6e45066e37
Some checks failed
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Policy Simulation / policy-simulate (push) Has been cancelled
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
84 lines
2.7 KiB
C#
84 lines
2.7 KiB
C#
using System;
|
|
using System.Threading;
|
|
using System.Threading.Tasks;
|
|
using StellaOps.Messaging;
|
|
using StellaOps.Messaging.Abstractions;
|
|
|
|
namespace StellaOps.Auth.Client;
|
|
|
|
/// <summary>
|
|
/// Token cache backed by <see cref="IDistributedCache{TValue}"/>.
|
|
/// Supports any transport (InMemory, Valkey, PostgreSQL) via factory injection.
|
|
/// </summary>
|
|
public sealed class MessagingTokenCache : IStellaOpsTokenCache
|
|
{
|
|
private readonly IDistributedCache<StellaOpsTokenCacheEntry> _cache;
|
|
private readonly TimeProvider _timeProvider;
|
|
private readonly Func<StellaOpsTokenCacheEntry, StellaOpsTokenCacheEntry> _normalizer;
|
|
private readonly TimeSpan _expirationSkew;
|
|
|
|
public MessagingTokenCache(
|
|
IDistributedCacheFactory cacheFactory,
|
|
TimeProvider? timeProvider = null,
|
|
TimeSpan? expirationSkew = null)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(cacheFactory);
|
|
|
|
_timeProvider = timeProvider ?? TimeProvider.System;
|
|
_expirationSkew = expirationSkew ?? TimeSpan.FromSeconds(30);
|
|
_normalizer = static entry => entry.NormalizeScopes();
|
|
|
|
_cache = cacheFactory.Create<StellaOpsTokenCacheEntry>(new CacheOptions
|
|
{
|
|
KeyPrefix = "auth:token:",
|
|
});
|
|
}
|
|
|
|
public async ValueTask<StellaOpsTokenCacheEntry?> GetAsync(string key, CancellationToken cancellationToken = default)
|
|
{
|
|
ArgumentException.ThrowIfNullOrWhiteSpace(key);
|
|
|
|
var result = await _cache.GetAsync(key, cancellationToken).ConfigureAwait(false);
|
|
|
|
if (!result.HasValue)
|
|
{
|
|
return null;
|
|
}
|
|
|
|
var entry = result.Value;
|
|
|
|
// Check if expired with skew
|
|
if (entry.IsExpired(_timeProvider, _expirationSkew))
|
|
{
|
|
await _cache.InvalidateAsync(key, cancellationToken).ConfigureAwait(false);
|
|
return null;
|
|
}
|
|
|
|
return entry;
|
|
}
|
|
|
|
public async ValueTask SetAsync(string key, StellaOpsTokenCacheEntry entry, CancellationToken cancellationToken = default)
|
|
{
|
|
ArgumentException.ThrowIfNullOrWhiteSpace(key);
|
|
ArgumentNullException.ThrowIfNull(entry);
|
|
|
|
var normalizedEntry = _normalizer(entry);
|
|
var now = _timeProvider.GetUtcNow();
|
|
var ttl = normalizedEntry.ExpiresAtUtc - now;
|
|
|
|
if (ttl <= TimeSpan.Zero)
|
|
{
|
|
return;
|
|
}
|
|
|
|
var entryOptions = new CacheEntryOptions { TimeToLive = ttl };
|
|
await _cache.SetAsync(key, normalizedEntry, entryOptions, cancellationToken).ConfigureAwait(false);
|
|
}
|
|
|
|
public async ValueTask RemoveAsync(string key, CancellationToken cancellationToken = default)
|
|
{
|
|
ArgumentException.ThrowIfNullOrWhiteSpace(key);
|
|
await _cache.InvalidateAsync(key, cancellationToken).ConfigureAwait(false);
|
|
}
|
|
}
|