Merged
Conversation
- OIDC provider metadata refreshes now run in a background task via spawn_local, never blocking incoming HTTP requests. - Multiple concurrent refresh triggers are deduplicated via an AtomicBool. - The write lock on the OIDC client is only held briefly to swap data, not during the upstream HTTP call. - Add a body-read timeout to OIDC HTTP requests to prevent hangs when the provider stalls after sending headers. - Add tests for both scenarios: slow discovery and slow token endpoint. Fixes #1231 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace tokio::sync::RwLock<ClientWithTime> with std::sync::RwLock<Arc<OidcSnapshot>>. The std lock makes it structurally impossible to hold across await points. Readers clone an Arc (nanoseconds) and use it freely — no lock contention. Many previously-async functions become synchronous (get_token_claims, build_auth_url, handle_unauthenticated_request, handle_oidc_logout, etc). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace std::time::Instant with tokio::time::Instant in OidcSnapshot so that tokio::time::pause()/advance() controls elapsed time in tests. Remove force_expire() — tests advance time past MAX_REFRESH_INTERVAL instead. Simplify slow discovery test from ~70 to ~30 lines. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add a discovery request counter to FakeOidcProvider and assert it increments after the background refresh completes. Remove unused set_discovery_delay method. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
lovasoa
force-pushed
the
refactor/oidc-background-refresh
branch
from
32ec48c to
6dcd690
Compare
lovasoa
force-pushed
the
refactor/oidc-background-refresh
branch
from
1977a2d to
ba06855
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
spawn_local), never blocking incoming HTTP requests. The write lock is only held briefly to swap data, not during upstream HTTP calls.AtomicBoolflag.response.timeout()) to OIDC HTTP requests to prevent hangs when the provider stalls after sending response headers.force_expire()test helper onOidcStatefor deterministic testing of refresh behavior.Fixes #1231
Test plan
test_slow_discovery_does_not_block_authenticated_requests— verifies authenticated requests complete while a slow provider refresh runs in the backgroundtest_slow_token_endpoint_does_not_freeze_server— verifies the body-read timeout prevents hangs on slow token endpoints🤖 Generated with Claude Code