New validation model: Preview docs #3108
Conversation
| @@ -0,0 +1,86 @@ | |||
| # New token validation model | |||
There was a problem hiding this comment.
this would move to the wiki, in a page there. identityModel has the docs generally there.
There was a problem hiding this comment.
I included it in the PR for review. Should we remove the file from the repo and just send it to the wiki?
There was a problem hiding this comment.
Yes please! thanks @iNinja
| @@ -29,7 +30,7 @@ public async Task TestDefaultValidToken() | |||
| }; | |||
| CallContext callContext = new CallContext(); | |||
|
|
|||
| ValidationResult<ValidatedToken> validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); | |||
| ValidationResult<ValidatedToken> validationResult = await ((IResultBasedValidation)jsonWebTokenHandler).ValidateTokenAsync(token, validationParameters, callContext, default); | |||
There was a problem hiding this comment.
Instead of having casts everywhere, can we have a private get property returning this?
| @@ -0,0 +1,86 @@ | |||
| # New token validation model | |||
| The existing token validation model on `Microsoft.IdentityModel` relies on the exception based control flow dominant in C#. In some high-performance scenarios where latency is key, this can cause unintended increases when validations fail and throw. | |||
There was a problem hiding this comment.
What does "dominant in C#" mean?
There is another point which is that where trying several authentication schemes in ASP.NET Core, if one fails and the next succeeds, an error is still logged (which is confusing for developers). In other words the logs can make the decision too early to fail.
There was a problem hiding this comment.
I meant to say that the exception based control flow is the most common way to perform control flow in C#.
Other languages/frameworks have options at times, but here I would dare say over 90% of the codebases follow this approach as it is the norm.
Applied documentation suggestions with small changes.
|
@iNinja the package shipped last week, are you planning on merging this and updating the wiki? |
New validation model: Preview docs
Part of #2711