Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-10754

NPE in Keycloak when authenticating with exchanged token.

    Details

    • Steps to Reproduce:
      Hide

      1. Authenticate user with public client.
      2. Exchange client token for a long-lived third-party token.
      3. wait....
      4. Authenticate with long-lived token.

      Show
      1. Authenticate user with public client. 2. Exchange client token for a long-lived third-party token. 3. wait.... 4. Authenticate with long-lived token.
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      We have two clients in a realm. One is public where users use a client-side JS app to authenticate. The other client is used to get long-lived tokens (8 hours) to hand out to a third-party client that cannot refresh its access tokens (using internal-to-internal token exchange).

      After a certain amount of time, the long-lived access tokens stop working, since authentication requests trigger a NPE in Keycloak (see attached stacktraces).

      It seems as if the tokens stop working when a session times out.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                uhrm Markus Uhr
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: