Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

task: Updated to only refresh tokens of type Client #44

Merged
merged 1 commit into from
Feb 6, 2023
Merged

task: Updated to only refresh tokens of type Client #44

merged 1 commit into from
Feb 6, 2023

Conversation

chriswk
Copy link
Member

@chriswk chriswk commented Feb 6, 2023

having thought about this over the weekend this PR includes two optimizations. One for sending on the validated_tokens from the validate token channel. One for filtering which tokens the feature_refresh_channel keeps on TokenType. Should prevent us from receiving 403's from Upstream.

Also pointed out to me that our auth middleware also needs to check the tokentype before allowing/disallowing the call.

@chriswk chriswk force-pushed the task/filterTokensToRefresh branch from 2c449d9 to 41b7158 Compare February 6, 2023 08:03
sighphyre
sighphyre approved these changes Feb 6, 2023
View reviewed changes
Copy link
Member

@sighphyre sighphyre left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

G

@sighphyre sighphyre merged commit d32e20b into main Feb 6, 2023
@sighphyre sighphyre deleted the task/filterTokensToRefresh branch February 6, 2023 08:09
nunogois
nunogois reviewed Feb 6, 2023
View reviewed changes
server/src/http/background_refresh.rs
if let Err(err) = sink_result {
warn!("Couldn't sink token result: {err:?}")
} else {
let _ = feature_channel.send(token).await;
for valid in validated_tokens {
let _ = feature_channel.send(valid).await;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it be better to only send in filtered "client" tokens to the channel instead of sending in everything and filtering on the refresh_features method?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Occurred to me as well. I suspect we're going to tap into this from more than just this place, though, so it's nice to be defensive. Probably something for a future PR when the structure is more settled here if we only call this from the one place

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sighphyre sighphyre sighphyre approved these changes

@nunogois nunogois nunogois left review comments

@gastonfournier gastonfournier Awaiting requested review from gastonfournier

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chriswk @nunogois @sighphyre