Regression: static options snapshots are no longer correctly cached

[kevinchalet]

When #199 was fixed, you guys opted for making the options snapshots scoped, which introduced a terrible regression.

Now, configuration delegates are run for every authentication handler and for every request, which has both performance and functional implications in ASP.NET Core projects like the OIDC client middleware and community projects like the OIDC server I develop.

Please revert this design change.

More context:

• [Design] Authentication 2.0 Security#1065 (comment)
• [Design] Authentication 2.0 Security#1065 (comment)

[kevinchalet]

/cc @HaoK

[HaoK]

This wasn't a regression on the options side, this was intentional to make snapshots scoped, Monitor/IOptions are singletons, the issue tracking whether security should be switch to monitor is here: aspnet/Security#1282

[kevinchalet]

Call that intentional if you want, but it impacts even built-in ASP.NET Core components like the OIDC middleware, that has to retrieve the configuration metadata before each OIDC operation (login, logout, etc.) because the ConfigurationManager can't be shared.

It worked fine in preview1. Am I the only one thinking that introducing such a breaking change in the options stack in a public preview without fixing the components that rely on the previous behavior is... extremely weird?

[HaoK]

There's no test contract today, we don't have any tests that depend on this behavior in Security, if it causes functional failures as opposed to perf issues, we need to have tests that enforce this.

@Tratcher does OIDC configuration require reusing the same configuration instances, or can each request recreate these?

[ajcvickers]

@Eilon Copying you per discussion today.