richteambs
commented
4 years ago I just fell foul of this, and I'm not alone: https://github.com/Azure/azure-storage-net/issues/969
Open lordstyx opened 5 years ago
richteambs
commented
4 years ago I just fell foul of this, and I'm not alone: https://github.com/Azure/azure-storage-net/issues/969
Rick-Anderson
commented
4 years ago Moved to Master issue: Key storage providers in ASP.NET Core #17625
akempe
commented
4 years ago Please can this get documented soon. It's not obvious that this token isn't auto-renewed (given the behaviour of the keystore access token) and the exact integration point to implement the callback isn't well documented either. Also, the frequency of the callback, and the timespan to wait to renew, it's documented. We're left to guess how to configure that timespan and guess as to when a token renewal will actually get an extended validity.
When creating new API surfaces like this, can the team please spend 5 minutes to think about how we will consume it and document the anticipated usage. There are so many places where the thought process behind aspnet core just isn't documented and it causes so much friction.
In the provided code sample an access token is used for the StorageCredentials. However, this token will at some point expire and the web application will then no longer be able to update the data protection keys, causing all kinds of issues. A solution was offered here https://github.com/aspnet/AspNetCore/issues/9012 to use the constructor of TokenCredential that takes a func to refresh the token after a certain period. Can the documentation at least point out that in the current form of the sample code token expiration has to be taken into account when applying it to production environments?
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.