// access to the user's access token to be used wherever needed - may not need this at all.
public string GetAccessToken()
{
UserSessionCache userSessionCache = new UserSessionCache();
SaveDataManager.LoadJsonData(userSessionCache);
return(userSessionCache.getAccessToken());
}
public async Task <bool> RefreshSession()
{
Debug.Log("RefreshSession");
DateTime issued = DateTime.Now;
UserSessionCache userSessionCache = new UserSessionCache();
SaveDataManager.LoadJsonData(userSessionCache);
if (userSessionCache != null && userSessionCache._refreshToken != null && userSessionCache._refreshToken != "")
{
try
{
CognitoUserPool userPool = new CognitoUserPool(userPoolId, AppClientID, _provider);
// apparently the username field can be left blank for a token refresh request
CognitoUser user = new CognitoUser("", AppClientID, userPool, _provider);
// The "Refresh token expiration (days)" (Cognito->UserPool->General Settings->App clients->Show Details) is the
// amount of time since the last login that you can use the refresh token to get new tokens. After that period the refresh
// will fail Using DateTime.Now.AddHours(1) is a workaround for https://github.com/aws/aws-sdk-net-extensions-cognito/issues/24
user.SessionTokens = new CognitoUserSession(
userSessionCache.getIdToken(),
userSessionCache.getAccessToken(),
userSessionCache.getRefreshToken(),
issued,
DateTime.Now.AddDays(30)); // TODO: need to investigate further.
// It was my understanding that this should be set to when your refresh token expires...
// Attempt refresh token call
AuthFlowResponse authFlowResponse = await user.StartWithRefreshTokenAuthAsync(new InitiateRefreshTokenAuthRequest
{
AuthFlowType = AuthFlowType.REFRESH_TOKEN_AUTH
})
.ConfigureAwait(false);
// Debug.Log("User Access Token after refresh: " + token);
Debug.Log("User refresh token successfully updated!");
// update session cache
UserSessionCache userSessionCacheToUpdate = new UserSessionCache(
authFlowResponse.AuthenticationResult.IdToken,
authFlowResponse.AuthenticationResult.AccessToken,
authFlowResponse.AuthenticationResult.RefreshToken,
userSessionCache.getUserId());
SaveDataManager.SaveJsonData(userSessionCacheToUpdate);
// update credentials with the latest access token
_cognitoAWSCredentials = user.GetCognitoAWSCredentials(IdentityPool, Region);
_user = user;
return(true);
}
catch (NotAuthorizedException ne)
{
// https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html
// refresh tokens will expire - user must login manually every x days (see user pool -> app clients -> details)
Debug.Log("NotAuthorizedException: " + ne);
}
catch (WebException webEx)
{
// we get a web exception when we cant connect to aws - means we are offline
Debug.Log("WebException: " + webEx);
}
catch (Exception ex)
{
Debug.Log("Exception: " + ex);
}
}
return(false);
}