UaaTokenStore: Don't fall over when failing to expire oauth codes #772
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Hey mook-as! Thanks for submitting this pull request! I'm here to inform the recipients of the pull request that you and the commit authors have already signed the CLA. |
|
We have created an issue in Pivotal Tracker to manage this: https://www.pivotaltracker.com/story/show/155091700 The labels on this github issue will be updated when the story is started. |
mook-as
added a commit
to mook-as/uaa
that referenced
this pull request
Feb 9, 2018
MySQL does row-level locking, which means when we delete expired oauth codes in parallel we can sometimes hit a harmless deadlock (where the two delete updates execute across the rows in different order simultaneously). This is not an issue as the winning update will expire tokens as appropriate, plus the tokens are checked for expiry on use. This commit is cherry-picked from 0144d13 ( cloudfoundry#772 )
mook-as
added a commit
to mook-as/uaa-release
that referenced
this pull request
Feb 9, 2018
See cloudfoundry/uaa#772 Cherry picked from PR commit 0144d1310434b94cb18742e975f4aed0bfe8e1bd
mook-as
force-pushed
the
oauth-token-expiry-deadlock
branch
from
0144d13
to
909f486
Compare
MySQL does row-level locking, which means when we delete expired oauth codes in parallel we can sometimes hit a harmless deadlock (where the two delete updates execute across the rows in different order simultaneously). This is not an issue as the winning update will expire tokens as appropriate, plus the tokens are checked for expiry on use.
mook-as
force-pushed
the
oauth-token-expiry-deadlock
branch
from
909f486
to
332d119
Compare
|
Closed via: ebdecc4 |
cf-gitbot
added
delivered
accepted
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
MySQL does row-level locking, which means when we delete expired oauth codes in parallel we can sometimes hit a harmless deadlock (where the two delete updates execute across the rows in different order simultaneously). This is not an issue as the winning update will expire tokens as appropriate, plus the tokens are checked for expiry on use.
This was encountered when repeatedly running multiple instances of
cf sshin parallel on a Cloud Foundry deployment using a single non-HA UAA instance (backed by a single non-HA MySQL database).Thanks for building UAA!