Odoo 17 Ent + auth_oidc + keycloak / session expired

[timnis]

Module

auth_oidc

Describe the bug

Session expiration time too short and require need re-login to Odoo When using Odoo all the time then no problem.

To Reproduce

Affected versions: 17.0

Steps to reproduce the behavior:

1. setup like described in https://github.com/OCA/server-auth/tree/16.0/auth_oidc#setup-for-keycloak
2. login to Odoo and let browser be idle 10-15min
3. your session is expired and you need to login again to Odoo

Expected behavior session expiration time to be longer

Additional context Keycloak version is latest 24.0.3. Is this refresh token issue?

This could be solved with right keycloak config but not yet find correct ones. In keycloak I have

• SSO Session Idle 4h
• SSO Session Max 8h
• SSO Session Idle Remember Me 30 days
• SSO Session Max Remember Me 90 days

Does this require some of these OpenID Connect Compatibilty Modes?

[timnis]

Actually session expire from previous device if you login to Odoo from different device.

To reproduce

1. Login to Odoo from laptop
2. Login to Odoo from mobile with same user
3. Session from laptop is expired immediately

Is there way to allow users to use multiple devices without expire sessions form from different devices?

[sbidoul]

Is there way to allow users to use multiple devices without expire sessions form from different devices?

Look for auth_oauth_multi_token in this repo.

[timnis]

@sbidoul thanks. Looks like its available up to version 16 and we using 17 😄 Need to wait...