search

OrchardCMS / OrchardCore

Orchard Core is an open-source modular and multi-tenant application framework built with ASP.NET Core, and a content management system (CMS) built on top of that framework.
https://orchardcore.net
BSD 3-Clause "New" or "Revised" License
7.38k stars 2.38k forks source link

Configuration to reduce OpenID token size #15067

Open Piedone opened 8 months ago

Piedone commented 8 months ago

Is your feature request related to a problem? Please describe.

Originally by @MatthijsKrempel under https://github.com/OrchardCMS/OrchardCore/pull/4129:

For hosting in cloud based environments header size matters. Currently the default implementation of the OpenId serializes a lot of information into the security ticket, resulting into large headersizes of the request.

Describe the solution you'd like

[Extra options that] the administrator will be able to control what claims are included into the ticket, reducing the size of the values in the header. Additional information that a service would require could be retrieved via an additional request to the OpenId server.

There's a potential start of this feature under https://github.com/OrchardCMS/OrchardCore/pull/4129 but it needs to be re-implemented with the current source.

Describe alternatives you've considered

None.

sebastienros commented 7 months ago

There is a feature to store the tickets server-side using IDistributedCache, so this can even use Redis when it's enabled. https://docs.orchardcore.net/en/latest/docs/reference/modules/Users/TicketStore/

This is much simpler that asking users to map which tokens they want in the cookie (who would know?). And it's a feature provided by ASP.NET.