Ok, that could be it. Could you please create JIRA for it? Or also send
PR with test if possible? Some existing tests for prompt param are in
OIDCAdvancedRequestParamsTest . It may be good to add new test here IMO.
Marek
On 24/08/17 12:05, John D. Ament wrote:
Hi Marek,
I'm on 3.2.0.
It could be that the actual session id is the same, but other aspects
of the session are being invalidated in this flow which ma explain
what I'm seeing. I am seeing a new keycloak session/identity cookie
coming back, which seems to throw off the javascript adapter.
John
On Thu, Aug 24, 2017 at 5:34 AM Marek Posolda <mposolda(a)redhat.com
<mailto:mposolda@redhat.com>> wrote:
Which version are you using? I think that in Keycloak 3.2 it won't
create new session, but connect to existing one. Feel free to create
JIRA if it doesn't work in this version.
Marek
On 23/08/17 18:24, John D. Ament wrote:
> Hi
>
> I have a use case where I need to prompt a user to enter
credentials during
> a sequence of events. In this case, we're using keycloak's
login screen to
> capture the information and triggering it via the javascript
adapter.
> Doing a prompt=login has an unfortunate side effect that the
existing
> session gets rewritten. This causes the adapter to begin
failing, the
> refresh token and access token are no longer valid. It seems
that there's
> no way to reinitialize the iframe after this occurs, and I'm not
sure
> that's the best way to do it.
>
> Is there any way to have keycloak not create a new session in
this flow?
>
> John
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
>
https://lists.jboss.org/mailman/listinfo/keycloak-user