New caching doesn't honor request! calls
hwo411 opened this issue · 6 comments
#33 introduced new caching functionality to store certificates in memory. However, it breaks the gem in many ways, because the in-memory caching isn't refreshed when you call request!, which results in different threads and/or processes having different certificates after request!.
I'd suggest to rollback the functionality and leave local caching implementation to the applications (since you can't refresh a local cache if the certificates are updated in other process without using a shared storage).
I'm also having issues with this. I could be wrong but the memory cache also appears to only cache a specific cert which may not be the one that matches the token being verified. During certificate rotation it's normal for us to receive valid tokens with different certificate keys.
Does the issue go away if you rollback the firebase_id_token version to 2.4.0? (as far as I can tell, 2.5.0 is the version where caching was introduced)
Hi there, everyone.
I encourage you folks to try that and if you wish, submit a fixing PR. Currently, I can't dig into that matter, but I can review, merge and release anything submitted.
We've rolled back to v2.4.0 now and it's working as expected.
@fschuindt I would suggest you just rollback the changes made in the v2.5.0 release as the new caching is fundamentally broken.