From 9b909a7e4be8cc4220a6400a94331bb1d6b3d8df Mon Sep 17 00:00:00 2001
From: Dmitry Spikhalskiy <dmitry@spikhalskiy.com>
Date: Tue, 27 Feb 2024 19:12:41 -0500
Subject: [PATCH] Clarify non-blocking requirements in
 TokenValidator#validateToken javadoc

---
 .../micronaut/security/token/validator/TokenValidator.java   | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/security/src/main/java/io/micronaut/security/token/validator/TokenValidator.java b/security/src/main/java/io/micronaut/security/token/validator/TokenValidator.java
index 2d1bcfdd48..629d1fe049 100644
--- a/security/src/main/java/io/micronaut/security/token/validator/TokenValidator.java
+++ b/security/src/main/java/io/micronaut/security/token/validator/TokenValidator.java
@@ -32,6 +32,11 @@ public interface TokenValidator<T> extends Ordered {
     /**
      * Validates the provided token and returns the authentication state.
      *
+     * <p> An implementation of this method should never block
+     * (for example, waiting for a result of an IO operation) as it's called from the event loop.
+     * Instead, it should immediately return a Publisher that is filled with an authentication result
+     * when the result is available.
+     *
      * @param token The token string
      * @param request The current request (or null)
      * @return An authentication publisher. If the publisher emits an error, no further validators will