2 p.m.
Hi all.
I am using the admin REST api to obtain an access token using curl:
curl --insecure -i --request POST
https://127.0.0.1:8666/auth/realms/master/protocol/openid-connect/token
--header 'Accept: application/json' --header 'Content-Type:
application/x-www-form-urlencoded' --data
'grant_type=password&username=admin&password=admin&client_id=admin-cli'
The problem is after my standalone Keycloak running for a while (in between
I keep curling access token), I can not get token anymore. The out put of
curl is:
{"error":"invalid_grant","error_description":"Invalid
user credentials"}%
From TRACE level log, I read the following:
2018-08-16 14:42:23,438 DEBUG
[org.keycloak.transaction.JtaTransactionWrapper] (default task-3) new
JtaTransactionWrapper
2018-08-16 14:42:23,439 DEBUG
[org.keycloak.transaction.JtaTransactionWrapper] (default task-3) was
existing? false
2018-08-16 14:42:23,454 TRACE
[org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory] (default
task-3) Create JpaConnectionProvider
2018-08-16 14:42:23,457 TRACE
[org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-3)
by id cache hit: master
2018-08-16 14:42:23,495 DEBUG
[org.keycloak.authentication.AuthenticationProcessor] (default task-3)
AUTHENTICATE CLIENT
2018-08-16 14:42:23,497 TRACE
[org.keycloak.authentication.ClientAuthenticationFlow] (default task-3)
Using executions for client authentication:
[33858fd1-64d3-42ae-8713-7a98e7e83700,
63bca01e-0342-4150-9b9c-7e7ceaeda8c6, 9b46d8e9-0331-4554-8d84-0ad8d5944b3e]
2018-08-16 14:42:23,497 DEBUG
[org.keycloak.authentication.ClientAuthenticationFlow] (default task-3)
client authenticator: client-secret
2018-08-16 14:42:23,510 TRACE
[org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-3)
adding client by name cache miss: admin-cli
2018-08-16 14:42:23,515 TRACE
[org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-3)
client by id cache hit: admin-cli
2018-08-16 14:42:23,516 DEBUG
[org.keycloak.authentication.ClientAuthenticationFlow] (default task-3)
client authenticator SUCCESS: client-secret
2018-08-16 14:42:23,517 DEBUG
[org.keycloak.authentication.ClientAuthenticationFlow] (default task-3)
Client admin-cli authenticated by client-secret
2018-08-16 14:42:23,519 DEBUG
[org.keycloak.models.sessions.infinispan.InfinispanAuthenticationSessionProviderFactory]
(default task-3) [null] Registered cluster listeners
2018-08-16 14:42:23,523 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanKeycloakTransaction]
(default task-3) Adding cache operation: ADD on
d43ccba6-2640-48a6-9c21-0f777b2fd972
2018-08-16 14:42:23,527 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanKeycloakTransaction]
(default task-3) Adding cache operation: REPLACE on
d43ccba6-2640-48a6-9c21-0f777b2fd972
2018-08-16 14:42:23,528 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanKeycloakTransaction]
(default task-3) Adding cache operation: REPLACE on
d43ccba6-2640-48a6-9c21-0f777b2fd972
2018-08-16 14:42:23,528 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanKeycloakTransaction]
(default task-3) Adding cache operation: REPLACE on
d43ccba6-2640-48a6-9c21-0f777b2fd972
2018-08-16 14:42:23,529 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanKeycloakTransaction]
(default task-3) Adding cache operation: REPLACE on
d43ccba6-2640-48a6-9c21-0f777b2fd972
2018-08-16 14:42:23,529 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanKeycloakTransaction]
(default task-3) Adding cache operation: REPLACE on
d43ccba6-2640-48a6-9c21-0f777b2fd972
2018-08-16 14:42:23,530 TRACE
[org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-3)
client by id cache hit: admin-cli
2018-08-16 14:42:23,530 DEBUG
[org.keycloak.authentication.AuthenticationProcessor] (default task-3)
AUTHENTICATE ONLY
2018-08-16 14:42:23,532 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanKeycloakTransaction]
(default task-3) Adding cache operation: REPLACE on
d43ccba6-2640-48a6-9c21-0f777b2fd972
2018-08-16 14:42:23,533 TRACE
[org.keycloak.models.cache.infinispan.RealmCacheSession] (default task-3)
client by id cache hit: admin-cli
2018-08-16 14:42:23,534 DEBUG
[org.keycloak.authentication.DefaultAuthenticationFlow] (default task-3)
processFlow
2018-08-16 14:42:23,534 DEBUG
[org.keycloak.authentication.DefaultAuthenticationFlow] (default task-3)
check execution: direct-grant-validate-username requirement: REQUIRED
2018-08-16 14:42:23,534 DEBUG
[org.keycloak.authentication.DefaultAuthenticationFlow] (default task-3)
authenticator: direct-grant-validate-username
2018-08-16 14:42:23,534 DEBUG
[org.keycloak.authentication.DefaultAuthenticationFlow] (default task-3)
invoke authenticator.authenticate: direct-grant-validate-username
2018-08-16 14:42:23,535 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanKeycloakTransaction]
(default task-3) Adding cache operation: REPLACE on
d43ccba6-2640-48a6-9c21-0f777b2fd972
2018-08-16 14:42:23,535 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
getUserByUsername: admin
2018-08-16 14:42:23,535 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
query null
2018-08-16 14:42:23,583 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanKeycloakTransaction]
(default task-3) Adding cache operation: REPLACE on
d43ccba6-2640-48a6-9c21-0f777b2fd972
2018-08-16 14:42:23,583 DEBUG
[org.keycloak.authentication.DefaultAuthenticationFlow] (default task-3)
authenticator SUCCESS: direct-grant-validate-username
2018-08-16 14:42:23,584 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanKeycloakTransaction]
(default task-3) Adding cache operation: REPLACE on
d43ccba6-2640-48a6-9c21-0f777b2fd972
2018-08-16 14:42:23,584 DEBUG
[org.keycloak.authentication.DefaultAuthenticationFlow] (default task-3)
check execution: direct-grant-validate-password requirement: REQUIRED
2018-08-16 14:42:23,584 DEBUG
[org.keycloak.authentication.DefaultAuthenticationFlow] (default task-3)
authenticator: direct-grant-validate-password
2018-08-16 14:42:23,584 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
getuserById b0942806-9744-4571-9216-d9fb57bd9d2f
2018-08-16 14:42:23,584 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
return managedusers
2018-08-16 14:42:23,584 DEBUG
[org.keycloak.authentication.DefaultAuthenticationFlow] (default task-3)
invoke authenticator.authenticate: direct-grant-validate-password
2018-08-16 14:42:23,584 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
getuserById b0942806-9744-4571-9216-d9fb57bd9d2f
2018-08-16 14:42:23,584 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
return managedusers
2018-08-16 14:42:24,010 DEBUG
[org.keycloak.authentication.DefaultAuthenticationFlow] (default task-3)
authenticator SUCCESS: direct-grant-validate-password
2018-08-16 14:42:24,010 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanKeycloakTransaction]
(default task-3) Adding cache operation: REPLACE on
d43ccba6-2640-48a6-9c21-0f777b2fd972
2018-08-16 14:42:24,010 DEBUG
[org.keycloak.authentication.DefaultAuthenticationFlow] (default task-3)
check execution: direct-grant-validate-otp requirement: OPTIONAL
2018-08-16 14:42:24,010 DEBUG
[org.keycloak.authentication.DefaultAuthenticationFlow] (default task-3)
authenticator: direct-grant-validate-otp
2018-08-16 14:42:24,010 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
getuserById b0942806-9744-4571-9216-d9fb57bd9d2f
2018-08-16 14:42:24,010 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
return managedusers
2018-08-16 14:42:24,010 DEBUG
[org.keycloak.authentication.DefaultAuthenticationFlow] (default task-3)
invoke authenticator.authenticate: direct-grant-validate-otp
2018-08-16 14:42:24,010 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
getuserById b0942806-9744-4571-9216-d9fb57bd9d2f
2018-08-16 14:42:24,010 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
return managedusers
2018-08-16 14:42:24,010 DEBUG
[org.keycloak.authentication.DefaultAuthenticationFlow] (default task-3)
authenticator ATTEMPTED: direct-grant-validate-otp
2018-08-16 14:42:24,010 TRACE
[org.keycloak.models.sessions.infinispan.InfinispanKeycloakTransaction]
(default task-3) Adding cache operation: REPLACE on
d43ccba6-2640-48a6-9c21-0f777b2fd972
2018-08-16 14:42:24,010 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
getuserById b0942806-9744-4571-9216-d9fb57bd9d2f
2018-08-16 14:42:24,010 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
return managedusers
2018-08-16 14:42:24,010 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
getuserById b0942806-9744-4571-9216-d9fb57bd9d2f
2018-08-16 14:42:24,010 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
return managedusers
2018-08-16 14:42:24,014 DEBUG
[org.keycloak.authentication.requiredactions.VerifyEmail] (default task-3)
User is required to verify email
2018-08-16 14:42:24,014 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
getuserById b0942806-9744-4571-9216-d9fb57bd9d2f
2018-08-16 14:42:24,015 TRACE
[org.keycloak.models.cache.infinispan.UserCacheSession] (default task-3)
registered for invalidation return delegate
2018-08-16 14:42:24,017 TRACE [org.keycloak.events] (default task-3)
type=LOGIN_ERROR, realmId=master, clientId=admin-cli, userId=null,
ipAddress=127.0.0.1, error=resolve_required_actions,
auth_method=openid-connect, grant_type=password,
client_auth_method=client-secret, username=admin, requestUri=
https://127.0.0.1:8666/auth/realms/master/protocol/openid-connect/token,
cookies=[]
2018-08-16 14:42:24,027 TRACE [org.keycloak.services.resources.Cors]
(default task-3) No origin header ignoring
2018-08-16 14:42:24,028 TRACE [org.keycloak.services.resources.Cors]
(default task-3) No origin header ignoring
2018-08-16 14:42:24,028 TRACE [org.keycloak.services.resources.Cors]
(default task-3) No origin header ignoring
2018-08-16 14:42:24,030 DEBUG
[org.keycloak.transaction.JtaTransactionWrapper] (default task-3)
JtaTransactionWrapper commit
2018-08-16 14:42:24,032 DEBUG
[org.keycloak.transaction.JtaTransactionWrapper] (default task-3)
JtaTransactionWrapper end
2018-08-16 14:42:24,034 TRACE
[org.keycloak.models.cache.infinispan.UserCacheManager] (default task-3)
Removed key='master.username.admin',
value='UserListQuery{id='master.username.admin'realmName='master'}'
from
cache
2018-08-16 14:42:24,036 TRACE
[org.keycloak.models.cache.infinispan.UserCacheManager] (default task-3)
Removed key='b0942806-9744-4571-9216-d9fb57bd9d2f',
value='org.keycloak.models.cache.infinispan.entities.CachedUser@2ae0edf1'
from cache
2018-08-16 14:42:24,037 TRACE
[org.keycloak.cluster.infinispan.InfinispanNotificationsManager] (default
task-3) Sending event with key 5daeb51e-3aac-4c81-add1-4e24209e62b4:
UserUpdatedEvent [ userId=b0942806-9744-4571-9216-d9fb57bd9d2f,
username=admin, email=null ]
2018-08-16 14:42:24,065 TRACE
[org.keycloak.connections.jpa.DefaultJpaConnectionProvider] (default
task-3) DefaultJpaConnectionProvider close()
Could it be a potential bug? Or the way I use the admin rest api is not
right?
Thanks a lot!
Y.