Delete retired keys even if they can't be unprotected

DuendeSoftware / IdentityServer

The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core

https://duendesoftware.com/products/identityserver

Other

1.49k stars 344 forks source link

Delete retired keys even if they can't be unprotected #1572

Open RolandGuijt opened 5 months ago

RolandGuijt commented 5 months ago

With the DeleteRetiredKeys option enabled keys from any configured store are now not deleted if they can't be unprotected. Please see the way the keys collection is built before this line of code.

Consider proceeding with the delete without unprotecting the key first (using just the "Created" property on the keystore entry)

brockallen commented 5 months ago

Oh I see... hmm, ok. Something to review.