracking feature? any solution or workaround?