New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The "invalid_grant" error occurs again when loading the offline client session with an early creation time. #23397
Closed
2 tasks done
Comments
lexcao
added a commit
to lexcao/keycloak
that referenced
this issue
Sep 20, 2023
ghost
removed
the
status/triage
label
Oct 13, 2023
ahus1
pushed a commit
that referenced
this issue
Oct 13, 2023
martin-kanis
pushed a commit
to martin-kanis/keycloak
that referenced
this issue
Oct 13, 2023
Closes keycloak#23397 (cherry picked from commit eedc4ce)
Yang-Xie-OSS
pushed a commit
to Hitachi/keycloak
that referenced
this issue
Nov 21, 2023
Yang-Xie-OSS
pushed a commit
to Hitachi/keycloak
that referenced
this issue
Nov 22, 2023
srose
pushed a commit
to srose/keycloak
that referenced
this issue
Dec 20, 2023
kamontat
pushed a commit
to kamontat/keycloak
that referenced
this issue
Jan 20, 2024
Closes keycloak#23397 Signed-off-by: Kamontat Chantrachirathumrong <14089557+kamontat@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Before reporting an issue
Area
infinispan
Describe the bug
Background
The origin issue was #9959 and wax fixed by #17490.
Regarding to the loading client session, I also proposed a fix #8671 long time ago.
From that time I made those customization in our production, and everything works well.
Recently, We update our Keycloak version to
22.0.3
and replace the customization with that fix.And the
invaid_grant
error occurs again.I compared the code between my customization and keycloak implementation, and find that,
there is
checkExpiration
added in theimportClientSession
methodhttps://github.com/keycloak/keycloak/blob/main/model/infinispan/src/main/java/org/keycloak/models/sessions/infinispan/InfinispanUserSessionProvider.java#L1072-L1080
Issue
When refreshing token, there was error
invalid_grant
and error description isSession doesn't have required client
The offline client session fails to load properly, while the offline user session loads successfully.
Version
22.0.3
Expected behavior
Offline client session loads successfully.
Actual behavior
When refreshing token, there was error
invalid_grant
and error description isSession doesn't have required client
How to Reproduce?
The steps are same as the #9959
And, the
timestamp
for the offline client session in the database should be a time before the offline session idle time or offline max session time (if set)Anything else?
I have identified the problem and will submit a PR later.
The text was updated successfully, but these errors were encountered: