New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Re-attempt to get oxAuth metadata and token #12

Closed
yurem opened this Issue Apr 10, 2018 · 3 comments

Comments

Projects
None yet
3 participants
@yurem
Contributor

yurem commented Apr 10, 2018

For better user experience passport should re-try initialization on request.

Now it do this at startup. As result service fails and admin should restart it manually after enabling passport in GUI.

@yurem yurem added this to the 3.1.4 milestone Apr 10, 2018

@afroDC

This comment has been minimized.

Contributor

afroDC commented Apr 17, 2018

@yurem How would you like to see this re-try initialization on request process work?

@yurem

This comment has been minimized.

Contributor

yurem commented Apr 18, 2018

This app gets configuration from oxTrust. But it also requires oxAuth because this endpoint protected by UMA. Hence Passprot in some case can't get it configuration. As result it just print error in log.

Passprot app should try to get configuration at startup and store load_configuration_state (now it just print error). On next request to app context it should check load_configuration_state and try to obtain configuration again.

Also it will be useful to add timer process to get up to date configuration from oxTrust periodically to avoid Passport restart.

@jgomer2001

This comment has been minimized.

Contributor

jgomer2001 commented May 28, 2018

With this fix, a timer task runs upon service start and at every 30s it hits the endpoint /identity/restv1/passport/config using the UMA 2 flow.

If some error is found in any of the flow steps (e.g. underlying ox services down), a message is added to log, but the service continues up and running. Hopefully in a subsequent execution a resonse will be obtained successfully.

Also, from now on there is no need to restart passport if a strategy clientid/secret is added/changed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment