'刷新令牌过期异常' - AppAuth Android
[英]'Refresh token expired exception' - AppAuth Android
问题描述
I'm using appAuth with Keycloak for authentication in my android app.
我在我的 android 应用程序中使用 appAuth 和 Keycloak 进行身份验证。 After about 25 minutes, the access token expires.大约 25 分钟后,访问令牌过期。 When I try to refresh the token after this period, I get this error:当我在这段时间之后尝试刷新令牌时,我收到此错误:
Failed to authorize = AuthorizationException: {"type":2,"code":2002,"error":"invalid_grant","errorDescription":"Refresh token expired","errorUri":""}
To refresh the token, I'm calling performActionWithFreshTokens and passing in the refreshToken I received earlier from the TokenResponse.为了刷新令牌,我调用 performActionWithFreshTokens 并传入我之前从 TokenResponse 收到的 refreshToken。
Map<String, String> refreshTokenAdditionalParams = new HashMap<>();
refreshTokenAdditionalParams.put(Constants.REFRESH_TOKEN,getAuthState().getRefreshToken());
Log.i(TAG, "Refresh Token from AuthState:"+ getAuthState().getRefreshToken());
mAuthStateManager.getCurrent().performActionWithFreshTokens(mAuthService,clientAuthentication,refreshTokenAdditionalParams, (accessToken, idToken, ex) -> {
Log.i(TAG, "Access Token :"+ accessToken + "id Token :"+ idToken );
Log.i(TAG, "Token Response :"+ mAuthStateManager.getCurrent().getLastTokenResponse());
if (ex != null) {
// negotiation for fresh tokens failed, check ex for more details
if (ex.errorDescription.contains(Constants.TOKEN_EXPIRED)) {
CommonHelper.getAccessDeniedFailure(false);
return;
}
}
mAuthStateManager.getCurrent().update(mAuthStateManager.getCurrent().getLastTokenResponse(), ex);
if (getAuthState().isAuthorized()) {
SessionManager.UserDetail detail = sessionManager.getUserDetails();
if (detail == null) {
detail = new SessionManager.UserDetail();
}
detail.updateAuthToken(getAuthState().getAccessToken());
detail.updateRefreshToken(getAuthState().getRefreshToken());
sessionManager.createUserSession(detail);
sessionManager.setLastActivityTime(System.currentTimeMillis());
}
callback.onTokenRequestCompleted(mAuthStateManager.getCurrent().getLastTokenResponse(), ex);
});
Before deciding to pass in the refreshToken as additionalParameters in the function, I thought the fact that I'm calling performActionWithFreshTokens would automatically solve this exception.在决定将 refreshToken 作为附加参数传入 function 之前,我认为我调用 performActionWithFreshTokens 的事实会自动解决此异常。 I still got the error.我仍然得到错误。 Then I decided to pass in the refreshToken as a parameter but I still get the exception and the returned accessToken and idToken are null.然后我决定将 refreshToken 作为参数传入,但我仍然得到异常,返回的 accessToken 和 idToken 是 null。
I'm not sure how else to resolve this issue.我不确定如何解决此问题。 Has anyone else faced this issue?有没有其他人遇到过这个问题? Thanks.谢谢。
1 个解决方案
解决方案1
0 2021-08-16 17:27:52
I was getting the same behavior as yours with appAuth and Keycloak.使用 appAuth 和 Keycloak 时,我的行为与您的行为相同。 This seams to be related to the settings in Keycloak for your realm.这似乎与您的 realm 的 Keycloak 中的设置有关。
This answer nailed the problem for me ( https://stackoverflow.com/a/67624190/2259378 )这个答案为我解决了问题( https://stackoverflow.com/a/67624190/2259378 )
In summary, the maximum lifetime for refresh token is the lesser value from this four variables in Keycloak: (SSO Session Idle, Client Session Idle, SSO Session Max, and Client Session Max) In summary, the maximum lifetime for refresh token is the lesser value from this four variables in Keycloak: (SSO Session Idle, Client Session Idle, SSO Session Max, and Client Session Max)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.