Affects Version/s: 7.1.X, 7.2.X, 7.3.X
Component/s: Application Security > OpenID Connect
When using OpenIdConnect and requiring to get a new accessToken via refreshToken, tokens are created but they aren't propagated to OpenIdConnectSessionProvider thus accessToken is not renewed on the client side.
Steps to reproduce.
- Configure SSO via OpenIdConnect and keycloak
- Deploy keycloak.token.test-1.0.0.jar and drop it on a page
- Log in using Keycloak (open-id-connect)
- An access token is shown in the portlet
- Wait 1 minute and refresh the page
AccessToken is different than step 4
Access token is the same as in step 4
Cannot test in master or 7.4 due to https://learn.liferay.com/dxp/latest/en/liferay-internals/reference/7-4-breaking-changes.html#replaced-the-openidconnectservicehandler-interface-with-the-openidconnectauthenticationhandler