Where do I need to send a request to have access token updated? Because if I send a request to my resource service I have token expired exception even if gatekeeper updates the token.
I want to update an access token using a refresh token. The gatekeeper documentations says 'If a request for an access token contains a refresh token and --enable-refresh-tokens is set to true, the proxy will automatically refresh the access token for you.' - https://www.keycloak.org/docs/latest/securing_apps/index.html#refresh-tokens
And indeed when token is expired gatekeeper updates access token and injects it somewhere in the response, but when the request is forwarded to the resource service I have ExpiredJwtException, because there is no new refreshed token in the request. And I can see in failed response that there is an old token instead of new one. However if a timeout error occurs on the resource service side and gatekeeper returns its own response to user than I can see that access and refresh tokens are updated.
Here is the gatekeeper logs:
1.5732098220167706e+09 info keycloak-gatekeeper/middleware.go:154 accces token for user has expired, attemping to refresh the token {"client_ip": "172.18.0.1:36270", "email": "demo@demo1.com"}
1.5732098220504465e+09 info keycloak-gatekeeper/middleware.go:206 injecting the refreshed access token cookie {"client_ip": "172.18.0.1:36270", "cookie_name": "kc-access", "email": "demo@demo1.com", "refresh_expires_in": 3600, "expires_in": 59.949554727}
1.573209822050499e+09 debug keycloak-gatekeeper/middleware.go:226 renew refresh cookie with new refresh token {"refresh_expires_in": 3600}
1.5732098220505428e+09 debug keycloak-gatekeeper/middleware.go:367 access permitted to resource {"access": "permitted", "email": "demo@demo1.com", "expires": -5.050542554, "resource": "/*"}
1.573209851051063e+09 info keycloak-gatekeeper/middleware.go:90 client request {"latency": 29.036757293, "status": 500, "bytes": 44, "client_ip": "172.18.0.1:36270", "method": "GET", "path": "/ping"}
