keycloak-uncached
Changes
adapters/oidc/js/src/main/resources/keycloak.js 24(+14 -10)
Details
adapters/oidc/js/src/main/resources/keycloak.js 24(+14 -10)
diff --git a/adapters/oidc/js/src/main/resources/keycloak.js b/adapters/oidc/js/src/main/resources/keycloak.js
index f5979ae..2def1e2 100755
--- a/adapters/oidc/js/src/main/resources/keycloak.js
+++ b/adapters/oidc/js/src/main/resources/keycloak.js
@@ -87,6 +87,10 @@
}
kc.flow = initOptions.flow;
}
+
+ if (initOptions.timeSkew != null) {
+ kc.timeSkew = initOptions.timeSkew;
+ }
}
if (!kc.responseMode) {
@@ -162,12 +166,8 @@
kc.onAuthSuccess && kc.onAuthSuccess();
initPromise.setSuccess();
}).error(function () {
- kc.onAuthError && kc.onAuthError();
- if (initOptions.onLoad) {
- onLoad();
- } else {
- initPromise.setError();
- }
+ setToken(null, null, null);
+ initPromise.setSuccess();
});
});
} else {
@@ -369,6 +369,11 @@
throw 'Not authenticated';
}
+ if (kc.timeSkew == null) {
+ console.info('[KEYCLOAK] Unable to determine if token is expired as timeskew is not set');
+ return true;
+ }
+
var expiresIn = kc.tokenParsed['exp'] - Math.ceil(new Date().getTime() / 1000) + kc.timeSkew;
if (minValidity) {
expiresIn -= minValidity;
@@ -661,6 +666,9 @@
if (timeLocal) {
kc.timeSkew = Math.floor(timeLocal / 1000) - kc.tokenParsed.iat;
+ }
+
+ if (kc.timeSkew != null) {
console.info('[KEYCLOAK] Estimated time difference between browser and server is ' + kc.timeSkew + ' seconds');
if (kc.onTokenExpired) {
@@ -672,11 +680,7 @@
kc.tokenTimeoutHandle = setTimeout(kc.onTokenExpired, expiresIn);
}
}
- } else {
- kc.updateToken(-1);
}
- } else if (refreshToken) {
- kc.updateToken(-1);
} else {
delete kc.token;
delete kc.tokenParsed;