Logout on refresh token expired - unclear when the token has expired

I had a question regarding how an expired refresh token should be handled. I set up my Okta API to have a limited refresh token with the idea that I could capture its expiration and log the user out gracefully.

I’m running a pkce app refresh tokens active.

Here are my access policy settings:

I’m checking the expiration of the access tokens with this code:

const tokenManager = this.props.oktaAuth.tokenManager;
tokenManager.on('expired', async e => {
  if (e === 'accessToken') {
    await tokenManager.get('refreshToken');
    .then((token) => {
      let refrExpired= tokenManager.hasExpired(token);
      console.log(refrExpired);
    });
  }
});

Yet when the access token expiration triggers this listener it also says the the refresh token has expired via the hasExpired function. The listener itself never seems to trigger if the refresh token expires.

So does the refresh token also expire once the access token has been renewed? If so why doesn’t the listener trigger for that?

The question is whether or not I’m managing this in the correct manner and if I’m missing some other piece of the puzzle here.

Thanks!