[keycloak-user] gatekeeper - refresh access token on every access
Julien Goux
julien.goux at live.fr
Wed Sep 18 04:16:04 EDT 2019
Hello,
I'm using gatekeeper behind a nginx server.
Gatekeeper's logs are pretty obvious until my first access token expired (5 min lifetime). After this period, it seems that gatekeeper is refreshing the token on every access.
Here are the logs for *3 * accesses after the first access token has expired, I have the same log for every further access :
1.5687944022004497e+09 info accces token for user has expired, attemping to refresh the token {"client_ip": "127.0.0.1:40312", "email": "julien.goux at live.fr"}
1.5687944022271063e+09 info injecting the refreshed access token cookie {"client_ip": "127.0.0.1:40312", "cookie_name": "kc-access", "email": " julien.goux at live.fr ", "refresh_expires_in": 1800, "expires_in": 299.772897193}
1.5687944027145464e+09 info accces token for user has expired, attemping to refresh the token {"client_ip": "127.0.0.1:40318", "email": " julien.goux at live.fr "}
1.5687944027320542e+09 info injecting the refreshed access token cookie {"client_ip": "127.0.0.1:40318", "cookie_name": "kc-access", "email": " julien.goux at live.fr ", "refresh_expires_in": 1800, "expires_in": 299.26794899}
1.568794442552826e+09 info accces token for user has expired, attemping to refresh the token {"client_ip": "127.0.0.1:40328", "email": " julien.goux at live.fr "}
1.568794442570195e+09 info injecting the refreshed access token cookie {"client_ip": "127.0.0.1:40328", "cookie_name": "kc-access", "email": " julien.goux at live.fr ", "refresh_expires_in": 1800, "expires_in": 299.429808309}
Why does gatekeeper keeps refreshing the access token on every access instead of deliverying a new one for 5 min ?
Thanks for your help.
More information about the keycloak-user
mailing list