Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: cache jwks as json string in CachedKeySet #435

Merged
merged 2 commits into from
Jul 15, 2022

Conversation

brandomeniconi
Copy link

CachedKeySet will cache the keySet array as-is and it cannot serialize the OpenSSLAsymmetricKey object contained in the Firebase\JWT\Key object. Because the OpenSSLAsymmetricKey is not serializable, it fails validating tokens when result is retrieved from the cache with error:

ErrorException: openssl_verify(): supplied key param cannot be coerced into a public key in /var/www/html/vendor/firebase/php-jwt/src/JWT.php:293

The proposed solution is to cache the JSON response from the JWKS endpoint. Because it's a string, it will not have any serialization issues. There will be probably some performance drawbacks, but I saw also that the class caches the result in memory.

See #429

@google-cla
Copy link

google-cla bot commented Jun 7, 2022

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

Copy link
Collaborator

@bshaffer bshaffer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks great! Thank you for submitting this PR.

@bshaffer bshaffer merged commit 607dcd4 into firebase:main Jul 15, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants