How to refresh the IdToken using refreshToken Value in AWS Cognito?

Question

Is it possible we can force expire before one hour and get new IdToken using the refresh token OR How to get new IdToken after auto expire time using refreshToken value in this amazon-cognito-identity-js-node module?

I am getting

TypeError: refreshToken.getToken is not a function as error.

I am using this code as follows:

cognitoUser.refreshSession(refreshToken, (err, session) => {
                          if (err) {//throw err;
                            console.log('In the err'+err);
                          }
                          else{
                            console.log('session '+session);
                          }
                    });

I am passing refreshToken correct value in the function. In the file CognitoUser.js on function

refreshSession(refreshToken, callback)
{
  const authParameters = {};
  authParameters.REFRESH_TOKEN = refreshToken.getToken(); /* Here I am getting error*/
  ...
  ....
}

In case if I replace second line of function refreshSession() with the

authParameters.REFRESH_TOKEN = this.signInUserSession.getRefreshToken().getToken();

then error went off.

I have tried to use the code as follows:

 var poolData = {
        UserPoolId: 'xx-xxx-x_xxxxx',
        ClientId: 'xxxxx',
        AuthFlow: 'xxxxx'
     };

     userPool = new AWS.CognitoIdentityServiceProvider.CognitoUserPool(poolData);


if(minuteDiff >= 60) { // Defult Id Token Expired
    // Get New IdToken using RefreshToken
    var userData = {
        Username : cognitousername,
        Pool : userPool
    };
    var cognitoUser  = new AWS.CognitoIdentityServiceProvider.CognitoUser(userData);

    var refreshToken = localStorage.getItem('refreshToken'); 

    cognitoUser.getSession(function(err, session) {
        if (err) {                
            res.send(err);
        }
        else{
                /* Session Refresh */
                cognitoUser.refreshSession(refreshToken, (err, session) => {

                    if (err) {//throw err;
                        console.log('In the err'+err);
                    }
                    else{
                        var regsmar_apiKey = session.idToken.jwtToken; // will this provide new IdToken?
                        localStorage.setItem('api_key',regsmar_apiKey);
                    }
                }); 
        }
    });
}

Can any one please help me out there how should I update IdToken after expire?

score 14 · Accepted Answer · answered Dec 13 '17 at 00:33

I think refreshSession expects an instance of the CognitoRefreshToken class, not just a plain string. The getToken is a method from that class that's missing in your case. You may want to try this:

var CognitoRefreshToken = require('amazon-cognito-identity-js').CognitoRefreshToken;
...
var token = new CognitoRefreshToken({ RefreshToken: refreshToken })
cognitoUser.refreshSession(token, (err, session) => { ... });

I saw it here: https://gist.github.com/kndt84/5be8e86a15468ed1c8fc3699429003ad

score 3 · Answer 2 · answered Sep 19 '19 at 13:11

working javascript module

var refreshToken = localStorage.getItem("refreshToken");
var token = new AmazonCognitoIdentity.CognitoRefreshToken({ RefreshToken: refreshToken })
cognitoUser.refreshSession(token, function (err, session) {
    console.log(err, session);
    var idToken = session.getIdToken().getJwtToken();
})

score 1 · Answer 3 · answered May 25 '17 at 13:16

1

Check for the answer in this other question, Danny Hoek posted a link to an example with Node.js for the refresh method, it may help you achieve that...

Sample code: how to refresh session of Cognito User Pools with Node.js and Express

answered May 25 '17 at 13:16

Dunos

189
2
13

score 0 · Answer 4 · answered May 22 '17 at 13:48

0

It is possible that refreshToken is not what you're expecting it to be. For example, if you attempt to call getToken() on a undefined value, it will produce this error.

Can you please post more of the code?

answered May 22 '17 at 13:48

David Kelley

193
1
10

So can you please elaborate how can I update IdToken after auto expire i.e. 1 hour? Should I re-login again programmatically? Is there any tut or documentation which can help me there? – Deep Kakkar May 22 '17 at 14:53
Refreshing tokens, either via the RefreshTokens api or the REFRESH_TOKENS(_AUTH) flow of InitiateAuth, is the way to do this. Per the github examples (https://github.com/aws/amazon-cognito-identity-js), try getSession to do this. – Jeff Bailey May 22 '17 at 15:36
Just updated my question with the code, can you please check? – Deep Kakkar May 22 '17 at 15:45
To be clear, you're getting the above error even when calling getSession? What behavior are you seeing when calling that? – Jeff Bailey May 22 '17 at 16:46
After getSession is called, 'session.getIdToken().getJwtToken()' should get you what you need. – Jeff Bailey May 22 '17 at 16:51
@DeepKakkar if this is still not working, perhaps try amending your code to store the refresh token inside your application separately to the library itself, immediately when the user authenticates. If this works, there may be a problem recalling the token from the library itself. – David Kelley May 23 '17 at 09:39

How to refresh the IdToken using refreshToken Value in AWS Cognito?

4 Answers4