<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">The introspection specs has some
support for refresh tokens and our impl supports it too. You can
even provide
<meta http-equiv="content-type" content="text/html; charset=utf-8">
"token_type_hint" parameter and use either the value
"access_token" or "refresh_token" . <br>
<br>
The offline token is not directly supported, but I am personally
not seeing an issue for us to be a bit more "clever" and lookup
offline sessions instead of online sessions in case that type of
provided token is offline token?<br>
<br>
Marek<br>
<br>
On 07/06/16 09:17, Stian Thorgersen wrote:<br>
</div>
<blockquote
cite="mid:CAJgngAcPmKeKAxTvSzkYoFR58AHoRxEtdWjfCQ9akp2n2Hg_1g@mail.gmail.com"
type="cite">
<div dir="ltr">The token introspection endpoint is for access
tokens though, not refresh tokens and offline tokens. You should
introspect an access token retrieved using the offline token,
not the offline token itself.</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 7 June 2016 at 08:35, Marek Posolda
<span dir="ltr"><<a moz-do-not-send="true"
href="mailto:mposolda@redhat.com" target="_blank">mposolda@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hi,<br>
<br>
it seems that oauth2 token introspection specs doesn't
have any direct support for OIDC offline tokens. However
you can possibly create JIRA for it. Currently it seems
we consider token as valid just if there is "online"
valid userSession. In case of offlineToken, it should
check "offline" session instead. <br>
<br>
Marek
<div>
<div class="h5"><br>
<br>
On 06/06/16 19:12, Jorge M. wrote:<br>
</div>
</div>
</div>
<blockquote type="cite">
<div>
<div class="h5">
<div dir="ltr">
<div>Hi,<br>
<br>
I'm using the oauth2 token introspection feature
in order to validate and get info about tokens,
however I'm not being able to get info of
offline_tokens. Is that possible? Or does it
make sense?<br>
<br>
Thank you,<br>
</div>
JM<br>
</div>
<br>
<fieldset></fieldset>
<br>
</div>
</div>
<pre>_______________________________________________
keycloak-dev mailing list
<a moz-do-not-send="true" href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a>
<a moz-do-not-send="true" href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></pre>
</blockquote>
<br>
</div>
<br>
_______________________________________________<br>
keycloak-dev mailing list<br>
<a moz-do-not-send="true"
href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/keycloak-dev"
rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</body>
</html>