I am using Amazon Cognito to login users and save a RefreshToken so they don't have to type their password after the initial setup. I need to be able to login with the RefreshToken and get a new RefreshToken to save for next time. However, when I call InitiateAuthAsync, it does not return the RefreshToken.
C#:
var refreshReq = new InitiateAuthRequest();
refreshReq.ClientId = _clientId;
refreshReq.AuthFlow = AuthFlowType.REFRESH_TOKEN_AUTH;
refreshReq.AuthParameters.Add("SECRET_HASH",
SecretHash(_clientId, _clientSecret, username));
refreshReq.AuthParameters.Add("REFRESH_TOKEN", refreshToken);
var clientResp = cognitoProvider.InitiateAuthAsync(refreshReq).Result;
Response:
{
"AuthenticationResult": {
"AccessToken": "<accessToken>",
"ExpiresIn": 3600,
"IdToken": "<idToken>",
"TokenType": "Bearer"
},
"ChallengeParameters": {}
}
And this is the response from the login with a working ResponseToken:
{
"AuthenticationResult": {
"AccessToken": "<accessToken>",
"ExpiresIn": 3600,
"IdToken": "<idToken>",
"RefreshToken": "<refreshToken>",
"TokenType": "Bearer"
},
"ChallengeParameters": {}
}
Apparently this is a bug in the AWS Cognito API. The docs say that InitiateAuth should return an updated RefreshToken, but it does not.