Kuadrant / authorino

K8s-native AuthN/AuthZ service to protect your APIs.

Repository from Github https://github.comKuadrant/authorinoRepository from Github https://github.comKuadrant/authorino

Repeated requests caching

guicassolato opened this issue · comments

Authorino will currently repeat the entire identity → metadata → authorization pipeline on every request with "repeated" payload targeting a same API. Perhaps with some proper configuration options provided, it could cache the authorization response and speed up the return to the proxy.

This is not trivial and a minimal implementation would include:

  • Enabled/disabled switch
  • TTL of the cache keys (maybe set by default to the expiration of the access token when available)
  • Hashing of the payload combining fixed (client creds, requested verb, URI, etc) and optional/additional (client IP, user-agent, etc) parts
  • Auto-cleanup of the cache on API config refresh