Auth0 Home Blog Docs

.renew doesn't work properly

auth0
refresh-tokens
access-token
ios
swift

#1

Versions to reproduce this bug:

pod 'Auth0', '~> 1.9.0'
pod 'Lock', '~> 2.4.0'

I’m having some troubles trying to get a new access token from a refresh token.
I’m using a native app with swift 4.

LoginController looks like

func checkAccessToken() {
        SessionManager.shared.refreshToken { error in
            DispatchQueue.main.async {
                guard error == nil else {
                    print("Failed to renew credentials: \(String(describing: error))")
                    return self.showLock()
                }
                SessionManager.shared.retrieveProfile { error in
                    DispatchQueue.main.async {
                        guard error == nil else {
                            print("Failed to retrieve profile: \(String(describing: error))")
                            return self.showLock()
                        }
                        self.performSegue(withIdentifier: "HomeView", sender: nil)
                    }
                }
            }
        }
    }

SessionManager looks like:

func refreshToken(_ callback: @escaping (Error?) -> ()) {
        guard let refreshToken = self.keychain.string(forKey: self.keyRefresh) else {
            return callback(SessionManagerError.noRefreshToken)
        }

        Auth0
            .authentication()
            .renew(withRefreshToken: refreshToken)
            .start { result in
                switch (result) {
                case .success(let credentials):
                    self.storeTokens(credentials.accessToken)
                    callback(nil)
                case .failure(let error):
                    self.logout()
                    callback(error)
                }
            }
    }

and retrieveProfile:

func retrieveProfile(_ callback: @escaping (Error?) -> ()) {
    guard let accessToken = self.keychain.string(forKey: self.keyAccessToken) else {
        return callback(SessionManagerError.noAccessToken)
    }

    Auth0
        .authentication()
        .userInfo(token: accessToken)
        .start { result in
            switch(result) {
            case .success(let profile):
                self.profile = profile
                callback(nil)
            case .failure(let error):
                callback(error)
            }
    }
}

The refreshToken returns true. So, in theory, access token is new.
Then I’m trying to retrieve profile again with the new access token and the result of RetrieveProfile is an error with:

Failed to retrieve profile: Optional({"sub":"****","email":"*****@gmail.com","email_verified":true})
Status Code is 0