Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Access token revocation #19

Open
guicassolato opened this issue Dec 22, 2020 · 1 comment
Open

Access token revocation #19

guicassolato opened this issue Dec 22, 2020 · 1 comment
Labels
kind/enhancement New feature or request

Comments

@guicassolato
Copy link
Collaborator

Authorino should implement some support for access token revocation. Even with access tokens being checked in the identity verification step, Authorino could save processing and some external I/O by:

  1. providing an API to be informed about revoked access tokens, thus also ensuring support for immediate access suspension, and
  2. implementing a caching layer for revoked access tokens.
@guicassolato guicassolato changed the title Access token revocation support Access token revocation Dec 22, 2020
@guicassolato guicassolato added the kind/enhancement New feature or request label Mar 2, 2021
@alechenninger
Copy link

I wonder if a bloom filter could be used to see if a token might be revoked. That is, check if it "might" be revoked (in the set), and only then do the more expensive IO to introspect the token.

@alexsnaps alexsnaps moved this to Todo in Kuadrant Dec 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/enhancement New feature or request
Projects
Kuadrant
Status: Todo
Kuadrant Service Protection
Status: No status
Milestone
No milestone
Development

No branches or pull requests
2 participants
@guicassolato @alechenninger