-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add options for jwks-rsa
to enable cache and rate limiting
#6
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One possible bug around merging of jwks option defaults, but otherwise lgtm
@dbertram great catch on the merge, i changed it up. Tested locally and feeling good about this. Would like some final 👀 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like one piece of 🧹ing left and this lgtm
👀 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
just the one comment, other than that, I can confirm that I'm seeing caching on my side. First request shows the keys, subsequent requests do not.
README.md
Outdated
|
||
## Options | ||
|
||
`authentic` accepts a JSON object of options that will be passed to the underlying libraries responsibile for validation. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the options section is a bit confusing. Am I correct that any options other that jwks
or issWhitelist
will be passed to jwt.verify()
? If so, should it be:
{
verify: { ... },
jwks: { ... },
issWhitelist: ...,
}
for some futureproofing? It seems odd to separate jwks
' options, but not verify
's and I could imagine that causing conflicts eventually.
7376da6
to
c1f2b7f
Compare
@pklingem @cdwills Looks like the CI builds are failing due to reduced code coverage:
:sadpanda: |
💯 |
Add options to take advantage of the built in caching from
jwks-rsa
. Description is here: https://github.com/auth0/node-jwks-rsa#cachingTo see the caching in action add
DEBUG=jwks
to your local env for the previous version vs this one. You'll see the caching configured and in action.Bonus:
eslint
,nyc
,nock
boom
node 6, 7
in the future.