IdentityServer3.AccessTokenValidation

IdentityServer3.AccessTokenValidation copied to clipboard

Check automatic refresh interval before refreshing the security tokens.

2

Possible fix for the performance issue found in the _DiscoveryDocumentIssuerSecurityTokenProvider_ when the _RetrieveMetadata_ method is called. [https://github.com/IdentityServer/IdentityServer3.AccessTokenValidation/issues/154](url)

SingleCopy

TypeLoadException when we use Microsoft.Owin 4

5

Microsoft's Owin team is working on new version of Owin/Katana. [Microsoft.Owin.Security.Jwt](https://www.nuget.org/packages/Microsoft.Owin.Security.Jwt/4.0.0-alpha1) now uses **latest version of System.IdentityModel.Tokens.Jwt** and **Microsoft.IdentityModel.Tokens nuget package** When I tried to use Microsoft.Owin.Security.Jwt alongside IdentityServer3.AccessTokenValidation, I...

ysmoradi

How to know Identity server is down using app.UseIdentityServerBearerTokenAuthentication( New IdentityServerBearerTokenAuthenticationOptions()

1

We are using app.UseIdentityServerBearerTokenAuthentication( New IdentityServerBearerTokenAuthenticationOptions() With { .Authority = "https://first.com:443", .ValidationMode = ValidationMode.ValidationEndpoint, .ValidationResultCacheDuration = New TimeSpan(0, 0, 200), .EnableValidationResultCache = True, }) in our web API and on...

jitender82

Performance issues with ValidationMode.Local

6

The latest change introduced in v2.15.0 has a huge performance issue when the validation mode is set to local. The change was to remove the time check in the _DiscoveryDocumentIssuerSecurityTokenProvider_...

SingleCopy

Hi, We have a requirement to change URL of our existing IdSrv3 instance and do it without any outage. Playing around with url rewrites/proxies etc etc for many reasons seems...

vytautasziurlis

2.15 causes deadlocks/hangs under heavy load

10

It looks like this change causes thread deadlocks/hangs under heavy load (many requests (several 100s per second) running under ASP.NET) - why was the quick exit removed? https://github.com/IdentityServer/IdentityServer3.AccessTokenValidation/commit/dec7f5c14784ddcaeb3c99aaf3cced7ddf22eed1#diff-5b2c5cc8b17ae721dd148a69c90508e6L136 WebAPI 2...

ErikEJ

The component IdentityServer3.AccessTokenValidation seems to have a strict dependency on IdentityModel versions between (>= 1.9.2 && < 2.0.0). This makes it impossible to use the latest version of IdentityModel (2.12.0)...

tiwari-abhishek

IntrospectionEndpointTokenProvider currently uses /connect/introspect as introspection endpoint which works perfectly with IdentityServer. Some other provides (e.g. Okta - see link below) have slightly different endpoint but currently there is no...

amit-g

Here's my startup.cs: ``` public partial class Startup { public void Configuration(IAppBuilder app) { // Configure IdSrv before any AutoFac DI registrtion app.ConfigureIdentityServer(); // Congiure WebApi, MVC, With AutoFac var...

marzoukali

Hello, I've noticed that when the Authority server's response is not successful it will return a 401 HTTP status, despite of the Authority server's response. As clients assume that [a...

leonardochaia