Added caching to well-known configuration

lib/TokenManager.js

@@ -1,9 +1,10 @@
 var util = require('./util');
 var AuthSdkError = require('./errors/AuthSdkError');
 var cookies = require('./cookies');
-var tokenStorageBuilder = require('./tokenStorageBuilder');
+var storageBuilder = require('./storageBuilder');
 var Q = require('q');
 var Emitter = require('tiny-emitter');
+var config = require('./config');
 
 // Provides webStorage-like interface for cookies
 var cookieStorage = {
@@ -58,7 +59,7 @@ function setRefreshTimeout(sdk, tokenMgmtRef, storage, key, token) {
 
 function setRefreshTimeoutAll(sdk, tokenMgmtRef, storage) {
   try {
-    var tokenStorage = storage.getTokenStorage();
+    var tokenStorage = storage.getStorage();
   } catch(e) {
     // Any errors thrown on instantiation will not be caught,
     // because there are no listeners yet
@@ -76,20 +77,20 @@ function setRefreshTimeoutAll(sdk, tokenMgmtRef, storage) {
 }
 
 function add(sdk, tokenMgmtRef, storage, key, token) {
-  var tokenStorage = storage.getTokenStorage();
+  var tokenStorage = storage.getStorage();
   if (!util.isObject(token) ||
       !token.scopes ||
       (!token.expiresAt && token.expiresAt !== 0) ||
       (!token.idToken && !token.accessToken)) {
     throw new AuthSdkError('Token must be an Object with scopes, expiresAt, and an idToken or accessToken properties');
   }
   tokenStorage[key] = token;
-  storage.setTokenStorage(tokenStorage);
+  storage.setStorage(tokenStorage);
   setRefreshTimeout(sdk, tokenMgmtRef, storage, key, token);
 }
 
 function get(storage, key) {
-  var tokenStorage = storage.getTokenStorage();
+  var tokenStorage = storage.getStorage();
   return tokenStorage[key];
 }
 
@@ -98,9 +99,9 @@ function remove(tokenMgmtRef, storage, key) {
   clearRefreshTimeout(tokenMgmtRef, key);
 
   // Remove it from storage
-  var tokenStorage = storage.getTokenStorage();
+  var tokenStorage = storage.getStorage();
   delete tokenStorage[key];
-  storage.setTokenStorage(tokenStorage);
+  storage.setStorage(tokenStorage);
 }
 
 function refresh(sdk, tokenMgmtRef, storage, key) {
@@ -133,7 +134,7 @@ function refresh(sdk, tokenMgmtRef, storage, key) {
 
 function clear(tokenMgmtRef, storage) {
   clearRefreshTimeoutAll(tokenMgmtRef);
-  storage.clearTokenStorage();
+  storage.clearStorage();
 }
 
 function TokenManager(sdk, options) {
@@ -146,13 +147,13 @@ function TokenManager(sdk, options) {
   var storage;
   switch(options.storage) {
     case 'localStorage':
-      storage = tokenStorageBuilder(localStorage);
+      storage = storageBuilder(localStorage, config.TOKEN_STORAGE_NAME);
       break;
     case 'sessionStorage':
-      storage = tokenStorageBuilder(sessionStorage);
+      storage = storageBuilder(sessionStorage, config.TOKEN_STORAGE_NAME);
       break;
     case 'cookie':
-      storage = tokenStorageBuilder(cookieStorage);
+      storage = storageBuilder(cookieStorage, config.TOKEN_STORAGE_NAME);
       break;
     default:
       throw new AuthSdkError('Unrecognized storage option');

lib/http.js

@@ -4,15 +4,26 @@ var cookies = require('./cookies');
 var Q = require('q');
 var AuthApiError = require('./errors/AuthApiError');
 var config = require('./config');
+var storageBuilder = require('./storageBuilder');
+
+var httpCache = storageBuilder(localStorage, config.CACHE_STORAGE_NAME);
 
 function httpRequest(sdk, options) {
   options = options || {};
   var url = options.url,
       method = options.method,
       args = options.args,
-      dontSaveResponse = options.dontSaveResponse,
+      cacheState = options.cacheState,
       accessToken = options.accessToken;
 
+  if (options.responseCacheDuration) {
+    var cacheContents = httpCache.getStorage();
+    var cachedResponse = cacheContents[url];
+    if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {
+      return Q.resolve(cachedResponse.response);
+    }
+  }
+
   var headers = {
     'Accept': 'application/json',
     'Content-Type': 'application/json',
@@ -37,7 +48,7 @@ function httpRequest(sdk, options) {
         res = JSON.parse(res);
       }
 
-      if (!dontSaveResponse) {
+      if (cacheState) {
         if (!res.stateToken) {
           cookies.deleteCookie(config.STATE_TOKEN_COOKIE_NAME);
         }
@@ -47,6 +58,15 @@ function httpRequest(sdk, options) {
         cookies.setCookie(config.STATE_TOKEN_COOKIE_NAME, res.stateToken, res.expiresAt);
       }
 
+      if (res && options.responseCacheDuration) {
+        var cache = httpCache.getStorage();
+        cache[url] = {
+          expiresAt: Math.floor(Date.now()/1000) + options.responseCacheDuration,
+          response: res
+        };
+        httpCache.setStorage(cache);
+      }
+
       return res;
     })
     .fail(function(resp) { 
@@ -79,23 +99,26 @@ function httpRequest(sdk, options) {
     });
 }
 
-function get(sdk, url, saveResponse) {
+function get(sdk, url, options) {
   url = util.isAbsoluteUrl(url) ? url : sdk.options.url + url;
-  return httpRequest(sdk, {
+  var getOptions = {
     url: url,
-    method: 'GET', 
-    dontSaveResponse: !saveResponse
-  });
+    method: 'GET'
+  };
+  util.extend(getOptions, options);
+  return httpRequest(sdk, getOptions);
 }
 
-function post(sdk, url, args, dontSaveResponse) {
+function post(sdk, url, args, options) {
   url = util.isAbsoluteUrl(url) ? url : sdk.options.url + url;
-  return httpRequest(sdk, {
+  var postOptions = {
     url: url,
     method: 'POST',
     args: args,
-    dontSaveResponse: dontSaveResponse
-  });
+    cacheState: true
+  };
+  util.extend(postOptions, options);
+  return httpRequest(sdk, postOptions);
 }
 
 module.exports = {

lib/oauthUtil.js

@@ -2,6 +2,7 @@
 var http = require('./http');
 var util = require('./util');
 var AuthSdkError = require('./errors/AuthSdkError');
+var config = require('./config');
 
 function isToken(obj) {
   if (obj &&
@@ -45,7 +46,9 @@ function loadPopup(src, options) {
 
 function getWellKnown(sdk) {
   // TODO: Use the issuer when known (usually from the id_token)
-  return http.get(sdk, sdk.options.url + '/.well-known/openid-configuration');
+  return http.get(sdk, sdk.options.url + '/.well-known/openid-configuration', {
+    responseCacheDuration: config.DEFAULT_CACHE_DURATION
+  });
 }
 
 function validateClaims(sdk, claims, aud, iss) {

lib/session.js

@@ -38,8 +38,7 @@ function getSession(sdk) {
 function closeSession(sdk) {
   return http.httpRequest(sdk, {
     url: sdk.options.url + '/api/v1/sessions/me',
-    method: 'DELETE', 
-    dontSaveResponse: true
+    method: 'DELETE'
   });
 }
 

lib/storageBuilder.js

@@ -0,0 +1,35 @@
+var AuthSdkError = require('./errors/AuthSdkError');
+
+// storage must have getItem and setItem
+function storageBuilder(webstorage, storageName) {
+  function getStorage() {
+    var storageString = webstorage.getItem(storageName);
+    storageString = storageString || '{}';
+    try {
+      return JSON.parse(storageString);
+    } catch(e) {
+      throw new AuthSdkError('Unable to parse storage string: ' + storageName);
+    }
+  }
+
+  function setStorage(storage) {
+    try {
+      var storageString = JSON.stringify(storage);
+      webstorage.setItem(storageName, storageString);
+    } catch(e) {
+      throw new AuthSdkError('Unable to set storage: ' + storageName);
+    }
+  }
+
+  function clearStorage() {
+    setStorage({});
+  }
+
+  return {
+    getStorage: getStorage,
+    setStorage: setStorage,
+    clearStorage: clearStorage
+  };
+}
+
+module.exports = storageBuilder;

lib/token.js

@@ -590,7 +590,6 @@ function getUserInfo(sdk, accessTokenObject) {
   return http.httpRequest(sdk, {
     url: accessTokenObject.userinfoUrl,
     method: 'GET',
-    dontSaveResponse: true,
     accessToken: accessTokenObject.accessToken
   })
   .fail(function(err) {

lib/tx.js

@@ -78,7 +78,9 @@ function getPollFn(sdk, res, ref) {
       if (rememberDevice) {
         href += '?rememberDevice=true';
       }
-      return http.post(sdk, href, getStateToken(res), true, true);
+      return http.post(sdk, href, getStateToken(res), {
+        cacheState: false  
+      });
     }
 
     ref.isPolling = true;

package.json

@@ -61,7 +61,10 @@
     "STATE_TOKEN_COOKIE_NAME": "oktaStateToken",
     "DEFAULT_POLLING_DELAY": 500,
     "DEFAULT_MAX_CLOCK_SKEW": 300,
+    "DEFAULT_CACHE_DURATION": 86400,
+    "FRAME_ID": "okta-oauth-helper-frame",
     "REDIRECT_OAUTH_PARAMS_COOKIE_NAME": "okta-oauth-redirect-params",
-    "TOKEN_STORAGE_NAME": "okta-token-storage"
+    "TOKEN_STORAGE_NAME": "okta-token-storage",
+    "CACHE_STORAGE_NAME": "okta-cache-storage"
   }
-}
+}

test/spec/oauthUtil.js

@@ -1,6 +1,54 @@
 define(function(require) {
   var OktaAuth = require('OktaAuth');
   var oauthUtil = require('../../lib/oauthUtil');
+  var util = require('../util/util');
+  var wellKnown = require('../xhr/well-known');
+
+  describe('getWellKnown', function() {
+    util.itMakesCorrectRequestResponse({
+      title: 'caches response',
+      setup: {
+        calls: [
+          {
+            request: {
+              method: 'get',
+              uri: '/.well-known/openid-configuration'
+            },
+            response: 'well-known'
+          }
+        ],
+        time: 1449699929
+      },
+      execute: function(test) {
+        localStorage.clear();
+        return oauthUtil.getWellKnown(test.oa);
+      },
+      expectations: function() {
+        var cache = localStorage.getItem('okta-cache-storage');
+        expect(cache).toEqual(JSON.stringify({
+          'https://auth-js-test.okta.com/.well-known/openid-configuration': {
+            expiresAt: 1449786329,
+            response: wellKnown.response
+          }
+        }));
+      }
+    });
+    util.itMakesCorrectRequestResponse({
+      title: 'uses cached response',
+      setup: {
+        time: 1449699929
+      },
+      execute: function(test) {
+        localStorage.setItem('okta-cache-storage', JSON.stringify({
+          'https://auth-js-test.okta.com/.well-known/openid-configuration': {
+            expiresAt: 1449786329,
+            response: wellKnown.response
+          }
+        }));
+        return oauthUtil.getWellKnown(test.oa);
+      }
+    });
+  });
 
   describe('getOAuthUrls', function() {
     function setupOAuthUrls(options) {

test/spec/tokenManager.js

@@ -184,9 +184,9 @@ define(function(require) {
         .fail(function(err) {
           util.expectErrorToEqual(err, {
             name: 'AuthSdkError',
-            message: 'Unable to parse token storage string',
+            message: 'Unable to parse storage string: okta-token-storage',
             errorCode: 'INTERNAL',
-            errorSummary: 'Unable to parse token storage string',
+            errorSummary: 'Unable to parse storage string: okta-token-storage',
             errorLink: 'INTERNAL',
             errorId: 'INTERNAL',
             errorCauses: []