我正在使用带有Keycloak的appAuth在我的android应用中进行身份验证。大约25分钟后,访问令牌失效。在这段时间之后尝试刷新令牌时,出现以下错误:
Failed to authorize = AuthorizationException: {"type":2,"code":2002,"error":"invalid_grant","errorDescription":"Refresh token expired","errorUri":""}
要刷新令牌,我要调用performActionWithFreshTokens并传入之前从TokenResponse中收到的refreshToken。
Map<String, String> refreshTokenAdditionalParams = new HashMap<>();
refreshTokenAdditionalParams.put(Constants.REFRESH_TOKEN,getAuthState().getRefreshToken());
Log.i(TAG, "Refresh Token from AuthState:"+ getAuthState().getRefreshToken());
mAuthStateManager.getCurrent().performActionWithFreshTokens(mAuthService,clientAuthentication,refreshTokenAdditionalParams, (accessToken, idToken, ex) -> {
Log.i(TAG, "Access Token :"+ accessToken + "id Token :"+ idToken );
Log.i(TAG, "Token Response :"+ mAuthStateManager.getCurrent().getLastTokenResponse());
if (ex != null) {
// negotiation for fresh tokens failed, check ex for more details
if (ex.errorDescription.contains(Constants.TOKEN_EXPIRED)) {
CommonHelper.getAccessDeniedFailure(false);
return;
}
}
mAuthStateManager.getCurrent().update(mAuthStateManager.getCurrent().getLastTokenResponse(), ex);
if (getAuthState().isAuthorized()) {
SessionManager.UserDetail detail = sessionManager.getUserDetails();
if (detail == null) {
detail = new SessionManager.UserDetail();
}
detail.updateAuthToken(getAuthState().getAccessToken());
detail.updateRefreshToken(getAuthState().getRefreshToken());
sessionManager.createUserSession(detail);
sessionManager.setLastActivityTime(System.currentTimeMillis());
}
callback.onTokenRequestCompleted(mAuthStateManager.getCurrent().getLastTokenResponse(), ex);
});
在决定将refreshToken作为函数中的AdditionalParameters传递之前,我认为我调用performActionWithFreshTokens的事实会自动解决此异常。我仍然有错误。然后,我决定将refreshToken作为参数传递,但仍然出现异常,并且返回的accessToken和idToken为空。
我不确定如何解决此问题。还有其他人面对过这个问题吗? 谢谢。