You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We're currently observing up to two calls per request when provided with a bearer token.
The calls not being cached is already covered under #1734, but this ticket specifically relates to multiple calls being made per request when the micronaut-security-oauth2 is added as a dependency.
@MicronautTest
class MyTest {
// code equivalent to that in NimbusReactiveJsonWebTokenSignatureValidator
@Inject List<ReactiveSignatureConfiguration<SignedJWT>> signatures;
@Test
void test() {
assertEquals(1, signatures.size());
}
}
This test will fail as there are two instances present. Although a contrived example this is exactly what is happening in NimbusReactiveJsonWebTokenSignatureValidator and leading to our live code doing multiple calls.
Expected Behavior
A JWKS file should only be loaded once
Actual Behaviour
We're currently observing up to two calls per request when provided with a bearer token.
The calls not being cached is already covered under #1734, but this ticket specifically relates to multiple calls being made per request when the micronaut-security-oauth2 is added as a dependency.
Steps To Reproduce
This test will fail as there are two instances present. Although a contrived example this is exactly what is happening in NimbusReactiveJsonWebTokenSignatureValidator and leading to our live code doing multiple calls.
I believe the issue is with JwksUriSignatureFactory.java that has:
BUT ReactiveJwksSignature.java already has an @EachBean on it, resulting in multiple definitions.
Environment Information
No response
Example Application
(see code example above, if not sufficient can provide a sample app)
Version
4.5.1
The text was updated successfully, but these errors were encountered: