I integrated an angular application with a JAVA EE backend in the same WAR deployed in Wildfly, with a Keycloak client, Confidential access type
I have correctly configured https://prueba.com in the Web Origin client
in client scope: web origin
When I run the angular application index.html it redirects me to the idp login
I log everything ok
If I execute a GET from the browser it works OK
If I run a GET by XHR it works OK
After the token expires when executing GET from the browser, redirect to the idp and refresh the token
After the token expires when executing GET by XHR, it redirects to the idp, the idp responds but gives CORS error in console
Access to XMLRequest at ‘https://idp.com/auth/realms/PRU/protocol/openid-connect/auth?312345&state-7d503346-d911-xxxx/prueba-keycloak&login=true&scope=openid’ (redirect from ‘https://prueba.com/prueba-keycloak/rs/back/solicitud/datos-propios/3123458’) from origin ‘https://prueba.com’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource
GET at ‘https://idp.com/auth/realms/PRU/protocol/openid-connect/auth?312345&state-7d503346-d911-xxxx/prueba-keycloak&login=true&scope=openid’
net::ERR_FAILED
ERROR Unknown Server Error: http failed response for 'https://prueba.com/prueba-keycloak/rs/back/solicitud/datos-propios/3123458
Anyone know what might be happening ? or is it that Keycloak does not allow the refresh of the token from an XHR call