check_token() renew after access_token expired does not work

[humanborg]

u = Cognito(pool_id, client_id, username=username, access_token=access_token, refresh_token=refresh_token)
u.check_token()

This throws 'NotAuthorizedException', when access_token expired.

Per documentation: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html, using refresh_token (default 30 days after user authenticate) is valid we should be able to refresh the id and access_token.

[Immortalin]

@bjinwright any progress on this? Or is there any workarounds?

[Zuiluj]

Might be connected with the request that must be signed, although this does not require signed credentials. I'm looking into it right now. For the time being, try making the client request unsigned.

[rednap]

we're not getting new ID and auth tokens after an hour, looking here:
https://github.com/capless/warrant/blob/master/warrant/__init__.py#L546

the authflow warrant is using is "REFRESH_TOKEN".

from aws docs:
To use the refresh token to get new ID and access tokens with the user pool API, use the AdminInitiateAuth or InitiateAuth methods. Pass REFRESH_TOKEN_AUTH for the AuthFlow parameter.

happy to do a pull request if this is indeed an issue.
cheers,

[rednap]

anyone reading this? Please regard my PR?