[keycloak-user] Offline Token Unique Constraint Violation Errors in 6.0.0

[Harness, Josh]

Hello -

I'm using keycloak version 6.0.0. Recently, we started seeing unique constraint violations when creating a new offline session for a user. In particular, this constraint is violated:

     CONSTRAINT_OFFL_CL_SES_PK3

I looked this constraint up and it appears to be the combination of the following columns on the following columns of the "offline_client_session" table:

     USER_SESSION_ID, CLIENT_ID, CLIENT_STORAGE_PROVIDER, EXTERNAL_CLIENT_ID, OFFLINE_FLAG

I enabled trace logging for the UserSession class and can tell that the application believes that it needs to create the row in the offline_client_session table even though the row already exists in the table. As a result, the unique constraint violation occurs and the call fails. This makes me believe it exclusively expects its cache to be a copy of the database and somehow it has gotten out of sync with the database and isn't querying the database when it has a cache "miss".

A couple of notes that may be important:

* I'm creating the offline token as part of a token exchange
* We have configured the offline sessions cache to use passivation (with preloading enabled and purging disabled)

Any advice that can be offered as far as how to debug this would be appreciated. I've been unable to make it happen in non-prod but it happens often in prod. 

Thanks!

Josh