I have keycloak-gatekeeper acting as a proxy in front of a node js web app. I only allow data requests to be made from the web server if the user has a valid access token. Gatekeeper only appears to refresh the access token on page refresh. This means that after the access token has expired, the user can not execute data queries from the web client until they’ve refreshed the page.
One solution I have is to be able to refresh the token myself in the web server. This means decrypting the refresh token that gatekeeper sets as a cookie.
Is there a better way to do this? If not, can any one shed any advice on how best to decrypt the refresh token in node.js?
Thanks in advanced.