Rudder plugins » Authentication backends

We need to have the possibility to configure a (short) cache for OIDC opaque token validation request.

The idea is that API request can happen in burst, and you don't want to validate the same token 1000 times in a couple seconds, which is a sure path towards DoS.

Both valid and invalid token should be cache.
For valid token, the cache must not go beyond token expiration date.

The cache should be short, not more than a couple of minute. A warning should be displayed in log if the time is too long, and log an error in even longer duration.

This is not some kind of "remember me" feature, it really is a session-less cache for opaque token only.