auth-keycloak: make sure the token is always valid for at least 20 seconds (!6) · Merge requests · digital blueprint / Web Component Framework / Toolkit

Merged Reiter, Christoph requested to merge auth-token-refresh into master 4 years ago

Nov 10, 2020

auth-keycloak: make sure the token is always valid for at least 20 seconds · 74444969

The keycloak library currently only sends us an event in case the token
is about to expire, which is problematic because there is a time window
where we don't have a new token yet and on mobile the timers used
might be suspended and come too late.

To avoid this we check every 10 seconds that the token is valid for 30
and to work around suspended timers we also check on "visibilitychange"
which should trigger then the website gets visible again after the browser
sleeps.

74444969

auth-keycloak: make sure the token is always valid for at least 20 seconds

Merge request reports

Activity