You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@jclouds.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2016/09/01 08:20:20 UTC
[jira] [Commented] (JCLOUDS-1148) oauth API:
JWTBearerTokenFlow.tokenCache never hits
[ https://issues.apache.org/jira/browse/JCLOUDS-1148?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15454733#comment-15454733 ]
ASF subversion and git services commented on JCLOUDS-1148:
----------------------------------------------------------
Commit 913fdeb168db948d59c58531efa0a413332b3f71 in jclouds's branch refs/heads/master from [~danielrech]
[ https://git-wip-us.apache.org/repos/asf?p=jclouds.git;h=913fdeb ]
JCLOUDS-1148: Fix token caches in OAuth flows
> oauth API: JWTBearerTokenFlow.tokenCache never hits
> ---------------------------------------------------
>
> Key: JCLOUDS-1148
> URL: https://issues.apache.org/jira/browse/JCLOUDS-1148
> Project: jclouds
> Issue Type: Bug
> Affects Versions: 1.9.2
> Reporter: Daniel Haeser Rech
> Labels: oauth
>
> I'm using the google-cloud-storage provider version 1.9.2, which in turn uses the oauth API.
> I noticed that every new blobstore request was also generating a new token request.
> Looking into the oauth API source code, claims are instantiated in JWTBearerTokenFlow.filter(...), setting a new iat and exp for every new request.
> Since every new request uses a new iat and exp value, AutoValue_Claims.equals(..) will always return false, resulting in a cache miss. Thus, claims in the tokenCache are never reused, making the cache useless.
> My proposal is to simply override Claims.equals(..), excluding the iat and exp field from the comparison.
> If that reasoning makes sense, I should be able to create a pull-request fixing this.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)