Skip to content
This repository was archived by the owner on May 31, 2022. It is now read-only.
This repository was archived by the owner on May 31, 2022. It is now read-only.

Why the ACCESS_TO_REFRESH have a same expire time with refresh token not the access token #1954

Open
Open
Why the ACCESS_TO_REFRESH have a same expire time with refresh token not the access token#1954
Labels
status: waiting-for-triage
@nl594

Description

@nl594
nl594
opened on Mar 26, 2022

The ACCESS_TO_REFRESH have a same expire time with refresh token not the access token,
the access token xxx may be already expired in redis,but the access_to_refesh:xxx is still in redis。
What is access_to_refesh:xxx used for ?
I think access_to_refesh:xxx should have the same expire time with access token xxx, if access token xxx is expired,access_to_refesh:xxx need expired too,Otherwise, it will occupy redis space.

Does anyone can explain this ?

https://github.com/spring-projects/spring-security-oauth/blob/2b58aafecac336e82f20ea43da9b208b0a4a40dd/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/token/store/redis/RedisTokenStore.java#L232

Metadata

Metadata

Assignees

No one assigned

    Labels

    status: waiting-for-triage

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions