How to use Amazon Cognito Logout endpoint?

I am using AWS Cognito in my application.

While doing logout i am calling the Logout Endpoint.

But after doing logout, I am still able to generate the id-tokens using the old refresh token.

It means my logout endpoint is not working any more. I am saving the tokens in my local storage, And while doing the logout i am clearing the store manually.

My Question is: How to properly use the logout mechanism of AWS Cognito?

I'm not sure which framework you are using, but I'm using Angular. Unfortunately there are different ways of using AWS Cognito and the documentation is not clear. Here is my implementation of the Authentication Service (using Angular):

- Note 1 - With using this sign in method - once you redirect the user to the logout url - the localhost refreshes automatically and the token gets deleted.

- Note 2 - You can also do it manually by calling: this.userPool.getCurrentUser().signOut()

import { Injectable } from '@angular/core'
import { CognitoUserPool, ICognitoUserPoolData, CognitoUser } from 'amazon-cognito-identity-js'
import { CognitoAuth } from 'amazon-cognito-auth-js'
import { Router } from '@angular/router'

const COGNITO_CONFIGS: ICognitoUserPoolData = {
  UserPoolId: '{INSERT YOUR USER POOL ID}',
  ClientId: '{INSERT YOUR CLIENT ID}',
}

@Injectable()
export class CognitoService {

  userPool: CognitoUserPool
  constructor(
    private router: Router
  ) {
    this.createAuth()
  }

  createAuth(): void {
    // Configuration for Auth instance.
    const  authData = {
      UserPoolId: COGNITO_CONFIGS.UserPoolId,
      ClientId: COGNITO_CONFIGS.ClientId,
      RedirectUriSignIn : '{INSERT YOUR COGNITO REDIRECT URI}',
      RedirectUriSignOut : '{INSERT YOUR COGNITO SIGNOUT URI}',
      AppWebDomain : '{INSERT YOUR AMAZON COGNITO DOMAIN}',
      TokenScopesArray: ['email']
    }

    const  auth: CognitoAuth = new CognitoAuth(authData)
    // Callbacks, you must declare, but can be empty.
    auth.userhandler = {
      onSuccess: function(result) {
      },
      onFailure: function(err) {
      }
    }

    // Provide the url and parseCognitoWebResponse handles parsing it for us.
    const curUrl = window.location.href
    auth.parseCognitoWebResponse(curUrl)
  }

  /**
   * Check's if the user is authenticated - used by the Guard.
   */
  authenticated(): CognitoUser | null {
    this.userPool = new CognitoUserPool(COGNITO_CONFIGS)
    // behind the scene getCurrentUser looks for the user on the local storage.
    return this.userPool.getCurrentUser()
  }

  logout(): void {
    this.router.navigate(['/logout'])
  }

}