Cache CustomersDot OIDC config and JWKs
What does this MR do and why?
Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/466368+
Cache CustomersDot OIDC config and JWKs
We don't need to request this information for every request we get from CustomersDot, as it should change infrequently. Add a layer of caching so that we don't need to make so many requests.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
How to set up and validate locally
Start CustomersDot and the GDK.
-
CustomersDot: Enable the
use_jwt_auth_for_internal_api_callFF -
CustomersDot: Start a rails console, and query the GitLab User (this is the only migrated endpoint currently)
irb(main):001> Gitlab::User.new(Order.last.customer.uid).username => "july-2024" -
CustomersDot: view in the server log that the JWKS endpoints were called
web | Started GET "/.well-known/openid-configuration" for ::1 at 2024-08-06 19:22:14 +1200 # ... web | Started GET "/oauth/discovery/keys" for ::1 at 2024-08-06 19:22:14 +1200 -
CustomersDot: Query the GitLab User again
irb(main):001> Gitlab::User.new(Order.last.customer.uid).username => "july-2024" - CustomersDot: view in the server log that the JWKS endpoints were NOT called
Edited by Josianne Hyson