Add certificate caching

devinstewart / sns-payload-validator

Node.js library that validates an AWS SNS payload of an HTTP/S POST or Lambda.

MIT License

13 stars 2 forks source link

Add certificate caching #41

Closed LucasMoskun closed 1 year ago

LucasMoskun commented 1 year ago

Request to add certificate caching so that it does not need to request the certificate every time it validates. See line 82 here for an example of this in a python implementation.

devinstewart commented 1 year ago

Great thought @LucasMoskun. Will most likely use lru-cache, as there is no need to reinvent the caching wheel.

LucasMoskun commented 1 year ago

Awesome!

devinstewart commented 1 year ago

Yeah, it will be. Did some noodling in my head as I drifted off last night. Unfortunately, this will have to change the constructor, so that the cache stays in scope.

Example:

const Validator = require('sns-payload-validator');
const validator = new Validator({ useCache: true, maxCerts: 1000 });

const validPayload = await validator.validate(payloadFromRequest);

That said, I still think this is a worthwhile feature. Just wanted to give you the heads up that it may take through next weekend to get it implemented and all of the tests configured correctly. Stay tuned!!

LucasMoskun commented 1 year ago

Right on. Let me know if there's anything I can do to help.

devinstewart commented 1 year ago

@LucasMoskun - Feel free to check out #43 and leave comments. I will address any concerns you may bring up. If we are all good, I will test in my own AWS Account tomorrow night and then ship it. :shipit:

I live in the Central timezone in the US, to keep track of what tomorrow night means.

devinstewart commented 1 year ago

Caching has been released to NPM in v2.0.0. Thank you for your interest in this project. Feel free to leave any feedback or open a new issue.

LucasMoskun commented 1 year ago

Caching has been released to NPM in v2.0.0. Thank you for your interest in this project. Feel free to leave any feedback or open a new issue.

Looks great, I'll let you know if anything pops up in production. Thanks for smashing this through!

LucasMoskun commented 1 year ago

@devinstewart Finally had time to integrate, seems to be working great.

Since I am using typescript, and do not want to globally allow javascript modules, I had to import the package like this:

import * as Validator from 'sns-payload-validator';

Might be worth updating the tyepscript readme section to the above snippet instead of

import Validator from 'sns-payload-validator';

devinstewart commented 1 year ago

@LucasMoskun - Great to hear. Not surprised by the TypeScript thing. I type my modules for the VsCode intellisense, I'm not a big TypeScript person.

Unfortunately, due to NPM rules, I will have to release a v2.0.1 to fix the README, but probably worth doing. Created issue #45. Thanks for the catch