feat: validation caching and allow list

[MichaelGoberling]

Description

This PR adds the validation caching functionality currently used by the shared validator actions.

It also adds a new function that allows implementers to validate a token against an allow-list of IMS clients.

This should not be breaking as the validateToken call should return the same data as before. The old validateToken function has been moved to a private function _validateToken, and has been slightly modified to work with ValidationCache.

Motivation and Context

To use in the App Builder Delete Service and allow others to cache validations / invalidations. To allow validating a token against an allow-list.

How Has This Been Tested?

Ran npm run test, branch tested against Delete Service ims-auth PR

Screenshots (if appropriate):

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• I have signed the Adobe Open Source CLA.
• My code follows the code style of this project.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING document.
• I have added tests to cover my changes.
• All new and existing tests passed.

[codecov]

Codecov Report

Merging #112 (e3ec3b8) into master (b11c0d8) will not change coverage.
The diff coverage is 100.00%.

@@            Coverage Diff            @@
##            master      #112   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            8         9    +1     
  Lines          428       481   +53     
  Branches        58        68   +10     
=========================================
+ Hits           428       481   +53     

Impacted Files	Coverage Δ
src/ValidationCache.js	100.00% <100.00%> (ø)
src/ims.js	100.00% <100.00%> (ø)
src/index.js	100.00% <100.00%> (ø)

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[sandeep-paliwal]

Why is the consumer of Ims.js required to pass the cache instance? Shouldn't this be internal to Ims module ?

[MichaelGoberling]

So I initially had this where cache was a simple boolean parameter on whether to cache validations or not. In that implementation, the class would internally initialize a cache with default parameters like you mentioned. I decided on this implementation so that developers could configure their own caches, and specifically decided on injecting a cache instance to avoid blowing up this constructor to include all the cache parameters

If we think cache customization is not necessary and that turning cache on or off is enough, then we could definitely simplify this back to a boolean. Wdyt?