export KC_VERSION=3.0.0.Final
./setup.sh && ./test.sh && ./tear_down.sh
-
The
keycloak.h2.db
contains an introspection realm -
The realm has a modified settings:
- 1 minute is the life of an access_token
- 2 minutes is the SSO Idle time
-
The
setup.sh
scripts downloads the Keycloak distribution, unpacks it and copies thekeycloak.h2.db
to the proper location. Then starts Keycloak server in the background, waiting 45secs -
The
test.sh
script, makes token requests usingcurl
and processing the responses withjq
- Request an offline token using direct grants
- Use the offline token to obtain an access token and use the introspection endpoint to verify it. It works as there is one active offline session.
- Wait more then 2min to the offline session expires
- Use the offline token to obtain a new access token
- Use the introspection endpoint to verify the new access token. This fails as there is no active session
-
The
tear_down.sh
stops the Keycloak server