gabriel-farache opened a new issue, #1897: URL: https://github.com/apache/incubator-kie-issues/issues/1897
Whenever the workflow service requests an exchange token, the system should save the results in the primary near cache to avoid roundtrips to the OAuth2 server. The cache key must be the original access token extracted from the custom header in the workflow request. The tokens saved in this cache should be the access and refresh tokens. The cache should expire after the token expiration date. Administrators should align the OAuth2 server exchange token expiry policy with the total workflow execution interval. For example, if the workflow takes 10 minutes to complete, considering async calls and callbacks, the token should expire in 15 minutes minimum. Less than that will severely impact workflow execution, causing instances to fail since tokens won't be valid. In a cloud environment, the system must save the token cache in persistent storage shared among the pods from the same workflow service. This storage is crucial mainly on serverless executions, where the cluster will kill the workflow service pods after execution. The system should be able to restore the cache keys once the workflow execution is resumed. Quarkus has cache implementation support that we can leverage in this requirement. See [Application Data Cache](https://quarkus.io/guides/cache). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
