.NET Utility to blacklist & revoke access to stuff
License: MIT License
Interested in how it was made? Check out this repository: VisitCountImageGenerator
Hello!
Quick question, can you briefly explain the differences between MemoryBlackList and MemoryCacheBlackList?
I have my assumptions about them, but would love for you to elaborate, I need a little clarity on the purpose of MemoryCacheBlackList and why there is a separate class from MemoryBlackList
Thanks
Hello!
I think this is a GREAT project, I see so many posts online about how to invalidate JWT tokens, and everyone seems to be a bit clueless.
I very much appreciate this library and would love to contribute.
Do you have a 'to-do' list, or 'roadmap' so that I can start making some pull requests?
Thanks!
Hello,
I'd like to fix all the async methods and ensure all async methods end with the suffix Async - I will also add a CancellationToken cancellationToken = default); wherever possible.
This will be a breaking change as it changes all of the existing Method names.
I suggest that we do (1) of (2) things:
Option 1: Create duplicate methods with the suffix Async then mark the existing methods as [Obsolete] Iterate the version of Revoke.NET from 2.0.1 to 2.1.0`
When it comes time to release 3.0.0 we will remove the [Obsolete] methods
This option is safer, but more painful for development reasons that are obvious.
Option 2: Iterate to version 3.0.0 with the new Suffix of Async - this will be a breaking change. Users who wish to stay on version 2.x.x can do so.
My thoughts are that this is a younger project, so probably not many users, I vote for Option 2
What do you think?
Hello,
I was exploring your library and caught an exception during runtime. I had forgot to configure the TimeSpan on the RevokeToken `IserviceCollectionMethod.
/// <summary>
/// Register default InMemory BlackList Store Service using <seealso cref="MemoryCacheBlackList" />
/// </summary>
/// <param name="services">The services</param>
/// <param name="defaultTtl">The default ttl</param>
/// <returns>The services</returns>
public static IServiceCollection AddRevokeMemoryCacheStore(this IServiceCollection services, TimeSpan? defaultTtl = null)
{
services.TryAddSingleton<IBlackList>(provider => new MemoryCacheBlackList(provider.GetService<IMemoryCache>(), defaultTtl));
return services;
}You know the library better than I do, are there any 'run-time' use-case configurations where defaultTtl will be null and this method will be called?
I understand that null is allowed for this method, however, when Revoke is called while null is configured for defaultTtl an exception is thrown similar to:
"message": "System.ArgumentOutOfRangeException: The added or subtracted value results in an un-representable DateTime. (Parameter 'value')\r\n at System.DateTime.ThrowDateArithmetic(Int32 param)\r\n at System.DateTime.AddTicks(Int64 value)\r\n at System.DateTime.Add(TimeSpan value)\r\n at Revoke.NET.MemoryBlackList.Revoke(String key)"I would like to add a null check to ensure that an error is thrown on startup instead of runtime -- However, I am not sure if there is any reason why this will be marked as null during the startup.
Question
Is there any reason why a user will call this method below and be happy with a null value for TimeSpan?
// This or similar... note that the TimeSpan will be null
services.AddRevokeInMemoryStore().AddJWTBearerTokenRevokeMiddleware();Propose
Option 1: Do nothing, there is a reason why it will be null, ignore it.
Option 2: Add a null check that is thrown at runtime if the value is null.
Option 3: Remove 'allowed null's for this method
Option 4: Add a default value of XX Time in Days or Minutes
You know the library better than I do, what do you suggest?
Thanks
VERY cool project!! Its neat to see something so important and crucial implemented so nicely. This is a fantastic library and will become very popular as soon as more people learn about it.
I had a question about:
context => { /* create custom key selector from HttpContext */ },
response => { /* create a custom response to be sent when a request is revoked */ }
Can you provide an example of the 'custom key selector'? Im not sure what you mean by this. Do you mean like add the Authorization: Bearer <token> key where Authorization is the key? How would this work?
Why would anyone want to provide a custom response, is this an HTTP response? I'm not sure why the library will implement this, when the purpose of the library is to maintain a list of revoked keys. Can you please elaborate?
Thanks!
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.