[keycloak-dev] JavaScript client adapter - minValidity
Sergio Livi
me at serl.it
Mon Apr 15 08:03:22 EDT 2019
Done: KEYCLOAK-10071!
Let me know if I missed anything.
Thanks!
On Sun, Apr 14, 2019 at 3:02 AM Bruno Oliveira <bruno at abstractj.org> wrote:
> Hi Sergio, could you please file a Jira with the steps to reproduce the
> problem?
>
> Also, feel free to attach the PR into the comments.
>
> Thank you
>
> On Sat, Apr 13, 2019, 7:19 AM Sergio Livi <me at serl.it> wrote:
>
>> Hello,
>> I've had a little issue while using the updateToken function[1]. In
>> particular, I was accidentally passing a string not containing a number as
>> minValidity.
>>
>> Totally my fault, but the result is that no error is thrown and everything
>> seems to work, but the token will be never renewed.
>> This is the end of the function isTokenExpired, called from updateToken:
>>
>> if (minValidity) {
>> expiresIn -= minValidity;
>> // expiresIn becomes NaN, as minValidity is not "cast-able" to a
>> number
>> }
>> return expiresIn < 0; // NaN < 0 is false, so the token will be never
>> refreshed
>>
>> I think there should be a check somewhere to either:
>> - throw an error, or
>> - display a warning on the console, ignore the buggy minValidity and carry
>> on.
>>
>> If you wish, I could prepare a PR with a fix for this, just tell me which
>> option you prefer.
>>
>> Thanks!
>>
>>
>> [1] this one: <
>>
>> https://github.com/keycloak/keycloak/blob/e7deb77725a1c777902096e1880911c10f580d50/adapters/oidc/js/src/main/resources/keycloak.js#L439
>> >
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>
More information about the keycloak-dev
mailing list