Possible race condition?
Maybe I'm just totally off but...
I'm not sure whether
_credentials is implemented safely.
I've been reading a lot on how async works under the hood (specifically the task scheduler) and I don't know whether this variable would be susceptible to a race condition if AuthorizeUserWithCodeAsync is called in rapid succession (see this endpoint which will be calling it). My fear is that if this endpoint is called in rapid succession, _credentials could be accessed or overwritten in an unintended way. Is this just a lock and move on situation or is this actually safe?2 Replies
Should be ok. You're injecting it as scoped so you'll get 1 instance per request. I'd personally avoid mutating the state of an injected class like that but in this case it should be safe
I'd also consider using transient unless you intend for the state of the ioauthclient to be shared/mutated by other classes in the same request
Ahh okay - yeah I forgot that it being scoped protects against that from a request standpoint
Would have to check with the person who implemented this lol. I'll read up on transient, I've never used it actually
Appreciate the quick reply