[
https://issues.jboss.org/browse/ARTIF-748?page=com.atlassian.jira.plugin....
]
Christian Sadilek commented on ARTIF-748:
-----------------------------------------
[~brmeyer], I agree with your summary. Since the response code is 200 OK, Errai will try
to demarshall the response which it expects to be JSON-based, as specified in @Consumes
and @Produces. So, the server is really returning an invalid response and you will see an
unhandled exception.
Interceptors are probably not an ideal solution here as you don't know which REST call
will fail after the token expired, so you'd have to intercept them all.
I could easily add error handling for this case to Errai 3.2, if needed. BTW, did you
already upgrade to 3.2 and GWT 2.7?
Web UI: Refresh to /login when Keycloak token expires
-----------------------------------------------------
Key: ARTIF-748
URL:
https://issues.jboss.org/browse/ARTIF-748
Project: Artificer
Issue Type: Task
Reporter: Brett Meyer
Assignee: Brett Meyer
If the token expires, the server spits out:
{code}
14:25:07,534 WARN [org.keycloak.events] (default task-36) type=REFRESH_TOKEN_ERROR,
realmId=0c4049da-2746-468e-ab6d-49e51dd1f133, clientId=artificer-ui, userId=null,
ipAddress=127.0.0.1, error=invalid_token
14:25:07,560 ERROR [org.keycloak.adapters.RefreshableKeycloakSecurityContext] (default
task-37) Refresh token failure status: 400 {"error_description":"Refresh
token expired","error":"invalid_grant"}
{code}
The next time the browser makes a call to the UI services, Errai reports an uncaught GWT
exception. That call *must* be protected by Keycloak, in order for our Filter to pick up
the KeycloakSecurityContext and create the bearer token. However, the GWT exception shows
that the Keycloak *login page* is being served on the call, so Errai's JSON marshaller
barfs on the HTML.
APIMan (Angular UI) checks for a 401 response code and automatically refreshes the
browser to combat this. However, I'm not sure if that's possible in this case.
Our use of Errai's "Caller" pattern isn't kicking in for these errors
(completely sidesteps the ErrorHandler), I'm guessing due to it being a lower level
issue with the GWT marshaller.
Idea: Have a pure Javascript loop "ping" the UI services and check the
response.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)