WebSocker-Next - Refresh OIDC AccessToken without reconnection

quarkusio / quarkus

Quarkus: Supersonic Subatomic Java.

https://quarkus.io

Apache License 2.0

13.8k stars 2.68k forks source link

WebSocker-Next - Refresh OIDC AccessToken without reconnection #43434

Open dometec opened 1 month ago

dometec commented 1 month ago

Description

At the moment, when an access token expires, the WebSocker-Next server closes the connection. Sometimes, it's a problem since a token life span can be very short (a few minutes) and reconnection can be expensive. Is it possible to think of some mechanism that allows the client to refresh the token before it expires and not close the websocket connection?

Implementation ideas

Maybe a PATCH request to the same WebSocket endpoint to update the access token can be a solution?

quarkus-bot[bot] commented 1 month ago

/cc @pedroigor (oidc), @sberyozkin (oidc)

sberyozkin commented 1 month ago

The tricky part is to have an expired but earlier verified token replaced with a token which has also been verified by Quarkus.