Re: [keycloak-user] WebSockets
On 08/05/2015 03:39 PM, Marek Posolda wrote:
Maybe it's
possible the server will poll the client socket and ask for updated
token from the client periodically. I am not sure about the possible and
best option TBH (not have deep websocket knowledge)
It is possible, but that goes into the "invasive" approach, as it can be
done only with a message going from the server to the client. Doing this
at the Keycloak level means that the application has to know how to
handle (or discard) Keycloak-specific messages.
Honestly, the more I think about it, the more I realize that the best
solution would be to get an API from Keycloak that would allow me to
validate tokens and extract a principal from it, like what the Request
Authenticators do. Even better if this API could call me back from time
to time, so that my server part could ask the client part for a renewed
token. My client could then send this token in the next payload (not
necessarily a payload *only* with the token).
- Juca.