From: "Frank French" <Frank.French(a)causeway.com>
To: keycloak-user(a)lists.jboss.org
Sent: Sunday, 2 November, 2014 11:10:32 PM
Subject: [keycloak-user] Token refresh from Android native app
I’m currently using the browser to initially log in to my app. After the user
credentials have been validated I intercept the url containing the code and
use that on the resource /realms/myrealm/tokens/access/codes. To convert the
code into a token. I am then able to use the embedded access token for
subsequent API calls. This works fine until the access token expires.
When the access token expires the service returns a 401. At present the only
way I can get past this is to redirect the user back to the login page and
start the above process again (creates another session). I would only expect
to have to do this if the SSO idle timeout and been reached (it hasn’t).
I’ve looked through the API docs and found the resource
/realms/myrealm/token/refresh. I’ve tried using this resource but have
failed miserably. Could someone please explain how to use this resource or
point me somewhere else if I’ve got it completely wrong.
Example code below.
private JWSToken refreshToken(String accessToken , String refreshToken )
throws IOException, InvalidTokenException{
JWSToken token = null ;
String url = "
http://127.0.0.1:8080/auth/realms/myrealm/tokens/refresh " ;
//String query = “refresh_token=“ + refreshToken ;
//String query = “refresh_token=“ + refreshToken + “client_id=" + CLIENT_ID "
;
String query = "refresh_token=" + refreshToken + "client_id=" +
CLIENT_ID +
"grant_type=refresh_token" ;
//Tried all the above
HttpPost httppost = new HttpPost( url );
httppost .addHeader( “Authorization ” , “Bearer “ + accessToken ); //401 with
400 without
httppost .addHeader( "Content-Type" ,
"application/x-www-form-urlencoded" );
ByteArrayEntity entity = new ByteArrayEntity( query .getBytes());
httppost .setEntity( entity );
HttpResponse response = httpclient .execute( httppost );
int status = response .getStatusLine().getStatusCode();
if ( status == HttpStatus. SC_OK ){
InputStream stream = null ;
try {
stream = response .getEntity().getContent();
ObjectMapper mapper = new ObjectMapper();
token = mapper .readValue( stream , JWSToken. class );
} finally {
if ( stream != null ){
stream .close();
}
}
} else {
throw new InvalidTokenException() ;
}
return token ;
}
Causeway is committed towards reducing its carbon footprint. Please consider
the environment before printing this email.
Disclaimer Notice :-
The message and any attachments contained in this e-mail are intended for the
named recipient(s) only. It may contain privileged or confidential
information or information which is exempt from disclosure under the
applicable laws. If you are not the intended recipient(s), you must not
read, print, retain, copy distribute, forward or take any or refrain from
taking any action in reliance on it or any of its attachments. If you have
received or have been forwarded this e-mail in error, please notify us
immediately by return e-mail or telephone (+44 (0)1628 552000) and delete
this message from the computer or any other data-reading device in its
entirety.
Please advise us immediately if you do not or your employer does not consent
to Internet e-mail for messages of this nature.
Internet communications cannot be guaranteed to be secure and error-free as
the information could be intercepted, corrupted, lost, arrive late or
contain viruses. The sender and this Company therefore do not and shall not
accept any liability or responsibility of whatsoever nature in the context
of this message and its attachment(s) which arises as a result of Internet
transmission. Opinions, conclusion, representations, views and such other
information in this message that do not relate to the official business of
this Company shall be understood as neither given nor endorsed by it.
Registered Office: Comino House, Furlong Road, Bourne End, Buckinghamshire,
SL8 5AQ
Registered in England No: 3921897
www.causeway.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user