Complete rewrite of the library #6
Conversation
The library was storing a state in a GenServer which is causing various issues: 1. When configuration is changed we needed to restart the process having a small OIDC downtime during the process; 2. There were no way to run async tests because GenServer was querying discovery document URL's on the background, which means we wasn't able to use Bypass in integration tests 3. Storing a lot of configuration on the library side would cause a lot of issues once we have multi-tenancy and a ton of different configuration, the GenServer will be a bottleneck.
Pull Request Test Coverage Report for Build 12ebf94f530c25a06636d590c11cac25eb520b6a-PR-6Warning: This coverage report may be inaccurate.This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.
Details
💛 - Coveralls |
There was a problem hiding this comment.
This looks great! Sorry for the delayed review. One minor comment about versioning, and a question:
This library seems to still use a GenServer for the documents cache -- apologies for my confusion, but was that one of the things we were trying to steer clear of? I guess we can't avoid having some kind of state management.
| @@ -1,13 +1,13 @@ | |||
| defmodule OpenIDConnect.Mixfile do | |||
| use Mix.Project | |||
|
|
|||
| @version "0.2.2" | |||
| @version "1.0.0" | |||
There was a problem hiding this comment.
Nice ;-). Hm, thoughts on maybe reserving the 1.0 for when we pass OpenID's Relying Party conformance tests?
Don't feel too strongly about, just a thought.
There was a problem hiding this comment.
We can bump a version to 2.0 later if tests will uncover something to introduce breaking changes, otherwise, it could remain 1.0 or 1.1. The main reason why I changed major version is because API is completely changed and somebody is going to use our fork then we don't want them to assume it's the same.
|
@jamilbk the GenServer is just a maintainable and simple to comprehend way for now to maintain HTTP cache, later we can do something more complex if it's proven to be a bottleneck (eg. by using ParitionedSupervisor or ETS). |
The library was storing a state in a GenServer which is causing various issues:
When the configuration is changed we needed to restart the process having a small OIDC downtime during the process;
There was no way to run async tests because GenServer was querying discovery document URL's in the background, which means we weren't able to use Bypass in integration tests
Storing a lot of configuration on the library side would cause a lot of issues once we have multi-tenancy and a ton of different configurations, the GenServer will be a bottleneck.
HTTPPoisonis not maintained any more (and archived) so we should not rely on it:http_clientopt it did not really allow to override it because it matched on theHTTPoison.Responsestruct everywhere.The library itself was tested poorly mocking pretty much everything including its own GenServer implementation, so this did not feel like a reliable piece to be at the core of the product.