Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
1.9.2
Description
I'm using the google-cloud-storage provider version 1.9.2, which in turn uses the oauth API.
I noticed that every new blobstore request was also generating a new token request.
Looking into the oauth API source code, claims are instantiated in JWTBearerTokenFlow.filter(...), setting a new iat and exp for every new request.
Since every new request uses a new iat and exp value, AutoValue_Claims.equals(..) will always return false, resulting in a cache miss. Thus, claims in the tokenCache are never reused, making the cache useless.
My proposal is to simply override Claims.equals(..), excluding the iat and exp field from the comparison.
If that reasoning makes sense, I should be able to create a pull-request fixing this.