We are from time to time seeing an re-occuring warning in the Litium log looking like this;
2018-06-27 13:00:12.8686 [WARN ] [] Microsoft.Owin.Security.OAuth.OAuthBearerAuthenticationMiddleware - expired bearer token received
It can happen up to 70-times per second for periods of time and I’m trying to investigate if that is connected to a slowdown in the application we’re seeing.
I’ve also went ahead and investigated the IIS-log around this time to see who is causing all those requests. (I believe timestamps differ because I believe one is UTC and one is server local time). I found A LOT of request coming in looking like this. It most likely looks like requests the website itself is causing… via javascript?
2018-06-27 11:00:03 xx.xx.xx.xx POST /Litium/AppDirect/Token - 443 - xx.xx.xx.xx Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_13_5)+AppleWebKit/605.1.15+(KHTML,+like+Gecko)+Version/11.1.1+Safari/605.1.15 https://[our-domain]/Litium/CMS/Pages.aspx?CMS_SP_ID=daca1ea8-f949-4029-b54f-d677485acfd2 401 0 0 5157 1857 0
(I have removed ip-adresses and such)
Anything you’ve seen before?
Litium version: 6.1.1, 6.1.2-patch-1806080803