问题
I am facing an issue with Google signin that makes me question that Cognito can work at all in this configuration.
Basically, Google token have a 1 hour lifespan. This is intended to give you access to the Google API for one hour and then you should renew the token.
The issue is that Cognito uses this token with the same lifespan. So it means that after one hour Cognito Sync stops working (and I have not yet found a way to silently refresh the token or even check it is expired).
What bothers me is that I do not want to access Googke API, I just want to refresh my datasets with AWS Cognito Sync and it would not let me because of the Google token. It does not really make sense.
I do not even want to think about the mess it could be in poor network conditions (token is elapsed and cannot be refreshed because user does not have connectivity... user stuck with an usable app... user very unhappy...).
I am wondering why this has not been implemented with server side token (as in https://developers.google.com/identity/sign-in/android/offline-access). We would get the auth code from Google and then the Cognito servers would deal with the token itself.
I still hope that I am doing something wrong and that it is flawless, but I have run out of things ti try...
Any hint welcome, thanks in advance
JM
回答1:
Even if you do not have connectivity, Cognito Sync will store your data locally and sync when the network connection is available. This will prevent any loss of data because of network issues.
Regarding Google tokens, yes you have to refresh them and give Cognito a new one when the current AWS credentials on the device expire.
来源:https://stackoverflow.com/questions/35340510/aws-cognito-with-google-signin-fails-after-1-hour