Skip to content

feat: [MC-690] Distinct Pocket dev JWK key ids #361

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 16 commits into from
Feb 20, 2024
Merged

feat: [MC-690] Distinct Pocket dev JWK key ids #361

merged 16 commits into from
Feb 20, 2024
+969 −808

Conversation

@mmiermans
Copy link
Contributor

@mmiermans mmiermans commented Feb 14, 2024
edited
Loading

Goal

Use different jwk keys in development and production for the Content team's Pocket JWKs.

What changed

  • Feat: Change pocket development key ids (kids).
  • Fix: Get Github superlinter to pass.
  • Fix: Add --elv2-license accept to start:dev script.
  • Fix: Set NODE_ENV to 'development' in Pocket-Dev. Previously it was set to 'production'. 😕

Implementation Decisions

References

JIRA ticket:

dotcom-gateway PR:

@mmiermans mmiermans changed the title Feat dev jwk key ids feat: [MC-690] Distinct Pocket dev JWK key ids Feb 15, 2024
@mmiermans mmiermans marked this pull request as ready for review February 15, 2024 01:00
@mmiermans mmiermans requested a review from a team as a code owner February 15, 2024 01:01
@mmiermans mmiermans requested review from jpetto and kschelonka and removed request for a team February 15, 2024 01:01
@mmiermans mmiermans requested review from katerinachinnappan and removed request for kschelonka February 15, 2024 19:29
@mmiermans
fix attempt: secret or public key must be provided
e354950 
Possibly admin-api can't find the key id when it's not cached..?

Locally it works fine, but on Pocket-Dev the following error occurs for the same
request:

Context creation failed: Could not validate User: secret or public key must be provided
@mmiermans
fix: NODE_ENV should be development in Pocket-Dev
b78bfcc 
I pulled the latest image from Pocket-Dev and it's set to production
  # echo $NODE_ENV
  production
@mmiermans
fix: distinguish development (Pocket-Dev) from local dev
749f6a0
katerinachinnappan
katerinachinnappan approved these changes Feb 16, 2024
View reviewed changes
Copy link
Contributor

@katerinachinnappan katerinachinnappan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔥

@mmiermans
chore: re-run checks
9591e9b 
Required 'Lint Code Base' failed to run.
mmiermans
mmiermans commented Feb 20, 2024
View reviewed changes
.aws/src/main.ts
],
envVars: [
{
name: 'ENVIRONMENT',
Copy link
Contributor Author

@mmiermans mmiermans Feb 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I checked that ENVIRONMENT was not used by searching the codebase.

mmiermans
mmiermans commented Feb 20, 2024
View reviewed changes
src/jwtUtils.ts
return jwksClient({
jwksUri,
cache: true, // Default Value
cacheMaxEntries: 5, // Default value
Copy link
Contributor Author

@mmiermans mmiermans Feb 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We increased the number of keys. Increasing cacheMaxEntries might prevent performance issues, if we have more than 5 keys. The number 100 was chosen arbitrarily.

@mmiermans mmiermans merged commit 0964ccc into main Feb 20, 2024
@mmiermans mmiermans deleted the feat-dev-jwk-key-ids branch February 20, 2024 20:07
mmiermans added a commit that referenced this pull request Feb 21, 2024
@mmiermans
fix: start:dev fails to start locally
952a2a1 
Error: When a manual configuration is not provided, gateway requires an Apollo configuration.

Local development should use NODE_END=local since #361
@mmiermans mmiermans mentioned this pull request Feb 21, 2024
Merged
mmiermans added a commit that referenced this pull request Feb 22, 2024
@mmiermans
fix: start:dev fails to start locally (#362)
3954d9d 
Error: When a manual configuration is not provided, gateway requires an Apollo configuration.

Local development should use NODE_END=local since #361
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jpetto jpetto jpetto approved these changes

+1 more reviewer

@katerinachinnappan katerinachinnappan katerinachinnappan approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@mmiermans @jpetto @katerinachinnappan