I am trying to use https://www.pac4j.org/docs/clients/openid-connect.html docs to integrate my application but if access token destroyed(session destroyed in case of keycloak) using header client like below:
HeaderClient client = new HeaderClient("Authorization", "Bearer ", oidcClient.getProfileCreator());
allows client to login. It just prints a debug log like:
ERROR o.p.o.p.creator.OidcProfileCreator -- Bad User Info response, error=invalid_token
Previously there was UserInfoOidcAuthenticator for header client but it was deprecated and removed in pac4j 6.x. So how should i configure headerclient to achieve same functionality when we were using UserInfoOidcAuthenticator? Or am i missing something?
You're not missing anything:
new HeaderClient("Authorization", "Bearer ", new UserInfoOidcAuthenticator(oidcConfig));
should be replaced by:
new HeaderClient("Authorization", "Bearer ", oidcClient.getProfileCreator());
But there is a bug in the latest pac4j v6.0.0-RC6. I just committed a fix. Can you check again with the 6.0.0-RC7-SNAPSHOT (available in the Sonatype snapshots repo)? Thanks