Search code examples
.net-coreazure-functionsopeniddict

Delete the expired or invalid openiddict tokens used in azure function

I am working on an azure function which is a part of a system. The authentication/ authorization of system is controlled by OpenIdDict library. After using our system for sometime in our production, there are millions of invalid and expired tokens in the OpenIddictTokens table which I believe is causing some of the calls in our system to slowdown.

Now I am working on a time triggered azure function whose purpose is to delete (get rid of) all the useless tokens & authorizations saved in the OpenIddictTokens and OpenIddictAuthorizations tables respectively.

I started looking at the openiddict documentation and api but could not find the exact match for my requirements related to implementation in azure yet.

Can someone please help? Thanks.

Solution

  • After looking into the documentation and experimenting with code, I was able to find the method and how to use this in my azure functions app.

    First add the dependency for openiddict in startup:

                builder.Services.AddOpenIddict()
            // Register the OpenIddict core services.
            .AddCore(options =>
            {
                // Register the Entity Framework stores and models.
                options.UseEntityFrameworkCore()
                    .UseDbContext<ApplicationDbContext>();
            });

    Then create the respective function with the IOpenIddictAuthorizationManager and IOpenIddictTokenManager as dependencies and call the PruneAsync method for both.

            private readonly IOpenIddictAuthorizationManager _openIddictAuthorizationManager;
        private readonly IOpenIddictTokenManager _openIddictTokenManager;

        public PruneTokenFunction(IOpenIddictAuthorizationManager openIddictAuthorizationManager, IOpenIddictTokenManager openIddictTokenManager)
        {
            _openIddictAuthorizationManager = openIddictAuthorizationManager;
            _openIddictTokenManager = openIddictTokenManager;
        }

        [FunctionName("prunetoken")]
        public async Task Run([TimerTrigger("0 */5 * * * ")] TimerInfo timerInfo)
        {
            await _openIddictTokenManager.PruneAsync(DateTimeOffset.Now.AddDays(-1));
            await _openIddictAuthorizationManager.PruneAsync(DateTimeOffset.Now.AddDays(-1));
        }

    Also following is the issue related to same query which might be helpful to many. Implement automatic expired token flushing