Expected behavior during refresh _expires _in : 0 and reasons why a token refresh request might not be sent
gorbatkoff opened this issue · 0 comments
Hi there!
The backend to the request/token returns an object like this
access_token: "some access token", expires_in: 28800, id_token: "some id token", not-before-policy: 0, refresh_expires_in: 0, refresh_token: "some refresh token", scope: "openid email profile", session_state: "d32bbf72-b97e-4574-9a52-0b62360kmf59", token_type: "Bearer"
It is important that refresh_expires_in: 0.
I want to know what is the expected behavior when refresh_expires_in: 0?
Should the token refresh request occur after 1 hour?
And will this be valid behavior?
Should there be a logout from the account?
Because my current behavior is that the token is not updated after 1 hour.
Here is my oidcConfig
const oidcConfig: AuthProviderProps = {
authority: window.env.KEYCLOAK_URL,
client_id: window.env.KEYCLOAK_CLIENT_ID,
redirect_uri: currentUrl,
post_logout_redirect_uri: currentUrl,
automaticSilentRenew: true,
accessTokenExpiringNotificationTimeInSeconds: 30,
metadata: {
authorization_endpoint: generateEndpoint("auth"),
token_endpoint: generateEndpoint("token"),
end_session_endpoint: generateEndpoint("logout"),
},
onSigninCallback() {
window.history.replaceState({}, document.title, window.location.pathname);
},
};
And the most important question. Why might a token update request not be sent?