Code flow and automatic refresh token

I have been banging my head against this for many hours now and would appreciate some direction.

The setup:

• issuer: IdentityServer4
• client: Angular9 app
• back end API: many containerized, mostly .NET webapi core

Config excerpt:

responseType: 'code',
scope: 'openid profile email roles offline_access [...some more private]',

configure method:

private configure() {
    this.oauthService.configure(authConfig);
    this.oauthService.tokenValidationHandler = new JwksValidationHandler();
    this.oauthService.loadDiscoveryDocumentAndTryLogin();
    this.oauthService.setupAutomaticSilentRefresh();
  }

Problem

Using code flow and not a problem to login with a user and to actually enforce the authorization both in client and back end by roles.

However, refreshing the token fails always and the behavior is ‘strange’ in my opinion. The client tries refreshing with two different refresh tokens consecutively and I receive two responses (see debugging log):

refresh tokenResponse
angular-oauth2-oidc.js:761
Object {id_token: "eyJhbGciOiJSUzI1NiIsImtpZCI6IlV4NE5tOXhBQ0JyNVE0N2…", access_token: "eyJhbGciOiJSUzI1NiIsImtpZCI6IlV4NE5tOXhBQ0JyNVE0N2…", expires_in: 3600, token_type: "Bearer", refresh_token: "SOcPcu1GPcuM08Y1B1udzo3NJKYV4KLBhoqdUmfDWvo", …}
angular-oauth2-oidc.js:761
refresh tokenResponse
angular-oauth2-oidc.js:761
Object {id_token: "eyJhbGciOiJSUzI1NiIsImtpZCI6IlV4NE5tOXhBQ0JyNVE0N2…", access_token: "eyJhbGciOiJSUzI1NiIsImtpZCI6IlV4NE5tOXhBQ0JyNVE0N2…", expires_in: 3600, token_type: "Bearer", refresh_token: "iucZ4iJPKKXMx23zNUqbxEhontiPIXVTJHDf7aOW-5g", …}

The idtoken and the accesstoken are similar but the refresh is not. These request are sent one after the other (straight).

Then, I get two failures in a row:

Failed to load resource: the server responded with a status of 400 (Bad Request) [....omitted...]
Error performing password flow
angular-oauth2-oidc.js:1358
HttpErrorResponse {headers: HttpHeaders, status: 400, statusText: "Bad Request", url: "...omitted...", ok: false, …}
angular-oauth2-oidc.js:1358
Automatic silent refresh did not work
angular-oauth2-oidc.js:761
Failed to load resource: the server responded with a status of 400 (Bad Request) [...omitted...]
Error performing password flow
angular-oauth2-oidc.js:1358
HttpErrorResponse {headers: HttpHeaders, status: 400, statusText: "Bad Request", url: "....omitted...", ok: false, …}
angular-oauth2-oidc.js:1358
Automatic silent refresh did not work

Note the error ‘Error performing password flow’, which I am not sure is just a funny in the loging or it is actually trying a password flow… because IdentityServer4 is not complaining about the password flow but about the token not existing…

[2020-02-15T13:28:43.2741552+00:00][DBUG][31][IdentityServer4.EntityFramework.Stores.PersistedGrantStore] "zeIPcnCv0o9OAQ8bBK8J0YHKnX5I9JG8lDpRAPwSPyw=" found in database: False
[2020-02-15T13:28:43.2742509+00:00][DBUG][31][IdentityServer4.Stores.DefaultRefreshTokenStore] "refresh_token" grant with value: "iucZ4iJPKKXMx23zNUqbxEhontiPIXVTJHDf7aOW-5g" not found in store.
[2020-02-15T13:28:43.2743632+00:00][WARN][31][IdentityServer4.Validation.TokenValidator] Invalid refresh token
[2020-02-15T13:28:43.2747049+00:00][WARN][31][IdentityServer4.Validation.TokenRequestValidator] Refresh token validation failed. 

Which I believe it is in the db.

Finally, at some point, the client will not be able to access the back end with the error ’ Token expired’

However, the client is still working fine with the user logged in. If I logout and login again, or simply send a login again (without actually logout), I will have access to the back end again since my new token is fresh.

Please, any advice or lead for me to be able to progress?