Code is expired with Keycloak provider
See original GitHub issueI’ve integrated angular-oauth2-oidc in my angular app v8 with Keycloak v4.5, my Keycloak configuration is based on “authorization_code” flow: grant_type: authorization_code
When I refresh my page the call to the token endpoint fails with 400 status:
/auth/realms/test/protocol/openid-connect/token
The response:
{"error":"invalid_grant","error_description":"Code is expired"}
My OIDC configuration is as follows:
export const authCodeFlowConfig: AuthConfig = {
issuer: 'http://localhost:8080/auth/realms/test',
redirectUri: window.location.origin + '/page/dashboard',
postLogoutRedirectUri: window.location.origin + '/login',
clientId: 'ClientTest',
responseType: 'code',
scope: 'openid profile email offline_access api',
showDebugInformation: true,
requireHttps: false,
disableAtHashCheck: true
};
I initialised the oauth2 module as follows in app.module.ts:
export function initCodeFlow(oauthService: OAuthService) {
return () => {
oauthService.configure(environment.authCodeFlowConfig);
oauthService.loadDiscoveryDocumentAndTryLogin();
};
}
// ...
{
provide: APP_INITIALIZER,
useFactory: initCodeFlow,
multi: true,
deps: [OAuthService],
},
And my realm configuration is based on “Standard code flow + implicit flow”.
I don’ know if it can be an issue or a wrong configuration that I made
Any help will be very appreciated
Issue Analytics
- State:
- Created 3 years ago
- Comments:5
Top Results From Across the Web
Please help! Code is expired! - Getting advice - Keycloak
After registration I have field “code” in redirect url but I can't use it because it is expired although I have just created...
Read more >Server Administration Guide - Keycloak
Client-suggested Identity Provider; Mapping claims and assertions; Available user session data; First login flow.
Read more >Offline token invalid but not expired - Google Groups
I have a problem with offline tokens. Some of them expire well before the limit. My offline tokens have an expiration period of...
Read more >KeyCloak React refreshToken expired token - Stack Overflow
I want to implement authorization in my client-side application but I've got problem with update Token in React Application with Keycloak. App.
Read more >[keycloak-dev] Authorization Code Flow as Default for ...
Using authorization code flow with public clients in Keycloak: * Allows short expiration on access tokens * Our JavaScript adapter doesn't ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Thanks a lot @jeroenheijmans, I will check and be back with more info soon
Thx for sharing, good to hear you’ve solved things!
Got no additions, other perhaps than to say that my sample project’s
master
is now also Code+PKCE flow.In any case, each app will have its own variant, so it’s great that you’ve shared your approach!