mirror
/
hydra
mirror of https://github.com/ory/hydra
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
hydra/docs
History
Henning Perl f29fe3af97
feat: stateless authorization code flow (#3515) 
This patch optimizes the performance of authorization code grant flows by minimizing the number of database queries. We acheive this by storing the flow in an AEAD-encoded cookie and AEAD-encoded request parameters for the authentication and consent screens. 

BREAKING CHANGE:

* The client that is used as part of the authorization grant flow is stored in the AEAD-encoding. Therefore, running flows will not observe updates to the client after they were started.
* Because the login and consent challenge values now include the AEAD-encoded flow, their size increased to around 1kB for a flow without any metadata (and increases linearly with the amount of metadata). Please adjust your ingress / gateway accordingly.
 		2023-06-12 20:27:00 +02:00
..
README.md feat: custom client token ttl (#3206) 2022-07-28 21:12:09 +02:00
flow-cache-design-doc.md feat: stateless authorization code flow (#3515) 2023-06-12 20:27:00 +02:00
sidebar.json feat: custom client token ttl (#3206) 2022-07-28 21:12:09 +02:00

README.md

Documentation

Please find the documentation at www.ory.sh/docs/hydra.

To contribute to the documentation, please head over to: github.com/ory/docs/tree/master/docs/hydra