Add an LRU cache to mod_auth_token

prosody-plugins/mod_auth_token.lua

@@ -1,7 +1,7 @@
 -- Token authentication
 -- Copyright (C) 2015 Atlassian
 
-local basexx = require 'basexx'
+local basexx = require 'basexx';
 local have_async, async = pcall(require, "util.async");
 local formdecode = require "util.http".formdecode;
 local generate_uuid = require "util.uuid".generate;
@@ -25,6 +25,10 @@ local asapKeyServer = module:get_option_string("asap_key_server");
 local allowEmptyToken = module:get_option_boolean("allow_empty_token");
 local disableRoomNameConstraints = module:get_option_boolean("disable_room_name_constraints");
 
+-- TODO: Figure out a less arbitrary default cache size.
+local cacheSize = module:get_option_number("jwt_pubkey_cache_size", 128);
+local cache = require"util.cache".new(cacheSize);
+
 if allowEmptyToken == true then
 	module:log("warn", "WARNING - empty tokens allowed");
 end
@@ -82,10 +86,13 @@ local http_headers = {
 	["User-Agent"] = "Prosody ("..prosody.version.."; "..prosody.platform..")"
 };
 
--- TODO: This *needs* to be memoized before going to prod.
 function get_public_key(keyId)
+	local content = cache:get(keyId);
+	if content == nil then
+		-- If the key is not found in the cache.
+		module:log("debug", "Cache miss for key: "..keyId);
+		local code;
 		local wait, done = async.waiter();
-	local content, code; --, request, response;
 		local function cb(content_, code_, response_, request_)
 			content, code = content_, code_;
 			done();
@@ -99,6 +106,11 @@ function get_public_key(keyId)
 		wait();
 
 		if code == 200 or code == 204 then
+			module:log("debug", "Cache hit for key: "..keyId);
+			return content;
+		end
+	else
+		-- If the key is in the cache, use it.
 		return content;
 	end