Skip to content

Commit

Permalink
fix: key lookup cache is now working as intended
Browse files Browse the repository at this point in the history 
Resolves #162
  • Loading branch information
@panva
panva committed Apr 29, 2019
1 parent 83d3d3c commit 90d2f2a
Show file tree
Hide file tree
Showing 4 changed files with 25 additions and 15 deletions.
20 changes: 17 additions & 3 deletions lib/issuer.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ const jose = require('node-jose');
const _ = require('lodash');
const pAny = require('p-any');
const LRU = require('lru-cache');
const objectHash = require('object-hash');

const http = require('./helpers/http');
const httpRequest = require('./helpers/http_request');
Expand Down Expand Up @@ -127,19 +128,32 @@ class Issuer {
* @name key
* @api private
*/
key(def, allowMulti) {
key({
kid, kty, alg, use, key_ops: ops,
}, allowMulti = false) {
const { cache } = instance(this);

const def = {
kid, kty, alg, use, key_ops: ops,
};

const defHash = objectHash(def, {
algorithm: 'sha256',
ignoreUnknown: true,
unorderedArrays: true,
unorderedSets: true,
});

// refresh keystore on every unknown key but also only upto once every minute
const freshJwksUri = cache.get(def) || cache.get('throttle');
const freshJwksUri = cache.get(defHash) || cache.get('throttle');

return this.keystore(!freshJwksUri)
.then(store => store.all(def))
.then((keys) => {
assert(keys.length, 'no valid key found');
if (!allowMulti) {
assert.equal(keys.length, 1, 'multiple matching keys, kid must be provided');
cache.set(def, true);
cache.set(defHash, true);
}
return keys[0];
});
Expand Down
14 changes: 5 additions & 9 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,9 @@
"base64url": "^3.0.0",
"got": "^8.3.2",
"lodash": "^4.17.11",
"lru-cache": "^4.1.3",
"lru-cache": "^5.1.1",
"node-jose": "^1.1.0",
"object-hash": "^1.3.1",
"oidc-token-hash": "^3.0.1",
"p-any": "^1.1.0"
},
Expand All @@ -54,15 +55,10 @@
"eslint": "^5.6.0",
"eslint-config-airbnb-base": "^13.1.0",
"eslint-plugin-import": "^2.14.0",
"husky": "^1.0.0",
"koa": "^2.5.3",
"koa-body": "^4.0.4",
"koa-ejs": "^4.1.2",
"koa-router": "^7.4.0",
"koa-session": "^5.9.0",
"mocha": "^5.2.0",
"husky": "^2.1.0",
"mocha": "^6.1.4",
"nock": "^10.0.0",
"nyc": "^13.0.1",
"nyc": "^14.0.0",
"readable-mock-req": "^0.2.2",
"request": "^2.88.0",
"sinon": "^7.0.0",
Expand Down
2 changes: 1 addition & 1 deletion test/client/client_instance.test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2600,7 +2600,7 @@ const encode = object => base64url.encode(JSON.stringify(object));
.get('/certs')
.reply(200, this.keystore.toJSON());

return this.issuer.key();
return this.issuer.key({});
});

after(nock.cleanAll);
Expand Down
4 changes: 2 additions & 2 deletions test/issuer/issuer_instance.test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ const fail = () => { throw new Error('expected promise to be rejected'); };
.get('/certs')
.reply(200, this.keystore.toJSON());

return this.issuer.key();
return this.issuer.key({});
});

after(nock.cleanAll);
Expand All @@ -55,7 +55,7 @@ const fail = () => { throw new Error('expected promise to be rejected'); };

it('does not refetch immidiately', function () {
nock.cleanAll();
return this.issuer.key();
return this.issuer.key({});
});

it('fetches if asked to', function () {
Expand Down

1 comment on commit 90d2f2a

@sami-sweng
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

Please sign in to comment.