-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathExample5.puml
More file actions
95 lines (63 loc) · 2.1 KB
/
Example5.puml
File metadata and controls
95 lines (63 loc) · 2.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
@startuml
box Client
participant Alice as a
participant RefreshService as refresh
end box
box API
participant Resource as res
participant Auth as auth
end box
note over refresh
**Third problem**
**Premise**
Alice and Bob run concurrently. Each are allowed to refresh
the access token using the refresh token.
Refresh tokens remain the same through all operations.
Alice and Bob refreshes access tokens with a service, in
order to not end up in a deadlock. The service checks
for locally updated access tokens before refreshing.
**The problem**
API fails to validate the access token.
Locking Alice into a request/refresh loop.
end note
note right of auth
<color blue>refreshToken1</color>
<color black>accessToken42</color>
end note
note left of a
<color blue>refreshToken1</color>
<color red>accessToken1</color>
end note
a -[#green]> res: 1 <color red>accessToken1</color>
a <[#green]-- res: 1 ✋ Invalid <color red>accessToken1</color>
a -[#green]> refresh: 2 Refresh <color red>accessToken1</color>
refresh -[#green]> auth: 2 <color blue>refreshToken1</color>
auth -> auth: 2 Update access token
note right of auth
<color blue>refreshToken1</color>
<color purple>accessToken2</color>
end note
refresh <[#green]-- auth: 2 <color purple>accessToken2</color>
a <[#green]-- refresh: 2 <color purple>accessToken2</color>
note left of a
<color blue>refreshToken1</color>
<color purple>accessToken2</color>
end note
a -[#green]> res: 3 <color purple>accessToken2</color>
a <[#green]-- res: 3 ✋ Invalid accessToken2
a -[#green]> refresh: 4 Refresh <color red>accessToken1</color>
refresh -[#green]> auth: 4 <color blue>refreshToken1</color>
auth -> auth: 4 Update access token
note right of auth
<color blue>refreshToken1</color>
<color darkorange>accessToken3</color>
end note
refresh <[#green]-- auth: 4 <color darkorange>accessToken3</color>
a <[#green]-- refresh: 4 <color darkorange>accessToken3</color>
note left of a
<color blue>refreshToken1</color>
<color darkorange>accessToken3</color>
end note
a -[#green]> res: 4 <color darkorange>accessToken3</color>
a <[#green]-- res: 4 ✋ Invalid accessToken2
@enduml