[keycloak-user] refresh token in keycloak
John Norris
johnnorris-10 at outlook.com
Wed Sep 25 07:06:12 EDT 2019
Hello,
I am trying to use a refresh token from keycloak. Little unsure as to what is supposed to happen. Am I supposed to receive another access token after the original expires?
Anyway, I can use the original access token via curl and receive data from my application. But when It try to get a new access token using my refresh token,
$ curl -v --data "grant_type=refresh_token&client_id=bikes-app&refresh_token=$RTOKEN" https://mint191:8080/auth/realms/SpringBootKeycloak/protocol/openid-connect/token
* Trying 127.0.1.1...
* TCP_NODELAY set
* Connected to mint191 (127.0.1.1) port 8080 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* error:1408F10B:SSL routines:ssl3_get_record:wrong version number
* Closing connection 0
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
$ echo $RTOKEN
eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIzOWE1MjY3ZC03NDI1LTQwNmUtOTAxYi0wYWI5Mjc2NjJkMzkifQ.eyJqdGkiOiIyNjJlMGViZS1hODIwLTRjZGEtYjAxZC1hMmE2ZGFjNTYwNjYiLCJleHAiOjE1Njk0MDYwMDQsIm5iZiI6MCwiaWF0IjoxNTY5NDA0MjA0LCJpc3MiOiJodHRwOi8vbWludDE5MTo4MDgwL2F1dGgvcmVhbG1zL1NwcmluZ0Jvb3RLZXljbG9hayIsImF1ZCI6Imh0dHA6Ly9taW50MTkxOjgwODAvYXV0aC9yZWFsbXMvU3ByaW5nQm9vdEtleWNsb2FrIiwic3ViIjoiMDQxN2YxNTQtNGQ4MS00Yjg2LTk4MjctZTQxMzg4N2Q3NGNkIiwidHlwIjoiUmVmcmVzaCIsImF6cCI6ImJpa2VzLWFwcCIsImF1dGhfdGltZSI6MCwic2Vzc2lvbl9zdGF0ZSI6IjlhZDRmNTUyLTAwMDItNGY5ZS05ZGFlLTE4MmI4MjkxNTBlNiIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIiwidXNlciJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSJ9.WoX78QkWZX5AwYBKTy4I8H0ia0O1IR5A8dS93p6bzqg
I get the original token with
RESULT=`curl -s -X POST -H 'Content-Type: application/x-www-form-urlencoded' -d 'username=user1&grant_type=password&client_id=bikes-app&password=123456' http://mint191:8080/auth/realms/SpringBootKeycloak/protocol/openid-connect/token`
and then get the token and refresh token variables.
Regards,
John
More information about the keycloak-user
mailing list