<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:26:01 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DRIVERS-2615] OIDC reauth sends commands we know will fail</title>
                <link>https://jira.mongodb.org/browse/DRIVERS-2615</link>
                <project id="10980" key="DRIVERS">Drivers</project>
                    <description>&lt;div class=&quot;panel&quot; style=&quot;background-color: #fafbfc;border-width: 1px;&quot;&gt;&lt;div class=&quot;panelContent&quot; style=&quot;background-color: #fafbfc;&quot;&gt;
&lt;h3&gt;&lt;a name=&quot;Summary&quot;&gt;&lt;/a&gt;&lt;b&gt;Summary&lt;/b&gt;&lt;/h3&gt;

&lt;p&gt;In the OIDC spec, to prevent unintentional expiry of a valid cache, we introduced a mechanism that allows us to check if a connection &quot;has&quot; an expired Access Token. Using this mechanism, we can, in a non-blocking way, check if a command will fail prior to sending it. The spec requires error-handling logic around the &quot;sending of the command&quot;, to retry the command after reauth if the command fails (due to that expired Access Token). A pre-emptive check can be placed prior to sending the command, instead of sending the command and waiting for it to fail, and then re-sending.&lt;/p&gt;

&lt;p&gt;Without this pre-emptive check, every time an Access Token expires, all connections will unnecessarily fail their next command (and then retry and succeed).&#160;&#160;&lt;/p&gt;
&lt;h3&gt;&lt;a name=&quot;Motivation&quot;&gt;&lt;/a&gt;&lt;b&gt;Motivation&lt;/b&gt;&lt;/h3&gt;
&lt;h4&gt;&lt;a name=&quot;Whoistheaffectedenduser%3F&quot;&gt;&lt;/a&gt;Who is the affected end user?&lt;/h4&gt;

&lt;p&gt;OIDC users.&lt;/p&gt;
&lt;h4&gt;&lt;a name=&quot;Howdoesthisaffecttheenduser%3F&quot;&gt;&lt;/a&gt;How does this affect the end user?&lt;/h4&gt;

&lt;p&gt;Unnecessary command failures. Spec elsewhere makes effort to avoid excess round-trips (speculative auth, etc.).&lt;/p&gt;
&lt;h4&gt;&lt;a name=&quot;Howlikelyisitthatthisproblemorusecasewilloccur%3F&quot;&gt;&lt;/a&gt;How likely is it that this problem or use case will occur?&lt;/h4&gt;

&lt;p&gt;Main path.&lt;/p&gt;
&lt;h4&gt;&lt;a name=&quot;Iftheproblemdoesoccur%2Cwhataretheconsequencesandhowseverearethey%3F&quot;&gt;&lt;/a&gt;If the problem does occur, what are the consequences and how severe are they?&lt;/h4&gt;

&lt;p&gt;Perf concern.&lt;/p&gt;
&lt;h4&gt;&lt;a name=&quot;Isthisissueurgent%3F&quot;&gt;&lt;/a&gt;Is this issue urgent?&lt;/h4&gt;

&lt;p&gt;Ideally addressed as part of original OIDC work, since it appears to be a trivial fix (few lines of code).&lt;/p&gt;
&lt;h4&gt;&lt;a name=&quot;Isthisticketrequiredbyadownstreamteam%3F&quot;&gt;&lt;/a&gt;Is this ticket required by a downstream team?&lt;/h4&gt;

&lt;p&gt;&lt;em&gt;-&lt;/em&gt;&lt;/p&gt;
&lt;h4&gt;&lt;a name=&quot;Isthisticketonlyfortests%3F&quot;&gt;&lt;/a&gt;Is this ticket only for tests?&lt;/h4&gt;

&lt;p&gt;not tests&lt;/p&gt;
&lt;h3&gt;&lt;a name=&quot;AcceptanceCriteria&quot;&gt;&lt;/a&gt;&lt;b&gt;Acceptance Criteria&lt;/b&gt;&lt;/h3&gt;

&lt;p&gt;Spec contains wording equivalent to: &quot;Drivers must perform a pre-emptive, non-blocking check to see if the Connection&apos;s Access Token is expired. If it is, they must reauthenticate prior to performing the operation, rather than only after the operation has failed due to a 391.&quot; (The spec must still require reauth after a 391, since the token can expire on the server without the driver yet knowing.) Spec has a test that exercises the above.&lt;/p&gt;
&lt;/div&gt;&lt;/div&gt;</description>
                <environment></environment>
        <key id="2326270">DRIVERS-2615</key>
            <summary>OIDC reauth sends commands we know will fail</summary>
                <type id="4" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14710&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="10300" iconUrl="https://jira.mongodb.org/images/icons/priorities/medium.svg">Unknown</priority>
                        <status id="10038" iconUrl="https://jira.mongodb.org/images/icons/subtask.gif" description="">Backlog</status>
                    <statusCategory id="2" key="new" colorName="default"/>
                                    <resolution id="-1">Unresolved</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="maxim.katcharov@mongodb.com">Maxim Katcharov</reporter>
                        <labels>
                    </labels>
                <created>Thu, 27 Apr 2023 17:38:05 +0000</created>
                <updated>Thu, 21 Sep 2023 02:00:10 +0000</updated>
                                                                <component>Authentication</component>
                                        <votes>0</votes>
                                    <watches>2</watches>
                                                                                                                <comments>
                            <comment id="5719920" author="JIRAUSER1263701" created="Thu, 21 Sep 2023 02:00:10 +0000"  >&lt;p&gt;In &lt;a href=&quot;https://jira.mongodb.org/browse/DRIVERS-2616&quot; title=&quot;OIDC-SASL Follow-Up&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DRIVERS-2616&quot;&gt;&lt;del&gt;DRIVERS-2616&lt;/del&gt;&lt;/a&gt; we are removing the global cache and the drivers are no longer using the token expiration time, so I think we can close this ticket.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                            <outwardlinks description="depends on">
                                        <issuelink>
            <issuekey id="2116020">DRIVERS-2415</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                            <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_10951" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Driver Changes</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10748"><![CDATA[Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|i1ozsw:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        </customfields>
    </item>
</channel>
</rss>