slnode
commented
9 years ago Can one of the admins verify this patch? To accept patch and trigger a build add comment ".ok\W+to\W+test."
Closed kalun1988 closed 6 years ago
slnode
commented
9 years ago Can one of the admins verify this patch? To accept patch and trigger a build add comment ".ok\W+to\W+test."
raymondfeng
commented
9 years ago @kalun1988 Sorry for the delay. I'll find some time to review it.
richardpringle
commented
8 years ago @raymondfeng
Also, any chance we could land this?
slnode
commented
8 years ago Can one of the admins verify this patch? To accept patch and trigger a build add comment ".ok\W+to\W+test."
richardpringle
commented
8 years ago ok to test
stale[bot]
commented
7 years ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
slnode
commented
7 years ago Can one of the admins verify this patch?
stale[bot]
commented
6 years ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
slnode
commented
6 years ago Can one of the admins verify this patch?
stale[bot]
commented
6 years ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
stale[bot]
commented
6 years ago This issue has been closed due to continued inactivity. Thank you for your understanding. If you believe this to be in error, please contact one of the code owners, listed in the CODEOWNERS file at the top-level of this repository.
matteo-pennisi
commented
5 years ago +1
By loopback oauth2 component default setting, there is a big problem that the records in OAuthAccessToken Table will be accumulated when using refresh token to renew the access token. It causes following problems: The records in tabel accumulated by time the old refresh tokens are still valid. the old access token are still valid until expiry time. More than one access token may be valid for same device at same time
So, we try to edit the logic on how to store new token set after refreshing token
Consider the TTL function in mongoDB, refer to Expire Data from Collections by Setting TTL We can set an sparse index to tell mongodb to housekeep the records, preventing accumulation occurs. we apply expireAfterSeconds index on issuedAt. (The old expiredAt field becomes useless)
we revise the logic on how to save Access Token how to check Access Token how to renew Access Token how to revoke Access Token