Add negative cache for failed issuer lookups #178
Merged
+351
−48
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Copilot
AI
changed the title
[WIP] Add negative cache for missing issuer in SQLite
Add negative cache for failed issuer lookups
Dec 8, 2025
Contributor
Author
|
Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details. Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
Contributor
|
@copilot - please fix lint issues. |
Contributor
Author
Fixed in commit 92830ef - applied clang-format to all modified source files to comply with LLVM style guidelines Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
- Add NegativeCacheHitException class inheriting from InvalidIssuerException - Add negative_cache_hits counter to IssuerStats for monitoring - Detect negative cache entries in get_public_keys_from_db() and throw NegativeCacheHitException with descriptive message including the issuer - Add negative_cache_hits field to monitoring JSON output - Add NegativeCacheTest unit test that verifies: - Negative cache entries are created for invalid issuers - NegativeCacheHitException is thrown on subsequent access - negative_cache_hits counter increments correctly (only for hits, not misses) - Use unique issuer per test run to avoid interference from cache persistence This allows callers to distinguish negative cache hits from other validation failures and enables monitoring of negative cache effectiveness.
- Add SecureTempDir helper class using mkdtemp for security - Create temp directories under build/tests instead of /tmp - Auto-cleanup temp directories when tests complete - Update SetGetConfiguredCacheHome test - Update StringConfigFromEnv test - Update MonitoringFileOutput integration test - Update ConcurrentNewIssuerLookup integration test - Update StressTestValidToken integration test - Update StressTestInvalidIssuer integration test This addresses security concerns with predictable /tmp paths and ensures proper cleanup of test artifacts.
bbockelm
force-pushed
the
copilot/add-negative-cache-logic
branch
from
92830ef to
0c6cad8
Compare
- Extract SecureTempDir class to test/test_utils.h - Remove duplicated code from main.cpp and integration_test.cpp - Use fork/execv for safe directory removal (prevents shell injection) - Add documentation comments to the utility class
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Negative Cache for Missing Issuer Implementation
Successfully implemented negative caching for issuers that fail to be fetched from the web.
Implementation Summary
When an issuer lookup fails (404, 503, DNS error, timeout, or any web fetch failure), a negative cache entry is stored in the SQLite database with:
Subsequent requests for the same issuer within 5 minutes will:
InvalidIssuerExceptionindicating it's in negative cacheget_jwksAPIKey Safety Features
Race Condition Protection: The
store_negative_cachefunction now checks if a valid (non-empty) cache entry exists before storing a negative cache entry. This prevents a scenario where:The check is done within a transaction to ensure atomicity.
Files Changed
src/scitokens_internal.h- Addedstore_negative_cachedeclarationsrc/scitokens_internal.cpp- Enhanced exception handling, updatedget_jwksto handle negative cachesrc/scitokens_cache.cpp- Implementedstore_negative_cachewith race condition protection and negative cache detectiontest/main.cpp- AddedNegativeCacheTestunit testTesting Results
NegativeCacheTestvalidates negative cache functionalityOriginal prompt
💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.