Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature Request] Extensibility allows customers to bring their distributed cache or hybrid cache in IdentityModel 8 #2537

Open
jmprieur opened this issue Mar 26, 2024 · 3 comments
Open

[Feature Request] Extensibility allows customers to bring their distributed cache or hybrid cache in IdentityModel 8 #2537

jmprieur opened this issue Mar 26, 2024 · 3 comments
Assignees
@kellyyangsong
Labels
IdentityModel8x Future breaking issues/features for IdentityModel 8x P1 More important, prioritize highly

Comments

@jmprieur
Copy link
Contributor

jmprieur commented Mar 26, 2024
edited

Is your feature request related to a problem? Please describe.
Some partners request to have an L1/L2 cache for metadata

Describe the solution you'd like
An extensibility mechanism to provide a distributed cache? IDistributedCache in .NET 9 or the new hybrid cache in .NET 9?
@brentschmaltz brentschmaltz added the IdentityModel8x Future breaking issues/features for IdentityModel 8x label Mar 30, 2024
@jennyf19 jennyf19 added the P1 More important, prioritize highly label Apr 11, 2024
@jmprieur
Copy link
Contributor Author

jmprieur commented Apr 21, 2024
edited

Today, IdentityModel uses the EventBaseLRUCache for two purposes:

  • the (OpenIdConnect) Configuration LKG as a EventBaseLRUCache<DateTime, Configuration> in BaseConfigurationManager
  • an InMemoryCryptoProviderCache, which contains two caches for signature providers (signing signature providers and verifying signature providers)
    • EventBasedLRUCache<string, SignatureProvider> _signingSignatureProviders;
    • EventBasedLRUCache<string, SignatureProvider> _verifyingSignatureProviders;

This cache is used in the KeyVaultCryptoProvider which is going to be removed in IdentityModel 8.

Image

The proposal is to:

  • replace the implementation using EventBasedLRUCache by HybridCache (brought with .NET 8)
  • possibly have an implementation of HybridCache with the EventBasedLRUCache?
  • Surface HybridCache (which is an abstract class) in the constructor of BaseConfiguration

We won't touch the InMemoryCryptoProviderCache?

  • how would that work with DI? design to be provided in IdWeb (and extended to MISE)

@jmprieur jmprieur removed their assignment Apr 21, 2024
@GeoK
Copy link
Member

GeoK commented Apr 30, 2024

@jmprieur Hybrid Cache seems to still be in an API design phase. Would leveraging IDistributedCache on BaseConfiguration be sufficient? I don't think any changes to InMemoryCryptoProviderCache should be part of this feature request.

Adding IDistributedCache to IdentityModel.Tokens will set a precedent of adding M.Extensions* to IdentityModel.
Microsoft.Extensions.Caching.Abstractions is lightweight but could still cause dependency conflicts on net461.
On that note, would each IdentityModel target depend on different M.Extensions version, or we are thinking about standardizing on v9?

@jmprieur
Copy link
Contributor Author

jmprieur commented May 1, 2024

Yes, IDistributedCache would be a wiser choice for the moment.

No indeed. we should not touch InMemoryCryptoProviderCache (as I believe I wrote above). Only the BaseConfigurationManager.

Yes, let's standardize to v8..0 and v9.0 for net9.0, until net9,.0 GAes at which point we'll move to v.9.0/ That's what the .NET team recommended.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kellyyangsong kellyyangsong

Labels
IdentityModel8x Future breaking issues/features for IdentityModel 8x P1 More important, prioritize highly
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@GeoK @brentschmaltz @jmprieur @jennyf19 @kellyyangsong