<div dir="ltr">Does it work if you disable "Revoke Refresh Token" in token settings? When that is off (default setting) there's no changes to the code.</div><div class="gmail_extra"><br><div class="gmail_quote">On 15 October 2015 at 21:20, Kamal Jagadevan <span dir="ltr"><<a href="mailto:j.kamal@ymail.com" target="_blank">j.kamal@ymail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div style="color:#000;background-color:#fff;font-family:times new roman,new york,times,serif;font-size:13px"><div>Hi Guys!!</div><div><br></div><div>I took latest master to verify the fix that Stian delivered to prevent usage of same refresh token.</div><div>My test code tries getting the access token + Refresh token through direct access grant but fails due to NullPointer exception.</div><div>Meanwhile I can continue to debug further, but wanted to share the observation to you guys... Will post further if I get any more details...<br></div><div><br></div><div>Environment details - I have user federation configured to LDAP and tried to login with a user in ldap.<br></div><div><br></div><div><br></div><div dir="ltr">Caused by: java.lang.NullPointerException<br> at org.keycloak.models.cache.infinispan.DefaultCacheUserProvider.removeUser(DefaultCacheUserProvider.java:272)<br> at org.keycloak.models.UserFederationManager.deleteInvalidUser(UserFederationManager.java:113)<br> at org.keycloak.models.UserFederationManager.validateAndProxyUser(UserFederationManager.java:135)<br> at org.keycloak.models.UserFederationManager.getUserById(UserFederationManager.java:163)<br> at org.keycloak.models.sessions.infinispan.ClientSessionAdapter.getAuthenticatedUser(ClientSessionAdapter.java:265)<br> at org.keycloak.authentication.DefaultAuthenticationFlow.processFlow(DefaultAuthenticationFlow.java:116)<br> at org.keycloak.authentication.AuthenticationProcessor.authenticateOnly(AuthenticationProcessor.java:724)<br> at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.buildResourceOwnerPasswordCredentialsGrant(TokenEndpoint.java:357)<br> at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.build(TokenEndpoint.java:110)<br> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)<br> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)<br> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)<br> at java.lang.reflect.Method.invoke(Method.java:606)<br> at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:137)<br> at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:296)<br> at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:250)<br> at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:140)<br> at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:109)<br> at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:135)<br> at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:103)<br> at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:356)<br></div><div><br></div></div></div><br>_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br></blockquote></div><br></div>