When ApiClient is used concurrently (either with a single or multiple instances) with DPoP enabled, it will eventually fail with an invalid ath DPoP claim error.
This is caused by the static MessageDigest in DPoPInterceptor not being thread safe, and returning invalid token hashes if used from multiple threads.
=> wrap the static field in a ThreadLocal to get an instance per thread.
Description
Category
[x] Bugfix
[ ] Enhancement
[ ] New Feature
[ ] Library Upgrade
[ ] Configuration Change
[ ] Versioning Change
[ ] Unit or Integration Test(s)
[ ] Documentation
Signoff
[x] I have submitted a CLA for this PR
[x] Each commit message explains what the commit does
[x] I have updated documentation to explain what my PR does
[x] My code is covered by tests if required
[x] I did not edit any automatically generated files
Issue(s)
When ApiClient is used concurrently (either with a single or multiple instances) with DPoP enabled, it will eventually fail with an invalid ath DPoP claim error. This is caused by the static MessageDigest in DPoPInterceptor not being thread safe, and returning invalid token hashes if used from multiple threads.
=> wrap the static field in a ThreadLocal to get an instance per thread.
Description
Category
Signoff