Keycloak refresh expired token when using Webfilter
I am faced with an issue where I think I need a sliding expiration time for my access token. I am running on a glassfish server using the org.keycloak.adapters.servlet.KeycloakOIDCFilter to inspect all requests. The filter I have setup inspects the AccessToken and interrogates access by making sure the token is not expired by:
KeycloakSecurityContext kc = (KeycloakSecurityContext) req
.getAttribute(KeycloakSecurityContext.class.getName());
AccessToken token = RSATokenVerifier.create(kc.getIdTokenString()).getToken();
if(token.isExpired()) {
response.redirect("logout url");
}
This works fine. However, in my application, I have screens where users can spending up to an hour entering info where they could be kicked out before they are finished providing for a bad user experience. There are also cases where ajax calls are being made and the response is set to redirect to a logout page causing bad behavior.
I really think I need to always inspect the expiration, but I am unsure of how to request a new token when it is expired. I appreciate any help I can get. Thank you!
These are my token settings
You need to have access to the Refresh Token as well. Once the Access Token is expired there is little you can do. I'll leave an example from our application below.
URL url = new URL(keycloakRootURL + "/realms/" + realmName + "/protocol/openid-connect/token");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestProperty("Authorization", "Basic " + clientSecret);
conn.setReadTimeout(10000);
conn.setConnectTimeout(15000);
conn.setRequestMethod("POST");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = "grant_type=refresh_token&refresh_token=" + refreshToken;
try (OutputStream os = conn.getOutputStream(); BufferedWriter writer = new BufferedWriter(
new OutputStreamWriter(os, "UTF-8"))) {
writer.write(data);
writer.flush();
}
conn.connect();
StringBuilder responseStr;
try (BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()))) {
String inputLine;
responseStr = new StringBuilder();
while ((inputLine = in.readLine()) != null) {
responseStr.append(inputLine);
}
}
Object obj = parser.parse(responseStr.toString());
JSONObject result = (JSONObject) obj;
accessCreationTime = System.nanoTime();
return (String) result.get("access_token");
- Keep numbers which appear in both columns, in J lang
- Differentiation in J
- How to reshape an array with an arbitrary size in one dimension?
- Why is Insert (fold) right associative
- Write 4 : 'x&{.&.;: y' tacitly
- Alignment issue when printing formatted prime numbers in J language
- How can I define a verb in J that applies a different verb alternately to each atom in a list?
- How to get user input in the J programming language
- How to unbox a list of boxed lists of differing lengths in J?
- How can I fix 'noun result was required' error in J?
- In j, how can I define a verb locally in one scope and pass it to a defined adverb?
- Convert boxed array to normal array?
- Read column of CSV file as array
- Replace atom in array of strings
- What does the dyad `=` do to boxed strings?
- Index of minimum element using J
- How can I take the outer product of string vectors in J?
- Building an array of verbs in J
- Reading in multidigit command line parameter
- Amend with bond to new data shows unexpected behaviour
- How to turn a table or matrix into a (flat) list in J
- How to run dissect in J?
- How to define selection using index function in J
- How to exit the J console?
- Find 4-neighbors using J
- Writing custom verbs in J
- How do I negate a selector in J lang?
- How to use arbitrary selector in interchange in J lang?
- different result once square root is added inside tacit
- Sum of arrays with repeated indices