Open LeTranAnhVu opened 2 years ago
I've done a write-up of my findings about the locking behaviour that we're confident caused a deadlock-like situation for us under enough concurrent requests.
https://github.com/AzureAD/microsoft-identity-web/issues/3078.
The class
OpenIdConnectCachingSecurityTokenProvider
uses read/write lock ofReaderWriterLockSlim
before get issuer and keys. I am wondering, why we need to use lock here? and what happen if we don't?