#ca_refresh_tokens!(refresh_token)
Authentication flow for refreshing the Access token and ID token by supplying a valid refresh token.
Also check this doc admin-initiate-auth method. Pay attention to description about REFRESH_TOKEN_AUTH authentication flow.
class UserExample
extend ::CognitoSyncService
end
result = UserExample.ca_refresh_tokens!(refresh_token)
Output
#<struct Aws::CognitoIdentityProvider::Types::AdminInitiateAuthResponse
challenge_name=nil,
session=nil,
challenge_parameters={},
authentication_result=
#<struct Aws::CognitoIdentityProvider::Types::AuthenticationResultType
access_token=
"eyJraWQiOiJ3T0RTTmYyTXRheDJPMTVOS2xMc1RoM1hoOXV6V3BBcEpMUk0K29BeDhRNmxzPSIsImFsZHN1U6fbXscuMGeogaR-",
expires_in=3600,
token_type="Bearer",
refresh_token=nil,
id_token=
"eyJraWQiOiJSejZRdXRPbXVlNk1vdEZpUm83M1lsTWeyJraWQiOiJ3T0RTTmYyTXRheDJPMTVOS2xMc1",
new_device_metadata=nil>>
Note:
If you need to retreive
access_token
orid_token
fromresult
you can simply call it by its keys like:
result.authentication_result.access_token
#=> "eyJraWQiOiJ3T0RTTmYyTXRheDJPMTVOS2xMc1RoM1hoOXV6V3BBcEpMUk0K29BeDhRNmxzPSIsImFsZHN1U6fbXscuMGeogaR-"
result.authentication_result.id_token
#=> "eyJraWQiOiJSejZRdXRPbXVlNk1vdEZpUm83M1lsTWeyJraWQiOiJ3T0RTTmYyTXRheDJPMTVOS2xMc1"
In this case
challenge_name
,session
andchallenge_parameters
returnnil
because of particular auth flow when Access token and ID token have been refreshed successfully.So when the caller does need to pass another challenge before it gets tokens,
challenge_name
,challenge_parameters
, andsession
are returned.
Error output
In case of passing invalid Refresh token you will get AWS error
UserExample.ca_refresh_tokens!('invalid_refresh_token')
#=> Aws::CognitoIdentityProvider::Errors::NotAuthorizedException: Invalid Refresh Token.