Userinfo cache does not check for expiry #8297

kobergj · 2024-01-26T14:37:38Z

The userinfo cache, which caches the oidc tokens in the proxy service has only a ttl of 10s. This is because is don't check the expiry of cached tokens. It relied on a ttl it set per record, but this is not working in nats-js-kv

The proxy service should check the expiration even if it pulled it from the cache. This would allow us to increase the ttl and reduce pressure on the idp

The text was updated successfully, but these errors were encountered:

kobergj added the Type:Bug label Jan 26, 2024

kobergj mentioned this issue Jan 26, 2024

NATS registry / cache / store #7272

Closed

1 task

micbar added Priority:p2-high Escalation, on top of current planning, release blocker Topic:Security labels Jan 26, 2024

micbar added this to Infinite Scale Team Board Jan 26, 2024

github-project-automation bot moved this to Qualification in Infinite Scale Team Board Jan 26, 2024

micbar moved this from Qualification to Prio 2 in Infinite Scale Team Board Jan 26, 2024

micbar added this to the Release 5.0.0 milestone Jan 26, 2024

butonic self-assigned this Jan 29, 2024

butonic mentioned this issue Jan 31, 2024

verify expiry of cached claims #8310

Merged

butonic closed this as completed Jan 31, 2024

github-project-automation bot moved this from Prio 2 to Done in Infinite Scale Team Board Jan 31, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Userinfo cache does not check for expiry #8297

Userinfo cache does not check for expiry #8297

kobergj commented Jan 26, 2024

Userinfo cache does not check for expiry #8297

Userinfo cache does not check for expiry #8297

Comments

kobergj commented Jan 26, 2024