問題描述
類 DefaultJWKSetCache 有兩個字段,lifespan 和 refreshTime.
來自 Java 文檔 -
The class DefaultJWKSetCache of nimbus-jose-jwt has two fields, lifespan and refreshTime.
From Java docs -
lifespan - 緩存的 JWK 設置在過期之前的壽命,負數表示沒有過期.
refreshTime - 之后的時間緩存的 JWK 集被標記為刷新,如果未指定則為負.應該短于或等于壽命.
lifespan - The lifespan of the cached JWK set before it expires, negative means no expiration.
refreshTime - The time after which the cached JWK set is marked for refresh, negative if not specified. Should be shorter or equal to the lifespan.
這兩者有什么區別.是不是這個意思,
在 壽命到期 之后,緩存的 JWK 集將被逐出并再次從 jwks 遠程 url 加載(說遠程 url,因為我正在使用 RemoteJWKSet).
刷新到期后,現有的 JWK 集將使用從遠程 url 檢索到的密鑰進行更新.
What is the difference between these two.
Does it mean that,
after the lifespan expiry the cached JWK set will be evicted and loaded again from jwks remote url (saying remote url as i am using RemoteJWKSet).
and after the refresh expiry the existing JWK set will be updated with the keys retrieved from remote url.
但我不明白兩者之間的實際區別.兩者似乎都在做同樣的事情.有人可以更詳細地解釋細節和任何例子嗎?
But i don't understand the practical difference between the two. Both seem to be doing same. Can some one explain the details with more granularity and any example.
編輯 - 如果我的生命周期沒有到期,refreshTime 的到期時間為 1 小時,我是否保證我的密鑰將每隔一小時更新一次.
Edit - if i give no expiry for lifespan, and 1 hour expiry for refreshTime, am i guaranteed that my keys will be updated every one hour.
推薦答案
lifespan 是 DefaultJWKSetCache 將驅逐緩存的 JWKSet.即,在緩存填充后 生命周期時間單位 之后,對 JWKSetCache.get() 的調用將始終返回 null 直到新的 JWKSet 存儲到緩存中.
The lifespan is the time after which the DefaultJWKSetCache will evict cached JWKSet. I.e., after lifespan time units passed since the cache was populated the calls to JWKSetCache.get() will always return null until new JWKSet is stored to the cache.
refreshTime 是影響 JWKSetCache.requiresRefresh() 方法返回值的時間.在緩存填充后經過 refreshTime 時間單位 后,此方法將返回 true,否則將返回 false.此設置不會以任何方式影響緩存行為.
The refreshTime is the time that impacts value returned by JWKSetCache.requiresRefresh() method. After refreshTime time units passed since the cache was populated this method will return true, otherwise, it will return false. This setting does not impact cache behavior in any way.
RemoteJWKSet 使用 JWKSetCache.requiresRefresh() 返回的值在緩存實際過期之前從遠程 URL 重新下載 JWKSet.這就是為什么文檔建議將 refreshTime 設置為小于 lifespan 的值.
The RemoteJWKSet uses the value returned by JWKSetCache.requiresRefresh() to re-download JWKSet from remote URL before the cache is actually expired. This is why documentation recommends to set refreshTime to a lesser value than lifespan.
目前,RemoteJWKSet 在 lifespan 或 refreshTime 已過時觸發遠程 JWKSet 的下載(請參閱 這條線.)因此,從今天開始,設置其中任何一個都沒有太大區別.我猜想可以通過將這兩個值分開來實現一些更復雜的邏輯.
Currently, RemoteJWKSet triggers download of remote JWKSet when either lifespan or refreshTime has passed (see this line.) Hence, there is not much difference in setting either one of these as of today. I guess some more complex logic can be potentially implemented having these two values separate.
這篇關于在 nimbus-jose-jwt 中,lifespan 和 refreshTime 有什么區別?的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持html5模板網!