[keycloak-user] how to intercept/flow: VerificationException: Token is not active

Sebastien Blanc sblanc at redhat.com
Tue Jan 3 08:57:08 EST 2017


Yes the frontend should provide the refreshed token, how does your angular
code works ? Have you seen the example here :
https://github.com/keycloak/keycloak/blob/master/examples/demo-template/angular-product-app/src/main/webapp/js/app.js#L64-L69
?

On Thu, Dec 22, 2016 at 12:36 PM, java_os <java at neposoft.com> wrote:

> I would think that the front end would block or re-new the token and send
> into the call a valid token to the bearer call.
> I am passing the token extracted from the front-end into the header to the
> bearer rest call. So does keycloak.js re-issuing a new valid token if the
> existing one expired? Currently it does not since I am seeing
> VerificationException on the bearer rest layer.
> thoughts???
>
> > Forgot to mention that the angular piece is under keycloak.js and so this
> > may be able to expire the session before A or B 's token becomes
> inactive?
> > Overall am trying to see how others handle this , as I think this is a
> > regular web/rest scenario that I am not the only one doing it.
> > Hoping to get some help from whoever.
> > Thanks
> >
> >> Hi
> >> I have 2 bearer rest layers (A,B): A calls B. In front I have an angular
> >> web layer calling A -> B.
> >>
> >> What is the best practices to handle "Token is not active" when user
> >> sits
> >> in front idle and token becomes inactive, http session still valid but
> >> KC
> >> token expired? If B reaches token not active, on the call from A to B -
> >> how would I propagate this to the front layer?
> >> A has to consume the ValidationException from B and notify front layer
> >> to
> >> auto logout or prompt the user with a message saying 'your session
> >> expired, please login' or automatically throw the user into the login
> >> prompt in front.
> >>
> >> For this scenario above, anyone share some thoughts?
> >> Thanks
> >>
> >
> >
> >
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>


More information about the keycloak-user mailing list