Hey,
I have the following scenario illustrated in the picture
- Js Frontend is a Angular Frontend which manages redirection to a keycloak login page where users can enter their credentials (open id connect). It is using PKCE for that aswell
- the relevant keycloak realm and client use the Authorization Code Grant
- backend is a spring boot app which, serves the api and receives the token from the frontend
- since its an architecture with multiple services, the backend delegates the retrieval of some data to another service, while handing the access token over to that service
- in between the token times out
My questions are:
- is there a “typical” solution to that problem except from increasing the token lifetime and optimizing the time for the long running operation?
- atm we are not using the Keycloak Rest Template. If we would, would this handle a token refresh via refresh token? (https://github.com/keycloak/keycloak/blob/master/adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/client/KeycloakRestTemplate.java)
If you need more information let me know.
Greetings Sascha