Hello Keycloak
Today I run into an issue [1] related to the fact that in Keycloak server, refresh tokens
are:
- renewed after each refresh token request. as described in second paragraph here
http://tools.ietf.org/html/rfc6749#section-10.4,
- expirable, which is more a surprise to me. (nothing like that in oauth2 spec)
So for iOS sdk we’ll need to adjust our logic in here [2] and cater to the fact that if
refresh token is expired we’ll need to go through grant ptopup again.
To get refresh token expriation date one way is ask to renew refresh and hit a 400,
"Refresh token expired” or decode refresh token as done in key cloak.js [3].
Thanks @mposolda for the links.
@summers @passos: I guess it’s something you’ll need to consider too for Android sdk.
++
Corinne
——————
AeroGear iOS tech lead
[1]
https://issues.jboss.org/browse/AGIOS-294
[2]
https://github.com/aerogear/aerogear-ios-oauth2/blob/master/AeroGearOAuth...
[3]
https://github.com/keycloak/keycloak/blob/master/integration/js/src/main/...,
https://github.com/keycloak/keycloak/blob/master/integration/js/src/main/...