The JSDoc for getToken states it calls updateToken if necessary, but it does not

[natereprogle]

Bug Report or Feature Request (mark with an x)

- [x] bug report -> please search for issues before submitting
- [ ] feature request

Versions.

keycloak-angular: 13.1.0 keycloak-js: 21 angular: 15.2.9

Repro steps.

1. Initialize keycloak-angular and obtain a token
2. Wait however long for your token to expire
3. Call #getToken(). The existing, expired token will be retrieved.

The log given by the failure.

No logs given, the token is just returned.

I did, however, run a rudimentary test. I called getToken() to get a token, then I used setTimeout to call getToken again 5 minutes later, which is when my token expires. As you can see, the tokens ended up being the same. I then attempted to access a resource that requires a valid token, which returned a 401 unauthorized, proving the token is bad.

Desired functionality.

The token is updated as JSDoc states. I would like to either see the JSDoc updated to not state that the token is refreshed, or have the token actually refresh instead. I know there is a keycloakEvents$ Subject which has an OnTokenExpired event, so personally I'd like to just see the JSDoc updated to reflect that getToken does not refresh it, but instead gets the last known token.

[natereprogle]

I know this is an extremely minor change, especially since keycloak-angular automatically attempts to update the token when using the HttpInterceptor or you can just use the keycloakEvents$ Subject. Nonetheless, not everyone will want to immediately refresh the token when it expires, nor will they use Angular's HTTP module (I prefer Axios).

I'm submitting a PR shortly to add an option to refresh the token when getToken() is called, but it's not mandatory. Let me know if anything needs to change!