Skip to content

CamundaCloudTokenProvider - Allow disabling of file system credentials cache persistence and add tolerance for token expiration #828

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

CamundaCloudTokenProvider - Allow disabling of file system credentials cache persistence and add tolerance for token expiration #828

wants to merge 1 commit into from

Conversation

@foliv57
Copy link

@foliv57 foliv57 commented Nov 29, 2025

  • Introduces a DisableCredentialsCachePersistence() builder method in client CamundaCloudClientBuilder to prevent persisting token cache in file system. The goal is to allow users to setup an in-memory only cache for e.g. serverless usage of the client.
  • Fixes concurrent access issue to AccessToken cache. The introduction of a SemaphoreSlim will protect concurrent accesses to the dictionary and the file system, and prevent concurrent token fetching. The choice of SemaphoreSlim is done because it is the lock mechanism that fits the best with async/await model. The implementation is optimized to prevent locking when a valid token is in cache.
  • Introduces a UseAccessTokenDueDateTolerance(TimeSpan tolerance) builder method in client CamundaCloudClientBuilder. The goal of this option is to allow the user to refresh the AccessToken slightly before expiration to prevent that, because of network latency, a token considered valid by the client is expired when validated by the authorization server.

This change also solves partially issue 637. But the issue rather mentions introducing different implementation of the IAccessTokenCache. This approach is more impacting for the PersistedAccessTokenCache for just an in-memory only alternative, as this implementation already have its in-memory cache. To limit the impact, I chose to only improve the existing implementation.

closes #415 #642

@ofreundAdvz
fix: CamundaCloudTokenProvider - Allow disabling of file system crede…
446ff4a 
…ntials cache persistence and add tolerance for token expiration

- Adds a DisableCredentialsCachePersistence() method in client CamundaCloudClientBuilder to prevent persisting token cache in file system to keep only in-memory cache.
- Fixes concurrent access issue to AccessToken cache.
- Adds AccessToken due date tolerance.

Refs: camunda-community-hub#415 camunda-community-hub#642
@foliv57 foliv57 requested a review from ChrisKujawa as a code owner November 29, 2025 09:46
@CLAassistant
Copy link

CLAassistant commented Nov 29, 2025
edited
Loading

CLA assistant check
All committers have signed the CLA.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ChrisKujawa ChrisKujawa Awaiting requested review from ChrisKujawa ChrisKujawa is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Unable to run on Azure Function - CamundaCloudTokenProvider makes unauthorised writes to local file system

3 participants

@foliv57 @CLAassistant @ofreundAdvz