Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow push token to delay the response #1583

Open
cornelinux opened this issue Apr 17, 2019 · 1 comment

Comments

Projects
None yet
2 participants
@cornelinux
Copy link
Member

commented Apr 17, 2019

When authenticating with a push token, the response of the API request to validate/check is directly returned - for good reasons.
Applications then should poll for the confirmation of the push token.
Although this is a cleaner design, we can offer an alternative.

The response of the validate/check request is held back until the push token was confirmed.

Some problems: If the user has several tokens, how should we react:

  1. another token successfully authenticated: return directly?
  2. all other tokens failed to authenticate: wait?

We need at least the following settings:

  1. activate this behaviour
  2. timeout, how long privacyIDEA should wait for an answer of the push token

@cornelinux cornelinux added this to the 3.1 New Feature Release milestone Apr 17, 2019

@fredreichbier

This comment has been minimized.

Copy link
Member

commented Apr 23, 2019

Sounds handy! However, we should keep in mind that simply delaying the response will block a worker thread, which won't be able to handle other requests in the meantime. In a productive environment, it could happen that privacyIDEA becomes unresponsive for some time because all worker threads are waiting for a push token response.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.