Skip to content

fix(jans-auth-server): always save access_token to persistence regardless of cache configuration #10763

New issue
New issue
Closed
#10784
Closed
fix(jans-auth-server): always save access_token to persistence regardless of cache configuration#10763
#10784
Assignees
yuriyz
Labels
comp-jans-auth-serverComponent affected by issue or PRkind-bugIssue or PR is a bug in existing functionality
Milestone
1.4.0
@yuriyz

Description

@yuriyz
yuriyz
opened on Jan 30, 2025

Describe the bug
We need to always save access_token to persistence regardless of cache configuration.

To Reproduce
Set AS to save tokens only in cache. And then call /end_session. It kills tokens if it's not in cache. But if AT goes to cache then AS has no way to identify such tokens.

Expected behavior
It should clear all tokens bound to this session.

This was discovered during GluuFederation/gluu4#86

Metadata

Metadata

Assignees

Labels

comp-jans-auth-serverComponent affected by issue or PRkind-bugIssue or PR is a bug in existing functionality

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions