node-openid icon indicating copy to clipboard operation
node-openid copied to clipboard
verified publisher icon havard

Recommended way to check nonces in multi-server environment

Open earnubs opened this issue 9 years ago • 1 comments

Hi,

It looks like the nonce list is in memory and therefore any check would be per server, not per session? Is this acceptable or is there a recommended way to check nonces in a multi-server env?

earnubs avatar Nov 01 '16 13:11 earnubs

Apologies for the delayed reply. The nonce checks are not yet supporting multi-server scenarios. Someone will have to write a patch along the lines of what the library does for e.g. associations, should not be too hard.

havard avatar Feb 20 '17 21:02 havard