Skip to content

Caching ClaimsPrincipal during authentication and re-caching FileConfiguration objects in Consul and Disk File configuration repos #1249

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
EngRajabi wants to merge 10 commits into from
Closed

Caching ClaimsPrincipal during authentication and re-caching FileConfiguration objects in Consul and Disk File configuration repos #1249

EngRajabi wants to merge 10 commits into from
+79 −32

Conversation

@EngRajabi
Copy link

@EngRajabi EngRajabi commented May 30, 2020
edited by raman-m
Loading

New Feature

Cache response access token

Motivation for New Feature

  • Improve performance for cache identity response.
  • Improve performance for cache disk file repository.
  • In large projects and with many simultaneous requests, this cache is required.

@EngRajabi
Copy link
Author

EngRajabi commented Jun 23, 2020

@TomPallister

ghost
ghost approved these changes Oct 7, 2020
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's Good

@raman-m
Copy link
Member

raman-m commented Jul 19, 2023

Hi Mohsen!
Thanks for the PR!

What issue is this PR related to?

@raman-m raman-m changed the base branch from master to develop July 19, 2023 17:38
@raman-m
Copy link
Member

raman-m commented Jul 19, 2023

@EngRajabi commented on May 30, 2020:

improve performance for cache identity response.
improve performance for cache disk file repository.

In comparison to what performance indicators was the current performance improved?
Could you rewrite the description of your feature request please?

@raman-m raman-m self-requested a review July 19, 2023 17:58
@raman-m raman-m added feature A new feature question Initially seen a question could become a new feature or bug or closed ;) needs feedback Issue is waiting on feedback before acceptance waiting Waiting for answer to question or feedback from issue raiser labels Jul 19, 2023
@EngRajabi
Copy link
Author

EngRajabi commented Jul 20, 2023

I was in an enterprise project that used the reference token type. I had a performance problem. Because in every request, it needs to request the identity of the server. The problem was solved with this cache.

EngRajabi
EngRajabi commented Jul 20, 2023
View reviewed changes
Copy link
Author

@EngRajabi EngRajabi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

merge conflict

@raman-m
Copy link
Member

raman-m commented Jul 20, 2023

@EngRajabi commented on July 20, 2023

Did you use Service Discovery + Identity Server setup, or classic setup + Identity Server Bearer Tokens?
🆗 We will talk more during code review...

@raman-m
Copy link
Member

raman-m commented Jul 20, 2023
edited
Loading

Unfortunately there are no builds for these commits!
So, I cannot start code review without having an actual valid/green build...

@raman-m raman-m force-pushed the feat_accessToken_cache branch from cd5675c to 0561ad5 Compare August 1, 2023 13:21
@raman-m raman-m removed question Initially seen a question could become a new feature or bug or closed ;) waiting Waiting for answer to question or feedback from issue raiser labels Aug 1, 2023
RaynaldM
RaynaldM approved these changes Aug 1, 2023
View reviewed changes
@raman-m raman-m force-pushed the develop branch 5 times, most recently from c216cdf to b458f0f Compare April 7, 2025 16:13
@raman-m raman-m force-pushed the develop branch 22 times, most recently from 908d84f to 0678e7a Compare April 19, 2025 15:13
@raman-m
Copy link
Member

raman-m commented Jan 14, 2026

New Feature

Cache response access token

Why use cache in authentication middleware? That’s a risky approach for the official Ocelot repo. In my opinion, there should be no caching for authentication. Feel free to handle it however you like in your forked repo.

Motivation for New Feature

  • Improve performance for cache identity response.

Authentication doesn’t take much time if the provider isn’t a remote system. With a local library, the authentication process completes in just a few CPU cycles, so there’s no need to cache the ClaimsPrincipal object.

  • Improve performance for cache disk file repository.

The DiskFileConfigurationRepository class acts as a local service for the FileConfigurationController, used as part of the Administration feature when the ConsulFileConfigurationRepository isn’t in play and no service discovery is involved. This functionality is mostly triggered during Ocelot’s startup and has no impact on performance if the Administration feature isn’t being used.

  • In large projects and with many simultaneous requests, this cache is required.

Really? First, prove this by sharing the complete solution on GitHub ❗

@raman-m
Copy link
Member

raman-m commented Jan 14, 2026

Caching ClaimsPrincipal during authentication and re-caching FileConfiguration objects in Consul and Disk File configuration repos

Regarding FileConfiguration objects...
This object can be easily read from the ASP.NET configuration provider after Ocelot starts. A developer just needs to use the IOptions<FileConfiguration> object from DI services. This is supported in Ocelot 👇

Ocelot/src/Ocelot/DependencyInjection/OcelotBuilder.cs

Line 54 in 9fc4e78

Services.Configure<FileConfiguration>(configurationRoot);

So, caching FileConfiguration isn’t necessary. Even if the Administration feature is used to update the ocelot.json file through the Administration API, ASP.NET configuration provider handles this at runtime, updating the object in DI, and the current state can be read from the IOptionsMonitor<FileConfiguration> service.

@RaynaldM @ggnaegi
I'm going to close this PR as it doesn't serve any purpose.

@raman-m raman-m closed this Jan 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@raman-m raman-m raman-m requested changes

@ggnaegi ggnaegi Awaiting requested review from ggnaegi

+3 more reviewers

@RaynaldM RaynaldM RaynaldM approved these changes

@wast wast wast approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@EngRajabi EngRajabi

Labels

Authentication Ocelot feature: Authentication Caching Ocelot feature: Caching Configuration Ocelot feature: Configuration feature A new feature

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@EngRajabi @raman-m @RaynaldM @wast