Re: [keycloak-user] keycloak.js updateToken does not validate refresh token expiration date
As tokens aren't stored I didn't really anticipate that the refresh token
would expire as that would mean leaving one tab open for a long time. It
would probably be better to have it call onAuthLogout when it does expire.
You can create a JIRA request for that. In the mean time you can verify it
yourself if updateToken fails and do a login if it's expired.
On 30 January 2017 at 13:13, <adam.michalski(a)aol.com> wrote:
keycloak.js updateToken does not validate refresh token expiration
date
in example https://github.com/keycloak/keycloak/blob/master/examples/
demo-template/angular2-product-app/src/main/webapp/app/keycloak.service.ts
when i call getToken() method after refresh token expires i get
console.info('[KEYCLOAK] Refreshing token: token expired'); from
keycloak.js:400
with /auth/realms/InfiniteBirEUmowy/protocol/openid-connect/token 400
(Bad Request) [KEYCLOAK] Failed to refresh token
I need to check if refresh token does not expired and if it is call
KeycloakService.auth.authz.login();
Why this token refresh expiration check is not handled by updateToken
inside keycloak.js updateToken()?
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user