Refresh token XHR Request

[romilin]

Hello @EricWittmann ,

The refresh token request failed with this logs on chrome :

The problem also exist on firefox, here is the logs i get :

I also have the problem when i use my local apicurio. It appears at the end of the token life.
I tried to changes some settings on my keycloak but i can't solve the problem.

Do you have any idea on how to correct that ?

[romilin]

Hello,

I think the solution to this problem is not a keycloak settings.

The "token" request doesn't have a preflight request such as "designs" request. Maybe adding this preflight for token will correct that bug ?

What do you think about that ?

[romilin]

Hello,

An update on this subject :
I changed the token request to POST instead of GET and I got this :

As u can see, the "Access-Control-Allow-Origin" is in the response headers.

If I'm right, Quarkus Code Flow Redirect is use in the next request to keycloak. I tried to change this request to a POST too but still don't know how to do it.
Here is the response to the preflight request without the headers I need :

Any idea on how to make this "quarkus" request to do a POST instead of GET ?

[romilin]

Hello @EricWittmann
Still no idea on how to correct that bug 😞

@carlesarnal : I saw your work in QuarkusAuthenticationFilter
The solution might be there ?

i just tried the live version of Apicurio, the bug is not corrected so users can't work more than 5 minutes (acces token lifespan duration in keycloak) without manual refresh.

Any ideas ?

[carlesarnal]

@EricWittmann we should release a new version of Studio with this fix to the upstream version.