- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Jun 2 2021
We still need to take care of:
Added a test for the password validation
Jun 1 2021
Now taking the ldap password into account
- Simplify again
- Simplify/Unify
- Couple of fixes, tenant-condition for wallets
May 31 2021
May 27 2021
In D2566#30199, @machniak wrote:On the other hand, maybe %dms format would be better for query time.
In D2494#30205, @machniak wrote:To sum up the current state:
- All tests pass!
- Tokens refresh request is fast now, but /auth/login is still 0.3-0.4 sec. I didn't investigate how much of that is passport.
To sum up the current state:
- All tests pass!
- Tokens refresh request is fast now, but /auth/login is still 0.3-0.4 sec. I didn't investigate how much of that is passport.
- We should probably add some code to Kernel as in https://laravel.com/docs/6.x/passport#purging-tokens
- @vanmeeuwen, should take a look at this regarding deployment of the oauth keys and client secret (and ./artisan passport:keys --force) - we need the same keys on every Kolab4 host.
On the other hand, maybe %dms format would be better for query time.
May 26 2021
- phpstan
- Addressed slow token issuing by customizing the PassportServiceProvider
We're not the first to encounter the crypto slowness:
One culprit is certainly Crypto::decryptWithPassword, which takes ~150ms.
- The bulk of the request is spent in League\OAuth2\Server\AuthorizationServer::respondToAccessTokenRequest: 0.4621s out of 0.4741s total
- League\OAuth2\Server\Grant\RefreshTokenGrant::respondToAccessTokenRequest: takes up ~300ms out of that
- League\OAuth2\Server\ResponseTypes\BearerTokenResponse::generateHttpResponse: the remaining ~150ms
There clearly seems to be room for improvement from an overall request execution time of 0.3450s, with < 0.1s used by the sql queries.
- Add exportPublicKey() use
- Use Laravel's Storage functionality
From phpunit tests/Browser/Admin I now have only testUserInfo failing, because the user is somehow not imapReady (no idea why), but that seems unrelated.
- I also turned the expires_in comparison into a fuzzy comparison. Because of passport internals it's possible that some time has already passed and the expires_in response is off by a second.
- Lowered timeout
- Removed throttling on token route
May 25 2021
# yum install haveged # systemctl start haveged
- Switch new keypair algorithms to RSA
May 24 2021
Hmm, does Arcanist offer a way to do fast-forward merges?
Looks reasonable, thanks for the patch.
Superseded by D2548. Turns out the first commit is no longer needed (and I messed up the diff during rebase).
May 22 2021
May 21 2021
I did another run of tests and got the same result as above. I.e. I run vendor/bin/phpunit tests/Browser/Admin twice on master and all is green. Then I run the same on this diff and I got three tests failing. Looks like the problem is with refreshing the token. I see this in console dump:
https:\/\/admin.alec.dev.kolab.io\/api\/auth\/info?refresh=1 - Failed to load resource: the server responded with a status of 401 ()
I see C: POST https://admin.alec.dev.kolab.io/api/auth/info?refresh=1 [5M]: 0.0055 sec in the log and this is strange because it's too fast and there are no sql queries for this request logged.