we have distributed webapi application uses oauth token issued provider communicate api, lasts specific amount of time,
we thinking of storing token in datastore , retrieving before making call api, , have background windows service refreshing token every 1hr or so.
are there proven patterns on how refresh token in distributed application ?
thanks -nen
we starting implement similar. looking @ redis cache store tokens. way number of distributed applications can or update cache needed. redis can scaled out , distributed well. removes need syncing service , it's available pretty simple interface communication. if client reads expired token, it's in charge of removing cache (circuit breaker) , notifying auth service. have auth service in charge of adding cache. can either refresh of dead token, or ignore notification if don't want automatic refreshing. don't have functional yet, it's coming along nicely.
Comments
Post a Comment