What does Amplify's fetchAuthSession function throws when the refresh token expires and is unable to refresh access token and id token?


I'm using Amplify Auth V6, and I'm somewhere confused with the following:

After the official Amplify V6 documentation, the fetchAuthSession function retrieves the tokens from the chosen storage for the currently authenticated user, and if they are expired it uses the refresh token in order to bring brand new tokens. When the refresh token expires the documentation does not specify which error is thrown when that happens, or if in that case no error will be thrown.

The example from the docs:

  try {
    const { accessToken, idToken } = (await fetchAuthSession()).tokens ?? {};
  } catch (err) {

If they're wrapping the function call around a try block and expecting an error to be thrown, but they're also expecting the tokens prop to be undefined then how readers will know how to handle that specific case in code?

I've searched for the function's source code and found this

	 * Fetch the auth tokens, and the temporary AWS credentials and identity if they are configured. By default it
	 * does not refresh the auth tokens or credentials if they are loaded in storage already. You can force a refresh
	 * with `{ forceRefresh: true }` input.
	 * @param options - Options configuring the fetch behavior.
	 * @returns Promise of current auth session {@link AuthSession}.
	async fetchAuthSession(
		options: FetchAuthSessionOptions = {},
	): Promise<AuthSession> {
		let credentialsAndIdentityId: CredentialsAndIdentityId | undefined;
		let userSub: string | undefined;

		// Get tokens will throw if session cannot be refreshed (network or service error) or return null if not available
		const tokens = await this.getTokens(options);

		if (tokens) {
			userSub = tokens.accessToken?.payload?.sub;

			// getCredentialsAndIdentityId will throw if cannot get credentials (network or service error)
			credentialsAndIdentityId =
				await this.authOptions?.credentialsProvider?.getCredentialsAndIdentityId(
						authConfig: this.authConfig,
						authenticated: true,
						forceRefresh: options.forceRefresh,
		} else {
			// getCredentialsAndIdentityId will throw if cannot get credentials (network or service error)
			credentialsAndIdentityId =
				await this.authOptions?.credentialsProvider?.getCredentialsAndIdentityId(
						authConfig: this.authConfig,
						authenticated: false,
						forceRefresh: options.forceRefresh,

		return {
			credentials: credentialsAndIdentityId?.credentials,
			identityId: credentialsAndIdentityId?.identityId,

But for me it stills unclear, I will be very grateful if someone is able to answer my question :)

gefragt vor einem Monat121 Aufrufe
Keine Antworten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen