Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Do not try an validate Oauth tokens that are known to be invalid #15890

Open
Labels
customer-reportedBugs reported by enterprise customers. Only humans may set this.need-backendIssues that need backend works2Broken use cases or features (with a workaround). Only humans may set this.securityArea: security
@Emyrk

Description

@Emyrk

Related to#14982

Problem

At present, every time a request for an external auth token is made,ValidateToken is called. If the jwt is not expired, but revoked on the IdP side, then Coder will consistently retry to use the token.

This can cause excessive IdP requests, and hit rate limits.

Failed refreshes were fixed such that they are not retried here:#15608

Solution

Do not reuse invalid tokens, caching the invalid error and preventing them from causing duplicate failed requests.

Notes

Metadata

Metadata

Assignees

No one assigned

    Labels

    customer-reportedBugs reported by enterprise customers. Only humans may set this.need-backendIssues that need backend works2Broken use cases or features (with a workaround). Only humans may set this.securityArea: security

    Type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions

      [8]ページ先頭
      ©2009-2025 Movatter.jp