[keycloak-dev] Fwd: Preflight for token refresh
Alain Penders
alain at rexorient.com
Tue Dec 2 09:04:50 EST 2014
Hi all,
I'm building a new app using GWT 2.7 using the Keycloak javascript adapter
and GWT jsInterop. This works extremely well.
The problem I ran into is if I walk away for 5 minutes and then try to do
something, the token refresh fails on preflight. As shown in the
documentation, I call keycloak.updateToken(30) to refresh the base token in
case it has expired. Since in this case it has indeed expired, keycloak
makes a call to /auth/realms/<myrealm>/tokens/refresh. The OPTIONS call
to this location doesn't contain the Accept headers, and my app ends up
dead in the water.
To fix this, I added the following code to OpenIDConnectService:
/**
* CORS preflight path for refresh token requests
*
* @return
*/
@Path("refresh")
@OPTIONS
@Produces(MediaType.APPLICATION_JSON)
public Response refreshAccessTokenPreflight() {
if (logger.isDebugEnabled()) {
logger.debugv("cors request from: {0}",
request.getHttpHeaders().getRequestHeaders().getFirst("Origin"));
}
return Cors.add(request, Response.ok()).auth().preflight().build();
}
If this wasn't the correct solution for my problem, I'd enjoy hearing where
I went wrong.
Thanks,
Alain
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20141202/b7b577b4/attachment.html
More information about the keycloak-dev
mailing list