Skip to content

[Auth] fetchAuthSession({ forceRefresh: true }) returns old tokens after page reload #14589

New issue
New issue
Open
Open
[Auth] fetchAuthSession({ forceRefresh: true }) returns old tokens after page reload#14589
Labels
AuthRelated to Auth components/categoryquestionGeneral question
@ashishrawat-19

Description

@ashishrawat-19
ashishrawat-19
opened on Oct 7, 2025

Before opening, please confirm:

JavaScript Framework

Angular

Amplify APIs

Authentication

Amplify Version

v6

Amplify Categories

function

Backend

None

Environment information

# Put output below this line

Amplify Version: [email protected]
Platform: Web (Angular)
Authentication: Cognito User Pools (Basic Auth)

Describe the bug

Problem
I have an auto-refresh mechanism that calls fetchAuthSession({ forceRefresh: true }) every 15 seconds to get new tokens.
During initial session: Works perfectly - returns new tokens with updated exp values After page reload: Returns the same old tokens - no refresh occurs

Scenario
User logs in with signIn() → works fine
Auto-refresh calls fetchAuthSession({ forceRefresh: true }) → gets new tokens ✅

User reloads the page
Auto-refresh calls fetchAuthSession({ forceRefresh: true }) → gets { tokens: undefined, etc... }
I restore tokens from browser cookies and reconfigure Amplify
Auto-refresh calls fetchAuthSession({ forceRefresh: true }) → returns old tokens ❌ (generated before refresh)

What's the correct way to restore Cognito tokens after page reload so that fetchAuthSession({ forceRefresh: true }) continues to work?

Expected behavior

It should give me new tokens on calling fetchAuthSession({ forceRefresh: true })

Reproduction steps

Set up Angular app with AWS Amplify v6
Implement auto-refresh service that calls fetchAuthSession({ forceRefresh: true }) every 15 seconds
Steps to Reproduce
Initial Login
Start Auto-Refresh
Verify Initial Refresh Works
Wait 15 seconds
Observe console: New tokens with updated exp values ✅
fetchAuthSession({ forceRefresh: true }) returns fresh tokens
Reload Page
Manually reload the browser page
App reinitializes and restores tokens from cookies
Observe Broken Refresh
Wait 15 seconds for next auto-refresh cycle
Observe console: Same old tokens with unchanged exp values ❌
fetchAuthSession({ forceRefresh: true }) returns stale tokens

Code Snippet

// Put your code below this line.
startAutoRefresh(ms: number = 15000): void {
    if (this.refreshSub) return; // already running
    this.refreshSub = interval(ms).pipe(
      startWith(0), // fire immediately
      exhaustMap(() =>
        this.refreshToken().pipe(
          catchError(err => {
            console.error('Auto refresh error:', err);
            return EMPTY; // swallow to keep interval alive
          })
        )
      )
    ).subscribe();
  }

  refreshToken(): Observable<void> {
    return new Observable<void>((observer) => {
      this.authService
        .isSSOuser()
        .then(async () => {
          try {
            let session = await fetchAuthSession();
            if (!session.tokens) {
              const accessToken = this.authService.getAccessToken() ?? '';
              const idToken = this.authService.getIdToken() ?? '';
              if (accessToken && idToken) {
                this.environmentApiService.setConfiguration(
                  accessToken,
                  idToken
                );
              }
            }

            // Force refresh after (re)configuration
            session = await fetchAuthSession({ forceRefresh: true });

            // Log (optional – remove in production)
            if (session.tokens?.idToken) {
              console.log('ID Token Payload:', session.tokens.idToken.payload);
            }
            if (session.tokens?.accessToken) {
              console.log(
                'Access Token Payload:',
                session.tokens.accessToken.payload
              );
            }

            observer.next();
            observer.complete();
          } catch (err) {
            observer.error(err);
          }
        })
        .catch((err) => observer.error(err));
    });
  }

setConfiguration(access_token: string, id_token: string) {

    const tokenProvider: TokenProvider = {

      async getTokens() {

        return {

          accessToken: decodeJWT(access_token),

          idToken: decodeJWT(id_token),

        };

      },

    };



    const userDetails = decodeJWT(id_token);

    const authConfig = this.getAmplifyConfig(

      (userDetails as unknown as { payload: { aud: string } }).payload['aud']

    );



    Amplify.configure(

      { Auth: authConfig },

      { Auth: { tokenProvider: tokenProvider } }

    );



    cognitoUserPoolsTokenProvider.setKeyValueStorage(

      new CookieStorage({ domain: window.origin })

    );

  }

Log output

// Put your logs below this line

aws-exports.js

No response

Manual configuration

No response

Additional configuration

No response

Mobile Device

No response

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    AuthRelated to Auth components/categoryquestionGeneral question

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions