we are using AppAuth as a framework to communicate with our OAuth Server. While logging in or making a token refresh the completion handler sometimes returns with an -1005 network connection lost error. The following line in the AppAuth framework is responsible for this error: https://github.com/openid/AppAuth-iOS/blob/master/Source/AppAuthCore/OIDAuthorizationService.m#L449.
In a network proxy debugger we see that the OAuth server responds with HTTP Status code 200 but the response body is cut off (the json payload containing the JWT is only partly available, something like { "id-token": "137548 (Note the missing ending quote and curly brace. When this happens on a token refresh our OAuth server invalidates the old token because the server thinks the response was working correctly (HTTP status code 200). The next token refresh then fails because we request a token refresh with an already invalidated token and ultimately log the user out. We cannot reproduce this behavior consistently but found it to happen relatively often even when the network connection seems to be great (WLAN, LTE etc.).
We managed to capture a tcpdump while this happened which I attached in my comment below. Is there anything in there you see which might explain this behavior? This is a really serious issue for us.
I am not really an expert on this low level network stuff but looking at the tcpdump it seems to me that the client (10.131.189.183) sends the TCP RST packet to the server (35.201.94.164) closing the connection (Packet no. 6247).
Update: I also added the export from the network debugger as log.txt. There you can see the request + response in the error case.