Feature Request: Bust the cache

Question

Feature Request: Bust the cache

ghstahl opened this issue 4 years ago · 4 comments

The cache key is internal knowledge of this library.

$"{cacheKeyPrefix}{token.Sha256()}"

example usage of the cache key;

public static async Task<IEnumerable<Claim>> GetClaimsAsync(this IDistributedCache cache, string cacheKeyPrefix, string token)
        {
            var bytes = await cache.GetAsync($"{cacheKeyPrefix}{token.Sha256()}").ConfigureAwait(false);

            if (bytes == null)
            {
                return null;
            }

            var json = Encoding.UTF8.GetString(bytes);
            return JsonSerializer.Deserialize<IEnumerable<Claim>>(json, Options);
        }

I can bust the cache myself, but that is only because I have this source code that shows me what the key is and is using IDistributedCache.

Should this library expose the ability to bust the cache by passing in the access_token?

Answer 1 · 2021-01-30T08:31:35.000Z

I don't think that this is the concern of an authentication handler - but please tell me what you want me to see as exposed data so someone can "officially" write an extension for it.

Answer 2 · 2021-01-30T14:15:52.000Z

Hi Dom
I created a pull request for you to review.

in short, it introduces the following into OAuth2IntrospectionOptions

/// <summary>
/// Specifies the method how to generate the cache key from the token
/// </summary>
public Func<OAuth2IntrospectionOptions,string, string> CacheKeyGenerator { get; set; } = CacheUtils.CacheKeyFromToken();

If I can rely on this library to use IDistributedCache and I have control over cacheKey generation, then I can bust the cache for any reason downstream.

Answer 3 · 2021-02-10T12:17:06.000Z

merged + pushed. Thanks!

Answer 4 · 2021-02-25T00:08:44.000Z

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue.