Comments (8)
I am not sure how interfacing the data classes would help you preventing from having multiple queries. For example why couldn't caching be solved in TokenStore.
You could solve caching in the (example) implementation:
class DatabaseTokenStore: TokenStore {
val cachedAccessTokens = mutableMapOf<String, AccessToken>()
override fun accessToken(token: String): AccessToken? {
if (cachedAccessTokens .contains(token)) {
return cachedAccessTokens[token]
}
// return results from databsae if not in cache
}
Wouldn't this solve your case?
from kotlin-oauth2-server.
My issue is the conversion eating up performance for no good reason.
additionally in a REST API a cache like you propose would create a huge mess when the token is created by one instance and deleted by an other. Database caching takes in account the lifetime of the request and doing that manually would be prone to bugs and regressions.
We minimize maintenance, not development cost, and hacks are extremely high in maintenance.
I am going to do a fork when i get around to optimization.
from kotlin-oauth2-server.
I am confused, first you started if it is because of the amount of queries, but then it seems to be about conversion of objects. Perhaps I could help if you would have a clear example.
from kotlin-oauth2-server.
The object conversion requires exposed to do additional database queries to fetch the DAO, and caching like in your example would create a security vulnerability as a token deletion from another instance would not clear the other instance's caches.
Everything is simpler if you let people have implementation freedom, and interfaces are the way to go if you don't want to rework everything with generics.
I wanted to see if you are interested in changing that, but it will be easier for everybody if i do a fork when i get around to optimizing the server. I will also add coroutine support while i am at it.
from kotlin-oauth2-server.
To be clear the psuedo code what I provided here was just an example.
I used data classes to have better seperation between storage and data representation to avoid these ever getting mixed. By making the store flexible, you will have a central place to resolve it. The API will be less clear if we interface data classes.
To me it is still unclear what you want. Do you mean you lack some extra properties that you want to pass around with the data classes? If that is the case, I think a metadata field adds more value (like Identity then interfacing it.
from kotlin-oauth2-server.
I used data classes to have better seperation between storage and data representation to avoid these ever getting mixed.
That is what i am complaining about, the Exposed DAO system requires them to be mixed and this puts me in a pickle. This decision should be up to the implementation.
If you did intend this i will gladly make a fork.
from kotlin-oauth2-server.
So would metadata on other data classes help you? This is something which can be done quite easily
from kotlin-oauth2-server.
No, thanks.
from kotlin-oauth2-server.
Related Issues (20)
- Javalin framework support HOT 1
- Sparkjava framework support HOT 1
- Refresh token always returns current refresh token
- UserInfo should be TokenInfo HOT 1
- Headers are case sensetive despite RFC 2616 HOT 2
- How to use? HOT 6
- JWT Support HOT 3
- Allow extension of grant types HOT 2
- Make TokenService low-level implementation
- Ability to add metadata to access and refresh tokens HOT 7
- Add id_token to TokenResponse HOT 5
- Add a gradle configuration guide HOT 2
- Assumptions on request scopes behavior
- Form login authorize endpoint HOT 3
- How to encapsulate requests into the "authenticated" part in ktor? HOT 3
- Support PKCE for Authorization Server HOT 3
- Ktor KtorCallContext respondStatus() doesn't return status to client
- Bintray is deprecated HOT 6
- Ktor `2.0.0` support HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kotlin-oauth2-server.