[
https://issues.apache.org/jira/browse/SLING-8869?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16986813#comment-16986813
]
Bertrand Delacretaz commented on SLING-8869:
--------------------------------------------
I don't have much context about this so feel free to ignore this comment if
it's not relevant...AFAIU the current patch disables caching of any tokens that
might expire.
Isn't that a problem in terms of performance? You could maybe enhance the
Executor with a checkExpired() method that getExecutor() can call to refresh
the token only when needed. If it's a standard Java Executor that you're using
you'd need an instanceof + cast to your expanded Executor to run the check, but
that's a small price to pay vs not caching at all.
> SimpleHttpDistributionTransport does not refresh the secret for token based
> implementations.
> --------------------------------------------------------------------------------------------
>
> Key: SLING-8869
> URL: https://issues.apache.org/jira/browse/SLING-8869
> Project: Sling
> Issue Type: Bug
> Components: Content Distribution
> Reporter: Mohit Arora
> Priority: Critical
> Fix For: Content Distribution Core 0.4.2
>
> Attachments: SLING-8869.patch
>
>
> While saving the {{contextKeyExecutor}} in {{DistributionTransportContext}}
> map, it is not expected that the secret associated with the executor could be
> expired. This can happen in case of access token based implementations where
> the token is expired after a certain period of time and has to be refreshed.
> The code to refresh the token is written in the secret provider but since the
> executor is [cached in the map|#L208]] the secrets are not refreshed. It
> works fine for credentials based secret provider but not for access token
> based.
> cc - [~marett]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
