Exception thrown from GetTokenIntrospectionResponseLazy is propagated to concurrent requests waiting on IntrospectionDictionary

[gao-artur]

Affected component

Duende.AccessTokenManagement

Version

6.3.0

Describe the bug

Consider two requests with the same token. The first request, R1, takes a "lock" on IntrospectionDictionary and goes to the server to validate the token. The second request, R2, waits for R1 to bring the server response. If R1 throws an exception (e.g. request timeout), R2 also gets this exception.

Steps to reproduce

1. Configure a timeout on OAuth2IntrospectionDefaults.BackChannelHttpClientName client
2. Start an introspection request
3. Hang the server response longer than the timeout
4. Start another request with the same token
5. Observe that the second request is aborted with a timeout error immediately when the first request is aborted

Expected behavior

The second request should get an opportunity to proceed to the server.

Additional context

There are multiple problems with the current solution:

• If you configured a 10 sec timeout, and the R2 starts 9 sec after the R1, the R2 will be aborted with a timeout exception even though it started only a second ago.
• It makes it impossible to cancel the R1 request using the HttpContext.RequestAborted cancellation token, as cancelling it also aborts R2. Check out this issue: Issue with adding Request Cancelation Token to Introspection Request DuendeArchive/IdentityModel.AspNetCore.OAuth2Introspection#177. You can, however, cancel R2 with Task.WaitAsync(token).

There might be exceptions that make sense to share with concurrent requests (like can't resolve the address, for example), but it also might not be trivial to choose what to share and what not to.