Open jensengelke opened 4 years ago
@teddyjtorres @ayoho can you take a look, please?
This is a feature update, not a bug.
In a single login, we should avoid calling database multiple times to fetch the same client metadata data. We should investigate if there is db call that could be avoided, for example, in a code path, if we repeatedly call the db or not, and those duplication could be easily removed
I agree we should look into minimizing the lookups along with the side effects of this enhancement request.
Describe the bug When openidConnectServer is configured and Liberty manages one or many OIDC clients, requests for authentication or token validation frequently query the exact same information from the OIDC database.
Steps to Reproduce Configure an OIDC RP and invoke an authorization code or implicit flow login flow. Observe the queries sent to the OIDC database by the OIDC OP.
Expected behavior It should be possible to cache client information for a configurable time. Typically, OIDC client registrations change infrequently. MAYBE, a client is deleted or updated with a different set of redirect URLs. A slight delay in this change become active appears acceptable.
Diagnostic information: