fillcache pkg: trigger cache update immediately by Jusshersmith · Pull Request #271 · buzzfeed/sso
Problem
The fillcache package is what we use with the Google (and soon to be Cognito) providers to keep group membership cached.
Once a request goes through to sso_auth to validate a users group membership, the ValidateGroup function looks in the local cache for the relevant groups:
| for _, group := range allGroups { | |
| memberSet, ok := p.GroupsCache.Get(group) | |
| if !ok { | |
| useGroupsResource = true | |
| if started := p.GroupsCache.RefreshLoop(group); started { |
If the group doesn't exist in the cache, it triggers a refresh of the cache which in turn kicks off a goroutine to keep the group cache up to date (based off an input TTL).
Right now, the triggered goroutine only fills the cache after the given TTL, not immediately. Any subsequent calls to ValidateGroupMembership between the first call, and the first tick of ttl won’t have the groups cached.
Solution
Break out the logic that the goroutine uses to fill the cache into a separate method, and call it once before the loop, and then upon each tick of ttl.
Going to look at updating this PR with some logging examples to better verify the bug + expected behaviour
Notes
- There are few different ways we could implement this, but the last commit includes one that is perhaps most clear