retrieve access token from javascript for user currently logged in

[slillo]

I've exacly the same problem raised in this support topic .

I would like to know what's the right way to retrieve/renew an access token for currently logged in user to use from javascript. I need a token to authenticate ajax requests.

Thanks in advance.

[slillo]

Client secret field is not mandatory, so I just configured client as public, leave client secret field blank.

In a plugin I've added an action

add_action('wp_login', array($this, 'afterLogin') , 10, 2);

In afterLogin method I set two cookies for keycloak token and refresh token.

            $lasttoken = get_user_meta($user->ID, "openid-connect-generic-last-token-response", true);
	
            $access_token = $lasttoken["access_token"];
	
            $refresh_token = $lasttoken["refresh_token"];
	
            setcookie("KC_TOKEN", $access_token);
	
            setcookie("KC_REFRESHTOKEN", $refresh_token);	`

In javascript I initialize keycloak with

keycloak.init({ onLoad: 'login-required', token: token, refreshToken: refreshToken })

Everything seems to work as expected. Before move in production I would like to be sure I'm not doing anything wrong.