You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, I am new to lua-resty-openidc and have started analysing the main flows.
I have build up the following scenario for testing.
-> keycloak (token ttl = 5min)
-> secured angular app with 4 components, all refreshing their content every minute via REST calls
-> redis as storage backend to better analyse session/cookie function
My question:
-> After auth at keycloak, lua-resty-openidc created one session with one cookie with all configured content (token, refresh ..). Perfect.
-> Subsequent calls of the angular app get bearer injected as long as "token expired" is false. Perfect.
-> After 5 min (see above keycloak configured token ttl) 4 almost parallel requests arrive at nginx with expired tokens (okay, to be clear: they arrive with the same cookie, which reflects the expired token).
-> All 4 calls go into refresh token mode, initiate 4 refresh token calls at keycloak and iterate persistence over 4 new cookies in redis.
Is this the expected behaviour or am I missing important configuration options?
I actually assumed that the "session lock" I see in redis - should (or could) be used to overcome this resource consuming situation.
What are your thoughts?
Thanks!
The text was updated successfully, but these errors were encountered:
Hi, I am new to lua-resty-openidc and have started analysing the main flows.
I have build up the following scenario for testing.
-> keycloak (token ttl = 5min)
-> secured angular app with 4 components, all refreshing their content every minute via REST calls
-> redis as storage backend to better analyse session/cookie function
My question:
-> After auth at keycloak, lua-resty-openidc created one session with one cookie with all configured content (token, refresh ..). Perfect.
-> Subsequent calls of the angular app get bearer injected as long as "token expired" is false. Perfect.
-> After 5 min (see above keycloak configured token ttl) 4 almost parallel requests arrive at nginx with expired tokens (okay, to be clear: they arrive with the same cookie, which reflects the expired token).
-> All 4 calls go into refresh token mode, initiate 4 refresh token calls at keycloak and iterate persistence over 4 new cookies in redis.
Is this the expected behaviour or am I missing important configuration options?
I actually assumed that the "session lock" I see in redis - should (or could) be used to overcome this resource consuming situation.
What are your thoughts?
Thanks!
The text was updated successfully, but these errors were encountered: