thelabdude commented on issue #331: URL: https://github.com/apache/solr-operator/issues/331#issuecomment-931499624
One problem with the `bearerTokenSecret` approach is that it would require a non-expiring access token, which are generally frowned upon, but if people want to use those, I guess it's not a bad thing for the operator to support. The operator will have to go back to the OIDC provider using the `wellKnownUrl` only when a previously acquired access token expires. So there would be a lookup to the ConfigMap and some parsing involved but wouldn't be on every request, only when we get back an expired token response (suppose we could cache the expiration time with the token too so we could preemptively refresh it but that's getting into the weeds) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org
