Package org.keycloak.protocol.oidc.refresh

Class DefaultRefreshTokenProvider

java.lang.Object
org.keycloak.protocol.oidc.refresh.AbstractRefreshTokenProvider
org.keycloak.protocol.oidc.refresh.DefaultRefreshTokenProvider
All Implemented Interfaces:
RefreshTokenProvider, Provider
public class DefaultRefreshTokenProvider extends AbstractRefreshTokenProvider implements RefreshTokenProvider
Default refresh token provider. Requires valid user session, which is referenced in the refresh token, to be present in Keycloak storage

  • Constructor Details

    • DefaultRefreshTokenProvider

      public DefaultRefreshTokenProvider(KeycloakSession session)

  • Method Details

    • supports

      public boolean supports(RefreshTokenContext ctx)
      Specified by:
      supports in interface RefreshTokenProvider
      Parameters:
      ctx - Context, which contains old refresh token and some other data
      Returns:
      True if this provider supports verification of the refresh token from the context

    • refreshAccessToken

      public TokenManager.AccessTokenResponseBuilder refreshAccessToken(RefreshTokenContext ctx) throws OAuthErrorException
      Description copied from interface: RefreshTokenProvider
      Invoked during refresh-token request. Implements verifications related to old refresh token and creates token-response if all the verifications are successful
      Specified by:
      refreshAccessToken in interface RefreshTokenProvider
      Parameters:
      ctx - Context, which contains old refresh token and some other data
      Returns:
      successful token-response with new tokens and data, which would be returned in the successful token response
      Throws:
      OAuthErrorException - In case that validation failed or some other issue happened during token refresh