If a user is offline and their access token expires, but their refresh token is still valid (unexpired at last sync), the isSigned function for the session should return true. Currently it returns false.

[aneeshjoshi]

Before opening, please confirm:

• I have searched for duplicate or closed issues and discussions.

Language and Async Model

Kotlin - Coroutines

Amplify Categories

Authentication

Gradle script dependencies

// Put output below this line
    implementation("com.amplifyframework:aws-storage-s3:2.15.1")
    implementation("com.amplifyframework:aws-auth-cognito:2.15.1")
    implementation("com.amplifyframework:core-kotlin:2.15.1")

Environment information

# Put output below this line

Welcome to Gradle 8.1!

Here are the highlights of this release:
 - Stable configuration cache
 - Experimental Kotlin DSL assignment syntax
 - Building with Java 20

For more details see https://docs.gradle.org/8.1/release-notes.html


------------------------------------------------------------
Gradle 8.1
------------------------------------------------------------

Build time:   2023-04-12 12:07:45 UTC
Revision:     40ba32cde9d6daf2b92c39376d2758909dd6b813

Kotlin:       1.8.10
Groovy:       3.0.15
Ant:          Apache Ant(TM) version 1.10.11 compiled on July 10 2021
JVM:          21.0.1 (Oracle Corporation 21.0.1+12-29)
OS:           Mac OS X 14.2.1 aarch64

Please include any relevant guides or documentation you're referencing

https://docs.amplify.aws/flutter/build-a-backend/auth/accessing-credentials/

Describe the bug

If a user is offline and their access token expires, but their refresh token is still valid (unexpired at last sync), the isSigned function for the session should return true. Currently it returns false.

The behaviour should work similar to how the Amplify Flutter library resolved this in
aws-amplify/amplify-flutter#2585
to address Issue aws-amplify/amplify-flutter#2398

Alternatively, there should be a way for the api users to determine that the reason for the null access token. Currently the exception being thrown is aws.smithy.kotlin.runtime.http.HttpException: java.net.UnknownHostException and it's several layers deep within the error object

Reproduction steps (if applicable)

Setup a user pool client to have 7 min access & id token expiry and refresh token set to 60 days
Sign in to an android app app using that user pool client
Request the auth session on app launch, observe isSignedIn as true from the session retrieved
Set your device to Airplane Mode (no wifi or cell network)
Wait 8 mins, launch the app, observe isSignedIn as false from the session retrieved

Code Snippet

// Put your code below this line.

Log output

// Put your logs below this line

amplifyconfiguration.json

No response

GraphQL Schema

// Put your schema below this line

Additional information and screenshots

No response

[joon-won]

Thank you for your report. Our team will take a look into the issue

[vincetran]

Hi @aneeshjoshi, I'll be taking a look at this issue starting today. Will keep you updated as I dig further into the auth code and the Flutter issue (thanks for linking that!)

[sami-khleaf]

We've had this issue in out apps since we're using the latest versions of amplifys frequent updates,
We had to fix it somehow so we logged out the user from the app before every login unconditionally since the fetch session give faulty info about the user being signed in or not.

Hope this gets fixed soon 🙏

[tylerjroach]

Hi @sami-khleaf,

I'm working on a fix now.

I'll update the ticket with progress as I have updates.

[tylerjroach]

I wanted to provide a quick update that the fix is being worked on here: #2830. It isn't quite ready yet, as we are still working through some edge cases that need to be properly handled. I'll update the ticket when the fix is merged and released.

[sami-khleaf]

@tylerjroach thank you , any updates?