Keycloak-js updateToken(minValidity) needs clarifications
I read many examples of the method in Keycloak-js without a clear explanation of the following method.
updateToken(minValidity: number): KeycloakPromise<boolean, boolean>;
Note : I am using "keycloak-js": "^15.0.2"
Here is its documentation
/**
* If the token expires within `minValidity` seconds, the token is refreshed.
* If the session status iframe is enabled, the session status is also
* checked.
* @returns A promise to set functions that can be invoked if the token is
* still valid, or if the token is no longer valid.
* @example
* ```js
* keycloak.updateToken(5).then(function(refreshed) {
* if (refreshed) {
* alert('Token was successfully refreshed');
* } else {
* alert('Token is still valid');
* }
* }).catch(function() {
* alert('Failed to refresh the token, or the session has expired');
* });
*/
I am not a native english speaker. The term "expires within" is imprecise here.
An illustration is better understood. This method updateToken periodically checks if the token is expired or not during a window of time minValidity
When the token will be refreshed ?
When the keycloak token expiration is approaching, the token refreshment is either :
- right prior its expiration date within the window of time
minValidity( blue) - OR after the next period update check. (orange)
In the blue case, it makes sense to have a large enough value of minValidity.
In the orange case, a small value is better.
I understand it is the blue case.
Bonus question : What will happen if the token duration < minValidity ?
Overall you want to avoid a situation where you send the AccessToken to a server/service and it gets rejected because it's not valid anymore.
So it's a good idea to check validity everytime before using the token. As the documentation mentions: calls to a service/backend should only be made within the callback of the updateToken method. But beside that, there is no (automatic) periodic check for refreshing the token.
The minValidity comes into place if you imagine a situation where the remaining AccessToken Lifetime is only 1 second.
If you check the token on client side (isTokenExpired() => false) it will still be valid, but there is a probability, that when the request reaches a service, the token will not be valid anymore and gets rejected. => we want to avoid that
The default value for minValidity is 5 seconds. So when calling the updateToken method and the token is still valid, but will expire within the next 5 seconds the token gets refreshed and any service/backend call inside the callback will use the new token. But a call itself does not necessarily mean a new token. If the remaining lifetime is long enough, nothing happens.
So in your example the blue situation is correct. The second "update" call (if you mean a updateToken method call) will already trigger a token refresh. But again: The update calls are not done automatically. You need to either implement a periodic check or call updateToken before a backend call.
To your bonus question: I looked into the code and in a fictional situation where e.g. minValidity is 60s but a new fresh token is always only valid for 30s, a call to updateToken will trigger a refresh everytime. But imho there will be no recurring "refresh-loop"
- Setting showPrintMargin to false not working in React Ace Editor
- Animate toggle height from 0 to auto or 100%
- Conditional Logpoint in Chrome Devtools
- How can I conditionally render a React component if a sessionStorage variable does not exist in Next.js?
- How to set root directory for resolving absolute paths in esbuild?
- Concatenate two JSON objects
- Photoshop Scripting (JS): Duplicate layer set and subs
- Debugging Electron renderer process with VSCode
- I don't understand this javascript function call and where it would be used
- How to programmatically Download a file from Google Drive, using Javascript and HTML? (NOT Google Drive API)
- React Native const vs let vs var in Functional Components
- How to disable time from now with time picker antd
- Why does this function mutate innerHTML of a div element and extract its first child to parse HTML if you can just use jQuery to do the same?
- How can I pause setInterval() functions?
- How to remove spaces from a string using JavaScript?
- Add CSS3 transition expand/collapse
- Remove content of p tag
- How to detect CSS3 resize events
- How to extend an existing JavaScript array with another array, without creating a new array
- Attaching click event handlers in Astro pages
- var express = require('express'); var app = express(), What is express()?? is it a method or a constructor? Where does it come from
- How to set volume of audio object?
- Is it possible to add a new element to top of Map?
- How do I remove a property from a JavaScript object?
- Can't Add Ajax Pagination in ASP NET CORE
- No extra Boolean cast in JavaScript
- Why we have to add an 'async' declaration word to the javascript function which call a sync javascript function?
- Better way to filter an array of objects with one constant and one always changing value
- Generate A Weighted Random Number
- Code on scroll event is not executing if window is zoomed in/out in chrome