Feature #18347
open
Cache negative token lookups in federation/OIDC
Description
For client-provided federated tokens, or token that are validated using OIDC:
If the token is ultimately explicitly rejected by the remote, or the remote responds with an unacceptable response (eg claiming the token belongs to a user the cluster doesn't own) or it rejected by OIDC and every other check, it should cache the result for a certain amount of time as a known-bad token. This enables future requests using that token to be rejected quickly avoiding more expensive federated or OIDC lookups. This is a mitigation strategy for badly behaved clients that retry a failed request using the same bad token.
It is important that it does not record negative results when the lookup failed due to communications failures such as 500 errors or timeouts.
Updated by Peter Amstutz over 2 years ago
- Description updated (diff)
- Subject changed from Cache negative token lookups to Cache negative token lookups in federation/OIDC
Updated by Peter Amstutz over 2 years ago
- Target version changed from 2021-11-24 sprint to 2021-12-08 sprint
Updated by Peter Amstutz over 2 years ago
- Target version deleted (
2021-12-08 sprint)