leastprivilege
commented
4 years ago I can't remember. Maybe I hash them before putting in the cache. The code is here:
https://github.com/IdentityModel/IdentityModel.AspNetCore.OAuth2Introspection
Closed kikaragyozov closed 4 years ago
leastprivilege
commented
4 years ago I can't remember. Maybe I hash them before putting in the cache. The code is here:
https://github.com/IdentityModel/IdentityModel.AspNetCore.OAuth2Introspection
kikaragyozov
commented
4 years ago Yeah, you're hashing them in SHA256. I forgot to close this, thank you.
When I pass the reference token as key to the Get method of the distributed cache implementation, it returns null. After inspecting with a debugger, the keys used inside the memory cache implementation have nothing in common with a reference token.
What exactly are they, and is there a way to delete them when I know a given user's reference token?