Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-10754

NPE in Keycloak when authenticating with exchanged token.

    Details

    • Steps to Reproduce:
      Hide

      1. Authenticate user with public client.
      2. Exchange client token for a long-lived third-party token.
      3. wait....
      4. Authenticate with long-lived token.

      Show
      1. Authenticate user with public client. 2. Exchange client token for a long-lived third-party token. 3. wait.... 4. Authenticate with long-lived token.
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      We have two clients in a realm. One is public where users use a client-side JS app to authenticate. The other client is used to get long-lived tokens (8 hours) to hand out to a third-party client that cannot refresh its access tokens (using internal-to-internal token exchange).

      After a certain amount of time, the long-lived access tokens stop working, since authentication requests trigger a NPE in Keycloak (see attached stacktraces).

      It seems as if the tokens stop working when a session times out.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  pcraveiro Pedro Igor Silva
                  Reporter:
                  uhrm Markus Uhr
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: