IdentityModel.AspNetCore.OAuth2Introspection

IdentityModel.AspNetCore.OAuth2Introspection copied to clipboard

Replace lock with semaphore so event inside can be awaited.

ovska

Potential issue with unawaited UpdateClientAssertion event

5

https://github.com/IdentityModel/IdentityModel.AspNetCore.OAuth2Introspection/blob/main/src/OAuth2IntrospectionHandler.cs#L211 The `OnUpdateClientAssertion` event is invoked without an `await`, probably because it is inside a `lock`. This can potentially cause hard to diagnose bugs if the event is assigned to...

ovska

Improve performance and reduce allocations in hot paths

1

I tried to make the changes as non-intrusive to the codebase as possible. Added unit tests for verify the functionality against current version. Each change is in its' own commit,...

ovska

feat: add possibility to ignore missing "exp" claim in introspection

7

Hey there! I'm currently having an issue with an identity provider that does not return the "exp" claim in the introspection response. Since the "exp" claim is not required by...

buehler

Performance improvements

1

There are a couple of places where per-request performance can be improved, mainly in number of allocations. I'd be happy to contribute with some improvements and unit tests. Let me...

ovska

The corresponding NuGet package `IdentityModel.AspNetCore.OAuth2Introspection` has a dependecy on package `IdentityModel >= 5.0.0`. Is it possible to update the dependency to `>= 5.1.0`?

altenstedt

Support for actor claim type

4

Hi, Could you provide similar support for actors as AddJwtBearer handler does ?

matiii

HTTP 400 Bad Request can cause InvalidOperationException

1

If we hit our introspect endpoint with a missing or invalid client_id, it responds with: ``` 400 BadRequest {"errorCode": "invalid_client", "errorSummary": "Invalid value for 'client_id' parameter."} ``` Unfortunately because it...

webley

Setting cache duration based on response from introspection endpoint

1

We are currently using IdentityModel.AspNetCore.OAuth2Introspection in many applications, using a wrapped Keycloak as authorization server. Some of our business cases are very time critical, therefore we want to enable caching...

SandroGlueck

Error returned from introspection endpoint: An error occurred while sending the request.

3

We have multiple applications using client credentials flow token introspection, communicating with a load-balanced solution using IdentityServer4; all of these are hosted in IIS. At least once/day, one of the...

unionthugface