FEAT: jwt pubkey cache inside object

Allows each module that does token validation to have its own cache
pull/7481/head
Aaron van Meerten 4 years ago
parent c998d83f34
commit 11ee71a51c
  1. 14
      resources/prosody-plugins/token/util.lib.lua

@ -19,7 +19,6 @@ local http_headers = {
-- TODO: Figure out a less arbitrary default cache size. -- TODO: Figure out a less arbitrary default cache size.
local cacheSize = module:get_option_number("jwt_pubkey_cache_size", 128); local cacheSize = module:get_option_number("jwt_pubkey_cache_size", 128);
local cache = require"util.cache".new(cacheSize);
local Util = {} local Util = {}
Util.__index = Util Util.__index = Util
@ -38,6 +37,8 @@ function Util.new(module)
self.asapKeyServer = module:get_option_string("asap_key_server"); self.asapKeyServer = module:get_option_string("asap_key_server");
self.allowEmptyToken = module:get_option_boolean("allow_empty_token"); self.allowEmptyToken = module:get_option_boolean("allow_empty_token");
self.cache = require"util.cache".new(cacheSize);
--[[ --[[
Multidomain can be supported in some deployments. In these deployments Multidomain can be supported in some deployments. In these deployments
there is a virtual conference muc, which address contains the subdomain there is a virtual conference muc, which address contains the subdomain
@ -108,7 +109,7 @@ end
-- @param keyId the key ID to request -- @param keyId the key ID to request
-- @return the public key (the content of requested resource) or nil -- @return the public key (the content of requested resource) or nil
function Util:get_public_key(keyId) function Util:get_public_key(keyId)
local content = cache:get(keyId); local content = self.cache:get(keyId);
if content == nil then if content == nil then
-- If the key is not found in the cache. -- If the key is not found in the cache.
module:log("debug", "Cache miss for key: "..keyId); module:log("debug", "Cache miss for key: "..keyId);
@ -117,7 +118,10 @@ function Util:get_public_key(keyId)
local function cb(content_, code_, response_, request_) local function cb(content_, code_, response_, request_)
content, code = content_, code_; content, code = content_, code_;
if code == 200 or code == 204 then if code == 200 or code == 204 then
cache:set(keyId, content); self.cache:set(keyId, content);
else
module:log("warn", "Error on public key request: Code %s, Content %s",
code_, content_);
end end
done(); done();
end end
@ -138,7 +142,9 @@ function Util:get_public_key(keyId)
-- TODO: This check is racey. Not likely to be a problem, but we should -- TODO: This check is racey. Not likely to be a problem, but we should
-- still stick a mutex on content / code at some point. -- still stick a mutex on content / code at some point.
if code == nil then if code == nil then
http.destroy_request(request); -- no longer works in prosody 0.11
-- @TODO: work with prosody devs to determine better timeout mechanism for timing out active http requests
-- http.destroy_request(request);
done(); done();
end end
end end

Loading…
Cancel
Save