6:48 a.m.
Hi!
Our customer uses our application (running with Keycloak 6.0.1) with multiple tabs open.
We recognized that there's a scenario where keycloak.js generates invalid urls in
updateToken method where parameter refresh_token is undefined:
"postData": {
"mimeType": "application/x-www-form-urlencoded",
"text":
"grant_type=refresh_token&refresh_token=undefined&client_id=r6-ui",
....
})
We can reproduce this behaviour on our customers environment with:
* enable SSO
* with a Kerberos plugin for automatic login
* open multiple tabs from within tab 1
* refresh tab 1 or wait for session timeout
So it look like, that we can manage it in the multi tab scenario, to call clearToken while
a updateToken request is processed.
Is there anything we can do to overcome this issue?
Kind regards,
Wolfgang
<!--- har snipped -->
{
"startedDateTime": "2019-08-27T15:12:12.434Z",
"time": 5.363002419471741,
"request": {
"method": "POST",
"url":
"http://host/auth/realms/R6/protocol/openid-connect/token",
"httpVersion": "HTTP/1.1",
"headers": [
{
"name": "Origin",
"value": "http://host"
},
{
"name": "Accept-Encoding",
"value": "gzip, deflate"
},
{
"name": "Host",
"value": "host"
},
{
"name": "Accept-Language",
"value": "de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7"
},
{
"name": "User-Agent",
"value": "Mozilla/5.0 (Windows NT 6.3; Win64; x64)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36"
},
{
"name": "Content-type",
"value": "application/x-www-form-urlencoded"
},
{
"name": "Accept",
"value": "*/*"
},
{
"name": "Referer",
"value": "http://host/r6-ui/client/index"
},
{
"name": "Cookie",
"value":
"AUTH_SESSION_ID=73fa22f1-b574-4714-abe1-42fce5f900db.dev-06;
KEYCLOAK_IDENTITY=..."
},
{
"name": "Connection",
"value": "keep-alive"
},
{
"name": "Content-Length",
"value": "64"
}
],
"queryString": [],
"cookies": [
{
"name": "AUTH_SESSION_ID",
"value": "73fa22f1-b574-4714-abe1-42fce5f900db.dev-06",
"expires": null,
"httpOnly": false,
"secure": false
},
{
"name": "KEYCLOAK_IDENTITY",
"value": "....",
"expires": null,
"httpOnly": false,
"secure": false
},
{
"name": "KEYCLOAK_SESSION",
"value":
"R6/a5f78b44-bcaa-4b88-bd48-298c57a8f9f2/73fa22f1-b574-4714-abe1-42fce5f900db",
"expires": null,
"httpOnly": false,
"secure": false
}
],
"headersSize": 1310,
"bodySize": 64,
"postData": {
"mimeType": "application/x-www-form-urlencoded",
"text":
"grant_type=refresh_token&refresh_token=undefined&client_id=r6-ui",
"params": [
{
"name": "grant_type",
"value": "refresh_token"
},
{
"name": "refresh_token",
"value": "undefined"
},
{
"name": "client_id",
"value": "r6-ui"
}
]
}
},
"response": {
"status": 400,
"statusText": "Bad Request",
"httpVersion": "HTTP/1.1",
"headers": [
{
"name": "Pragma",
"value": "no-cache"
},
{
"name": "Date",
"value": "Tue, 27 Aug 2019 15:10:40 GMT"
},
{
"name": "Server",
"value": "Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips"
},
{
"name": "Content-Type",
"value": "application/json"
},
{
"name": "Access-Control-Allow-Origin",
"value": "http://host"
},
{
"name": "Access-Control-Expose-Headers",
"value": "Access-Control-Allow-Methods"
},
{
"name": "Cache-Control",
"value": "no-store"
},
{
"name": "Access-Control-Allow-Credentials",
"value": "true"
},
{
"name": "Connection",
"value": "close"
},
{
"name": "Content-Length",
"value": "69"
}
],
"cookies": [],
"content": {
"size": 69,
"mimeType": "application/json",
"compression": 0
},
"redirectURL": "",
"headersSize": 395,
"bodySize": 69,
"_transferSize": 464
},
"cache": {},
"timings": {
"blocked": 1.3490057005882263,
"dns": -1,
"ssl": -1,
"connect": -1,
"send": 0.07300000000000001,
"wait": 3.2689990525245665,
"receive": 0.6719976663589478,
"_blocked_queueing": 1.0850057005882263
},
"serverIPAddress": "10.1.85.183",
"_initiator": {
"type": "script",
"stack": {
"callFrames": [
{
"functionName": "exec",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1812461
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1812565
},
{
"functionName": "setSuccess",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1792930
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1794553
}
],
"parent": {
"description": "postMessage",
"callFrames": [
{
"functionName": "",
"scriptId": "506",
"url":
"http://host/auth/realms/R6/protocol/openid-connect/login-status-iframe.html",
"lineNumber": 109,
"columnNumber": 25
},
{
"functionName": "checkCookie",
"scriptId": "506",
"url":
"http://host/auth/realms/R6/protocol/openid-connect/login-status-iframe.html",
"lineNumber": 31,
"columnNumber": 20
},
{
"functionName": "req.onreadystatechange",
"scriptId": "506",
"url":
"http://host/auth/realms/R6/protocol/openid-connect/login-status-iframe.html",
"lineNumber": 61,
"columnNumber": 28
}
],
"parent": {
"description": "XMLHttpRequest.send",
"callFrames": [
{
"functionName": "checkState",
"scriptId": "506",
"url":
"http://host/auth/realms/R6/protocol/openid-connect/login-status-iframe.html",
"lineNumber": 69,
"columnNumber": 16
},
{
"functionName": "receiveMessage",
"scriptId": "506",
"url":
"http://host/auth/realms/R6/protocol/openid-connect/login-status-iframe.html",
"lineNumber": 108,
"columnNumber": 8
}
],
"parent": {
"description": "postMessage",
"callFrames": [
{
"functionName": "checkLoginIframe",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1795110
},
{
"functionName": "Keycloak.kc.updateToken",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1812527
},
{
"functionName":
"R6AuthenticationHolderImpl.updateToken",
"scriptId": "498",
"url":
"http://host/r6-ui/client/resources/lib.js",
"lineNumber": 0,
"columnNumber": 1061095
},
{
"functionName": "R6SessionHandlerImpl.check",
"scriptId": "498",
"url":
"http://host/r6-ui/client/resources/lib.js",
"lineNumber": 0,
"columnNumber": 1287472
},
{
"functionName":
"R6SessionHandlerImpl.updateTimeout",
"scriptId": "498",
"url":
"http://host/r6-ui/client/resources/lib.js",
"lineNumber": 0,
"columnNumber": 1287221
},
{
"functionName":
"R6SessionInterceptor.response",
"scriptId": "498",
"url":
"http://host/r6-ui/client/resources/lib.js",
"lineNumber": 0,
"columnNumber": 1286496
},
{
"functionName": "response",
"scriptId": "498",
"url":
"http://host/r6-ui/client/resources/lib.js",
"lineNumber": 0,
"columnNumber": 1285688
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1176239
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1176524
},
{
"functionName": "$digest",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1187078
},
{
"functionName": "$apply",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1189842
},
{
"functionName": "done",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1143003
},
{
"functionName": "completeRequest",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1147207
},
{
"functionName": "xhr.onload",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1148651
}
],
"parent": {
"description": "load",
"callFrames": [
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1148435
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1145310
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1145529
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1176239
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1176524
},
{
"functionName": "$digest",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1187078
},
{
"functionName": "$apply",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1189842
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1062210
},
{
"functionName": "invoke",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1076174
},
{
"functionName": "doBootstrap",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1062104
},
{
"functionName": "bootstrap",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1062580
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 160729
},
{
"functionName": "mightThrow",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 223677
},
{
"functionName": "process",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 224305
}
],
"parent": {
"description": "setTimeout",
"callFrames": [
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 224612
},
{
"functionName": "fire",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 221268
},
{
"functionName": "add",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 221726
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 224812
},
{
"functionName": "Deferred",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 225492
},
{
"functionName": "then",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 224663
},
{
"functionName": "jQuery.fn.ready",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 226629
},
{
"functionName": "jQuery.fn.init",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 218206
},
{
"functionName": "jQuery",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 180073
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 160702
},
{
"functionName": "tryCatcher",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 104913
},
{
"functionName":
"Promise._settlePromiseFromHandler",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 66489
},
{
"functionName": "Promise._settlePromise",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 67772
},
{
"functionName": "Promise._settlePromise0",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 68812
},
{
"functionName": "Promise._settlePromises",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 70495
},
{
"functionName": "Promise._fulfill",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 69308
},
{
"functionName": "PromiseArray._resolve",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 75658
},
{
"functionName":
"PromiseArray._promiseFulfilled",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 76061
},
{
"functionName": "Promise._settlePromise",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 67955
},
{
"functionName": "Promise._settlePromise0",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 68812
},
{
"functionName": "Promise._settlePromises",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 70495
},
{
"functionName": "Async._drainQueue",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 3975
},
{
"functionName": "Async._drainQueues",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 4040
},
{
"functionName": "Async.drainQueues",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1696
}
],
"parent": {
"description": "Promise.then",
"callFrames": [
{
"functionName": "schedule",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 89929
},
{
"functionName": "Async._queueTick",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 4229
},
{
"functionName": "AsyncSettlePromises",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 2010
},
{
"functionName":
"util.hasDevTools.Async.settlePromises",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 3577
},
{
"functionName": "Promise._fulfill",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 69332
},
{
"functionName":
"Promise._resolveCallback",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 64681
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 65941
},
{
"functionName": "setSuccess",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1792677
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1802938
},
{
"functionName": "setSuccess",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1792930
},
{
"functionName": "authSuccess",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1787381
},
{
"functionName": "req.onreadystatechange",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1788403
}
],
"parent": {
"description": "XMLHttpRequest.send",
"callFrames": [
{
"functionName": "processCallback",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1788608
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1806366
},
{
"functionName": "setSuccess",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1792930
},
{
"functionName": "iframe.onload",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1793899
}
],
"parent": {
"description": "load",
"callFrames": [
{
"functionName":
"setupCheckLoginIframe",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1793572
},
{
"functionName": "",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1806323
},
{
"functionName": "success",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1793103
},
{
"functionName": "Keycloak.kc.init",
"scriptId": "496",
"url":
"http://host/r6-ui/client/resources/vendor.js",
"lineNumber": 0,
"columnNumber": 1806139
},
{
"functionName": "",
"scriptId": "505",
"url":
"http://host/r6-ui/client/index",
"lineNumber": 139,
"columnNumber": 17
}
]
}
}
}
}
}
}
}
}
}
},
"_priority": "High",
"_resourceType": "xhr",
"connection": "6236",
"pageref": "page_6"
},
________________________________
BearingPoint Technology GmbH
Sitz: Premst?tten bei Graz
Firmenbuchgericht: Landesgericht f?r ZRS Graz
Firmenbuchnummer: FN 44354b
The information in this email is confidential and may be legally privileged. If you are
not the intended recipient of this message, any review, disclosure, copying, distribution,
retention, or any action taken or omitted to be taken in reliance on it is prohibited and
may be unlawful. If you are not the intended recipient, please reply to or forward a copy
of this message to the sender and delete the message, any attachments, and any copies
thereof from your system.
1946
days inactive
1946
days old
0 comments
1 participants
participants (1)
-
Weber, Wolfgang