[keycloak-user] keycloak.js updateToken does not validate refresh token expiration date

adam.michalski at aol.com adam.michalski at aol.com
Mon Jan 30 07:13:05 EST 2017


keycloak.js updateToken does not validate refresh token expiration date

in example https://github.com/keycloak/keycloak/blob/master/examples/demo-template/angular2-product-app/src/main/webapp/app/keycloak.service.ts

when i call getToken() method after refresh token expires i get console.info('[KEYCLOAK] Refreshing token: token expired'); from keycloak.js:400 
with /auth/realms/InfiniteBirEUmowy/protocol/openid-connect/token 400 (Bad Request) [KEYCLOAK] Failed to refresh token
 
I need to check if refresh token does not expired and if it is call KeycloakService.auth.authz.login();

Why this token refresh expiration check is not handled by updateToken inside keycloak.js updateToken()?


More information about the keycloak-user mailing list