This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Invalidating cache programmatically with partial cache key

Posted on 09-16-2024 03:45 AM
Princy
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

I have developed an application that displays a large volume of records and have implemented response caching in the API using Apigee. The cache key is based on the request URI and the idToken of the logged-in user to make the cache user-specific. However, if an admin changes the role or access privileges for another user, I need to implement an API that can invalidate the cache for that specific user. The challenge is that I cannot obtain the idToken for the other user. Is there an alternative approach to achieve this?


Also, how can I get the cache_name is there any documentation for that. If not, can you please any screenshots to get the cache_name for better understanding.

I have cache policy something similar to below

<ResponseCache continueOnError="false" enabled="true" name="RC-All">
        <DisplayName>RC-All</DisplayName>
        <CacheKey>
              <Prefix/>
              <KeyFragment ref="request.uri" type="string"/>
              <KeyFragment ref="idToken"/>
         </CacheKey>
        <Scope>Exclusive</Scope>
        <ExpirySettings>
                <ExpiryDate/>
                <TimeOfDay/>
                <TimeoutInSeconds ref="">3600</TimeoutInSeconds>
         </ExpirySettings>
         <SkipCacheLookup/>
         <SkipCachePopulation/>
</ResponseCache>


I’m considering adding a <CacheResource> tag to explicitly define a cache name. For example:


<CacheResource>My-cache-check</CacheResource>

  • If I add this tag, will the cache name be My-cache-check?
  • Is it mandatory to include the <CacheResource> tag to specify the cache name for deleting cache entries?
0 3 1,384
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
williamssean
Staff
Reply posted on --/--/---- --:-- AM

Hi, I'll only address the first question and I'll try to address the other questions in separate reply. 

"I have developed an application that displays a large volume of records and have implemented response caching in the API using Apigee. The cache key is based on the request URI and the idToken of the logged-in user to make the cache user-specific. However, if an admin changes the role or access privileges for another user, I need to implement an API that can invalidate the cache for that specific user. The challenge is that I cannot obtain the idToken for the other user. Is there an alternative approach to achieve this?"

At some point you were able to obtain the idToken of the user and include that in the Cache URI.  But based on what I understand from your comment/question above, when your admin user makes a change for to a specific user, then that idToken is not present.  I don't think I fully understand why you can't obtain some user id during that admin request.  So when your admin makes a change, they are making a change in the UI to a specific user, but that process/function/code doesn't have access to the user idToken or some value that represents the user?  When the admin performs this update to the user, is that calling an API hosted in Apigee?  Does that API request require the user idToken or some other value that represents the user? 

How is the Admin user updating the user permissions? Is this a custom UI, Google Cloud console, etc?

Is your API protected with Verify Access Token policy?  I'm assuming it is based on your comment. So when the "logged on user" gets an access token, you have the idToken, but when the "logged on user" is the admin, you have the idToken of the admin user.  However, when the admin user makes a change to a specific user, you must have some value that can identify the user and if so, then can you pass that value in the API request that the Admin user sends to update the user, correct? I assume the Admin user is using a UI, so that UI sends an API request to update the user (PUT or PATCH)  If you could provide a bit more detail then we may be able to provide a better approach.

  • Cache request
    • request uri
    • request payload
    • relevant headers
  • Admin update request
    • request uri
    • request payload
    • relevant headers
  • Is your API protect with an Access Token or Verify API Key, JWTs?

Posted on --/--/---- --:-- AM
AlexET
Staff
In response to williamssean
Reply posted on --/--/---- --:-- AM

Hey @williamssean, thank you so much for engaging and providing guidance to this question!

@Princy, if the reply resolves your issue, please mark it as accepted, so others can benefit as well 😊 And thank you for reaching to the community! Remember, you can also engage in other threads to share your knowledge and support, helping us build a thriving space for learning and knowledge sharing.

0 Likes

Posted on --/--/---- --:-- AM
williamssean
Staff
Reply posted on --/--/---- --:-- AM

"If I add this tag, will the cache name be My-cache-check?"

I would suggest you try this approach and look in the debug screen to see what the cache name is.  Can you try it and paste what you found?

According to the docs this element provides the cache a specific name so that you can administer your cache entries easier.  So for example, you could use that cache name and this api to clear all entries.  If you don't use it, then cache entries are all saved into a shared cache. 

0 Likes