Fix invalid token due to the cache race (#1763)

2025-01-11 16:38:27 +01:00 · 2024-03-28 12:33:56 +01:00 · 2024-03-28 12:33:56 +01:00 · 22beac1b1b
commit 22beac1b1b
parent bd7a65d798
1 changed files with 10 additions and 2 deletions
--- a/management/server/grpcserver.go
+++ b/management/server/grpcserver.go
@ -343,10 +343,18 @@ func (s *GRPCServer) Login(ctx context.Context, req *proto.EncryptedMessage) (*p
 	userID := ""
 	// JWT token is not always provided, it is fine for userID to be empty cuz it might be that peer is already registered,
 	// or it uses a setup key to register.
+
 	if loginReq.GetJwtToken() != "" {
+		for i := 0; i < 3; i++ {
 			userID, err = s.validateToken(loginReq.GetJwtToken())
+			if err == nil {
+				break
+			}
+			log.Warnf("failed validating JWT token sent from peer %s with error %v. "+
+				"Trying again as it may be due to the IdP cache issue", peerKey, err)
+			time.Sleep(200 * time.Millisecond)
+		}
 		if err != nil {
-			log.Warnf("failed validating JWT token sent from peer %s", peerKey)
 			return nil, err
 		}
 	}