Last active
December 7, 2024 14:42
-
-
Save heridev/a5287e9c91e105ac3f8d4700c2a5cc99 to your computer and use it in GitHub Desktop.
Revisions
-
heridev revised this gist
Dec 7, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -5,7 +5,7 @@ Within the Cognito User Pool configure that to be 5 minutes(300 seconds) and bot 2. Go to your user pool and then `App integration`. 3. Scroll down to App clients(probably your web client) and click edit #### NOTE: Make the update for any App clients you see in your user pool, in my case it was for the app client and web client  -
Dec 7, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,4 @@ ### First of all you need to change the expiration for access Token and ID token Within the Cognito User Pool configure that to be 5 minutes(300 seconds) and both values should match, this way you can make the test faster than waiting for the default 1 hour expiration. 1. Open your AWS Cognito console. -
Nov 14, 2024 . No changes.There are no files selected for viewing
-
Nov 14, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -5,7 +5,7 @@ Within the Cognito User Pool configure that to be 5 minutes(300 seconds) and bot 2. Go to your user pool and then `App integration`. 3. Scroll down to App clients(probably your web client) and click edit #### NOTE: Do the update for any App clients you see in your user pool, in my case it was for the app client and web client  -
Nov 14, 2024 . 1 changed file with 14 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,3 +1,17 @@ ### First of all you need to change the the expiration for access Token and ID token Within the Cognito User Pool configure that to be 5 minutes(300 seconds) and both values should match, this way you can make the test faster than waiting for the default 1 hour expiration. 1. Open your AWS Cognito console. 2. Go to your user pool and then `App integration`. 3. Scroll down to App clients(probably your web client) and click edit NOTE: Do the update for any App clients you see in your user pool, in my case it was for the app client and web client  Then you can try some of these scripts > Trying a sequence to validate behavior ```js // Run this sequence to test -
Nov 14, 2024 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,125 @@ > Trying a sequence to validate behavior ```js // Run this sequence to test const testSequence = async () => { // Get initial token const session1 = await fetchAuthSession(); const token1 = session1.tokens?.accessToken?.toString(); // Wait 5.5 minutes await new Promise(r => setTimeout(r, 5.5 * 60 * 1000)); // Get token again const session2 = await fetchAuthSession(); const token2 = session2.tokens?.accessToken?.toString(); // Compare tokens console.log('Tokens are identical:', token1 === token2); // Try an API call await testApiCall(); }; ``` > Another script to try ```js import { fetchAuthSession } from 'aws-amplify/auth'; import { Hub } from 'aws-amplify/utils'; // Utility to decode JWT token const decodeToken = (token) => { try { const base64Url = token.split('.')[1]; const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/'); return JSON.parse(window.atob(base64)); } catch (error) { console.error('Error decoding token:', error); return null; } }; // Function to monitor token refresh behavior const monitorTokenRefresh = async () => { // Setup Hub listener for auth events Hub.listen('auth', ({ payload }) => { console.log('Auth Event:', payload.event); if (payload.event === 'tokenRefresh') { console.log('Token refresh detected through Hub event'); } }); try { // Get initial session console.log('Getting initial session...'); const initialSession = await fetchAuthSession(); const initialToken = initialSession.tokens?.accessToken?.toString(); const initialDecoded = decodeToken(initialToken); console.log('Initial token exp:', new Date(initialDecoded.exp * 1000).toISOString()); console.log('Initial token iat:', new Date(initialDecoded.iat * 1000).toISOString()); // Wait for 6 minutes (assuming 5-minute expiration) console.log('Waiting for 6 minutes...'); await new Promise(resolve => setTimeout(resolve, 6 * 60 * 1000)); // Get session again without force refresh console.log('Getting session after delay (without force refresh)...'); const laterSession = await fetchAuthSession(); const laterToken = laterSession.tokens?.accessToken?.toString(); const laterDecoded = decodeToken(laterToken); console.log('Later token exp:', new Date(laterDecoded.exp * 1000).toISOString()); console.log('Later token iat:', new Date(laterDecoded.iat * 1000).toISOString()); // Compare tokens console.log('Tokens are the same:', initialToken === laterToken); // Try with force refresh console.log('Getting session with force refresh...'); const forcedSession = await fetchAuthSession({ forceRefresh: true }); const forcedToken = forcedSession.tokens?.accessToken?.toString(); const forcedDecoded = decodeToken(forcedToken); console.log('Forced token exp:', new Date(forcedDecoded.exp * 1000).toISOString()); console.log('Forced token iat:', new Date(forcedDecoded.iat * 1000).toISOString()); // Compare with forced refresh token console.log('Forced token is different from initial:', initialToken !== forcedToken); console.log('Forced token is different from later:', laterToken !== forcedToken); } catch (error) { console.error('Error during token monitoring:', error); } }; // Example usage in a React component const TokenTestComponent = () => { useEffect(() => { monitorTokenRefresh(); }, []); return <div>Check console for token refresh monitoring</div>; }; // Use this function to make an API call and check token behavior const testApiCall = async () => { try { const session = await fetchAuthSession(); const token = session.tokens?.accessToken?.toString(); const decoded = decodeToken(token); console.log('Token used for API call:'); console.log('Expiration:', new Date(decoded.exp * 1000).toISOString()); console.log('Issued at:', new Date(decoded.iat * 1000).toISOString()); // Make your API call here const response = await fetch('your-api-endpoint', { headers: { Authorization: `Bearer ${token}` } }); return response; } catch (error) { console.error('API call error:', error); throw error; } }; ```