How to refresh google+ auth token for S3 access

I have a cordova app that is using the cordova-plugin-googleplus to allow users to authenticate with their google+ account. The app also gives the user access to an S3 bucket to upload photos via the aws sdk. To make this happen we are using AWS Cognito with federated identities, which works pretty well.

The problem is that after 1 hour is no S3 activity, I start getting this error the next time the app tries to do an upload:

    "__type": "NotAuthorizedException",
    "message": "Invalid login token. Token expired: 1513206998 >= 1513197640"

Based on my research, the issue is that the google+ token is expiring and needs to be refreshed but I'm having trouble understanding how to do that. Note that this needs to be done in the background without the user knowing. It's not acceptable to ask the user to re-authenticate every hour.

Here is the login code:

window.plugins.googleplus.login(prams, obj => {
    let authData = {
        accessToken: obj.accessToken,
        idToken: obj.idToken

    localStorage.setItem('authData', authData);

Then we it's time to access the S3 bucket:

let authData = localStorage.getItem('authData');

AWS.config.credentials = new AWS.CognitoIdentityCredentials({
    IdentityPoolId: 'my-cognito-identity-pool-id',
    Logins: { '': authData.idToken };

AWS.config.region = 'us-west-2;

    .then(() => {
        let s3 = new AWS.S3();

        let params = {
            Bucket: 'my-bucket',
            Key: 'my-key',
            Body: imageBytes,
            ContentType: 'image/jpeg'


My understanding is that I need to look for the error listed above and refresh the google+ token if it occurs, but I'm not sure how that is done. I don't see support for that in the cordova-plugin-googleplus library. Do I have to make an http request myself? How does that work? Presumably I need to save the refresh token after login and use that somehow.