Introduces a Custom Cache

[davidpatrick]

By submitting a PR to this repository, you agree to the terms within the Auth0 Code of Conduct. Please see the contributing guidelines for how to create and submit a high-quality PR for this repo.

Description

There has been discussion around the need for a more flexible cache (issues/prs listed in references below). This PR introduces the ability for a developer to override the built-in cache and use their own Custom Cache. This replaces #141 as discussed here #141 (comment)

References

• Helps resolve How to load from file ? #158
• Replaces Add file-cache option for AWS Lambda #141

Testing

Added tests to cover the use of a custom cache. Additionally added a mock customCache for an idea of what a custom cache implementation might look like

Checklist

• I have added documentation for new/changed functionality in this PR or in auth0.com/docs
• All active GitHub checks for tests, formatting, and security are passing
• The correct base branch is being used, if not master

[adamjmcgrath]

The cache will need to fallback to getSigningKey when you get a miss (and populate the cache when getSigningKey returns something).

Otherwise your example:

client = new JwksClient({
    jwksUri: `${jwksHost}/.well-known/jwks.json`,
    cache: true,
    customCache: new CustomCache()
  });

Will never resolve anything

[adamjmcgrath]

Ideally a custom cache should replace memoizer (the default in-memory cache) rather than sit in front of it.

[adamjmcgrath]

Perhaps using something like cache-manager, eg

import cacheManager from 'cache-manager';

export default function(client, { cacheMaxEntries = 5, cacheMaxAge = ms('10m'), store = 'memory' } = options) {
  const memoryCache = cacheManager.caching({ store, max: cacheMaxEntries, ttl: cacheMaxAge });
  return (kid, cb) => memoryCache.wrap(kid, (cacheCallback) => {
    client.getSigningKey(kid, cacheCallback);
  }, {}, cb);
}

You'd ideally need to provide an lru cache as your custom cache, then the cache will drop the least recently used when size > cacheMaxEntries or cache item age > cacheMaxAge. eg https://github.com/BryanDonovan/node-cache-manager#custom-stores

[davidpatrick]

Thanks for the review @adamjmcgrath. I will look at replacing the lru-memoizer with the underlying lru-cache directly and allowing replacement of that implementation

[davidpatrick]

As mentioned in #202

This PR is to replace #199 and addresses #201. The reason for closing #199, is that a custom cache looked to be the right solution until we started implementing it from the user standpoint. As it would require an async cache and ended up being a lot of heavy lifting for the user in order to address the issues referenced in #201.