diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Actions/FetchAuthorizationSession/InformSessionError.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Actions/FetchAuthorizationSession/InformSessionError.swift index ebf8b7a72f..94d99df1c6 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Actions/FetchAuthorizationSession/InformSessionError.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Actions/FetchAuthorizationSession/InformSessionError.swift @@ -21,7 +21,7 @@ struct InformSessionError: Action { logVerbose("\(#fileID) Starting execution", environment: environment) let event: AuthorizationEvent = switch error { case .service(let serviceError): - if isNotAuthorizedError(serviceError) { + if serviceError is AWSCognitoIdentityProvider.NotAuthorizedException { .init(eventType: .throwError( .sessionExpired(error: serviceError))) } else { @@ -34,11 +34,6 @@ struct InformSessionError: Action { logVerbose("\(#fileID) Sending event \(event.type)", environment: environment) await dispatcher.send(event) } - - func isNotAuthorizedError(_ error: Error) -> Bool { - error is AWSCognitoIdentity.NotAuthorizedException - || error is AWSCognitoIdentityProvider.NotAuthorizedException - } } extension InformSessionError: DefaultLogger { diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Support/Helpers/AuthCognitoTokens+Validation.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Support/Helpers/AuthCognitoTokens+Validation.swift index 2879bc27d1..7ee0aea0c2 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Support/Helpers/AuthCognitoTokens+Validation.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/Support/Helpers/AuthCognitoTokens+Validation.swift @@ -13,18 +13,19 @@ extension AWSCognitoUserPoolTokens { func doesExpire(in seconds: TimeInterval = 0) -> Bool { - let currentTime = Date(timeIntervalSinceNow: seconds) guard let idTokenClaims = try? AWSAuthService().getTokenClaims(tokenString: idToken).get(), let accessTokenClaims = try? AWSAuthService().getTokenClaims(tokenString: accessToken).get(), let idTokenExpiration = idTokenClaims["exp"]?.doubleValue, let accessTokenExpiration = accessTokenClaims["exp"]?.doubleValue else { - return currentTime > expiration + // If token parsing fails, return as expired, to just force refresh + return true } let idTokenExpiry = Date(timeIntervalSince1970: idTokenExpiration) let accessTokenExpiry = Date(timeIntervalSince1970: accessTokenExpiration) + let currentTime = Date(timeIntervalSinceNow: seconds) return currentTime > idTokenExpiry || currentTime > accessTokenExpiry } diff --git a/AmplifyPlugins/Auth/Tests/AWSCognitoAuthPluginUnitTests/TaskTests/ClientBehaviorTests/AuthenticationProviderDeleteUserTests.swift b/AmplifyPlugins/Auth/Tests/AWSCognitoAuthPluginUnitTests/TaskTests/ClientBehaviorTests/AuthenticationProviderDeleteUserTests.swift index 54b067ebfe..b47f9f8499 100644 --- a/AmplifyPlugins/Auth/Tests/AWSCognitoAuthPluginUnitTests/TaskTests/ClientBehaviorTests/AuthenticationProviderDeleteUserTests.swift +++ b/AmplifyPlugins/Auth/Tests/AWSCognitoAuthPluginUnitTests/TaskTests/ClientBehaviorTests/AuthenticationProviderDeleteUserTests.swift @@ -141,7 +141,17 @@ class AuthenticationProviderDeleteUserTests: BasePluginTest { mockIdentityProvider = MockIdentityProvider( mockRevokeTokenResponse: { _ in RevokeTokenOutput() - }, mockGlobalSignOutResponse: { _ in + }, + mockGetTokensFromRefreshTokenResponse: { _ in + return GetTokensFromRefreshTokenOutput( + authenticationResult: .init( + accessToken: "accessTokenNew", + expiresIn: 100, + idToken: "idTokenNew", + refreshToken: "refreshTokenNew" + )) + }, + mockGlobalSignOutResponse: { _ in GlobalSignOutOutput() }, mockDeleteUserOutput: { _ in