Hey everyone,
I'm running into an issue with an application that I've ported over to using
Keycloak. I believe that the token issued by keycloak is expiring, which causes
XMLHttpRequest's from my front end to be redirected to KeyCloak which then tries to
redirect to Google (my identity provider). By the time it gets to google, there have been
redirects across two different domains causing the browser to not set an origin header in
the request to google, which then causes the browser to not process the response.
What is the general way of handling a javascript ajax request when a token expires? Or to
have a UI get a new token without requiring the entire ui to refresh to force the browser
to redirect?
For further background, here is my setup: I am using Google OpenID Connect as the identity
provider. The application is protected with keycloak-proxy, which then passes requests on
to the application. keycloak-proxy is the piece detecting the token is no longer valid and
redirecting the ui to keycloak.
Chris Pitman
Architect, Red Hat Consulting