libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

KEYCLOAK-668 Make sure keycloak.js doesn't send multiple concurrent requests to refresh the token

Browse source
This commit is contained in:
Stian Thorgersen 2014-09-09 13:45:55 +02:00
parent 839069ca15
commit c475721dab
2 changed files with 44 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
forms/common-themes/src/main/resources/theme/admin/base/resources/js/app.js
View file

@ -33,18 +33,22 @@ angular.element(document).ready(function ($http) {
module.factory('authInterceptor', function($q, Auth) { module.factory('authInterceptor', function($q, Auth) {
return { return {
request: function (config) { request: function (config) {
if (!config.url.match(/.html$/)) {
var deferred = $q.defer(); var deferred = $q.defer();
if (Auth.authz.token) { if (Auth.authz.token) {
Auth.authz.updateToken(5).success(function() { Auth.authz.updateToken(5).success(function () {
config.headers = config.headers || {}; config.headers = config.headers || {};
config.headers.Authorization = 'Bearer ' + Auth.authz.token; config.headers.Authorization = 'Bearer ' + Auth.authz.token;
deferred.resolve(config); deferred.resolve(config);
}).error(function() { }).error(function () {
location.reload(); location.reload();
}); });
} }
return deferred.promise; return deferred.promise;
} else {
return config;
}
} }
}; };
}); });

15
integration/js/src/main/resources/keycloak.js
View file

@ -7,6 +7,7 @@
var kc = this; var kc = this;
var adapter; var adapter;
var refreshQueue = [];
var loginIframe = { var loginIframe = {
enable: true, enable: true,
@ -237,6 +238,9 @@
var params = 'grant_type=refresh_token&' + 'refresh_token=' + kc.refreshToken; var params = 'grant_type=refresh_token&' + 'refresh_token=' + kc.refreshToken;
var url = getRealmUrl() + '/tokens/refresh'; var url = getRealmUrl() + '/tokens/refresh';
refreshQueue.push(promise);
if (refreshQueue.length == 1) {
var req = new XMLHttpRequest(); var req = new XMLHttpRequest();
req.open('POST', url, true); req.open('POST', url, true);
req.setRequestHeader('Content-type', 'application/x-www-form-urlencoded'); req.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
@ -247,16 +251,20 @@
params += '&client_id=' + encodeURIComponent(kc.clientId); params += '&client_id=' + encodeURIComponent(kc.clientId);
} }
req.onreadystatechange = function() { req.onreadystatechange = function () {
if (req.readyState == 4) { if (req.readyState == 4) {
if (req.status == 200) { if (req.status == 200) {
var tokenResponse = JSON.parse(req.responseText); var tokenResponse = JSON.parse(req.responseText);
setToken(tokenResponse['access_token'], tokenResponse['refresh_token']); setToken(tokenResponse['access_token'], tokenResponse['refresh_token']);
kc.onAuthRefreshSuccess && kc.onAuthRefreshSuccess(); kc.onAuthRefreshSuccess && kc.onAuthRefreshSuccess();
promise.setSuccess(true); for (var p = refreshQueue.pop(); p != null; p = refreshQueue.pop()) {
p.setSuccess(true);
}
} else { } else {
kc.onAuthRefreshError && kc.onAuthRefreshError(); kc.onAuthRefreshError && kc.onAuthRefreshError();
promise.setError(); for (var p = refreshQueue.pop(); p != null; p = refreshQueue.pop()) {
p.setError(true);
}
} }
} }
}; };
@ -264,6 +272,7 @@
req.send(params); req.send(params);
} }
} }
}
if (loginIframe.enable) { if (loginIframe.enable) {
var iframePromise = checkLoginIframe(); var iframePromise = checkLoginIframe();