DRP VDM - Cookie Refreshes/Token Rotation #173
Description
Need to update Brokers so that every X minutes they issue cookie refresh commands to both connected Consumers and token timeout updates to peer Brokers. This could also be used for token rotation.
As part of this, the token needs to be a separate object or encapsulated within the DRP_AuthResponse structure. When a Broker authenticates a Consumer, this sequence occurs:
- Broker executes authResults = DRP_Node.Authenticate(username, password, null)
- If successful, Broker stores authResults in DRP_Node.ConsumerTokens
- Broker sends addConsumerToken({ tokenPacket: authResults }) to all Brokers in zone
Need to:
- Separate authentication from token generation
- Create standalone token structure
- Add expiration field to token structure
- Add timer and logic to rotate consumer tokens on local broker
- Set timer so that rotation/refresh only occurs if currently connected to VDM
- Add rotateConsumerToken function to Brokers to process rotation
- Add rotateConsumerToken function to Consumers to process rotation
- Determine where timeout values should originate - Authenticator or Broker
- Update startup process so that new Brokers will obtain tokens from other Brokers in zone