Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature idea - improve reliability of caching token introspections #311

Open
matwojcik opened this issue Nov 5, 2022 · 0 comments
Open

Feature idea - improve reliability of caching token introspections #311

matwojcik opened this issue Nov 5, 2022 · 0 comments
Labels
enhancement New feature or request

Comments

@matwojcik
Copy link
Collaborator

Right now there is a common TTL for every token introspection caching, e.g. 30 minutes. It makes applications really dependent on availability of Oauth2 server. If this becomes unavailable, application stops accepting any incoming requests until the Oauth2 server becomes available, even though the token may be valid for even couple of hours more!

Possible solutions:

  • set TTL to token expiration time, but in the background process try regularly to check if token is valid
  • if the token TTL is about to expire, and application request to validate it, try to call server to validate it, but if this fails with 500 trust the token introspection from cache
@matwojcik matwojcik added the enhancement New feature or request label Nov 5, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@matwojcik