@mojaloop/security-bc-client-lib - npm Package Compare versions

Comparing version 0.3.8 to 0.3.9

dist/token_helper.d.ts

@@ -10,7 +10,14 @@ import { ILogger } from "@mojaloop/logging-bc-public-types-lib";
     private _jwksClient;
+    private _updateTimer;
     constructor(jwksUrl: string, logger: ILogger, issuerName?: string, audience?: string);
+    private _preFetch;
+    private _getSigningKey;
     /**
-     * @deprecated Please use preFetch() instead, this is not a required initialization function
+     * Prefetches the public keys and starts the automatic update timer
      */
     init(): Promise<void>;
+    destroy(): Promise<void>;
+    /**
+     * @deprecated the new init already prefetches and starts the automatic update timer
+     */
     preFetch(): Promise<void>;
@@ -17,0 +24,0 @@ /**

dist/token_helper.js

@@ -37,2 +37,3 @@ /*****
 exports.DEFAULT_JWKS_PATH = "/.well-known/jwks.json";
+const PUB_KEYS_UPDATE_INTERVAL_MS = 5 * 60 * 1000;
 class TokenHelper {
@@ -44,2 +45,3 @@ _logger;
     _jwksClient;
+    _updateTimer;
     constructor(jwksUrl, logger, issuerName, audience) {
@@ -58,16 +60,40 @@ this._jwksUrl = jwksUrl;
     }
+    async _preFetch() {
+        // do an initial request to test it works and cache it
+        const keys = await this._jwksClient.getSigningKeys();
+        for (const k of keys) {
+            k.getPublicKey();
+        }
+    }
+    async _getSigningKey(kid) {
+        let key;
+        try {
+            // this can throw a SigningKeyNotFoundError
+            key = await this._jwksClient.getSigningKey(kid);
+            return key;
+        }
+        catch (err) {
+            return null;
+        }
+    }
     /**
-     * @deprecated Please use preFetch() instead, this is not a required initialization function
+     * Prefetches the public keys and starts the automatic update timer
      */
     async init() {
-        //await this.preFetch();
+        await this._preFetch();
+        // start the timer
+        this._updateTimer = setInterval(() => {
+            this._preFetch();
+        }, PUB_KEYS_UPDATE_INTERVAL_MS);
         return Promise.resolve();
     }
+    async destroy() {
+        if (this._updateTimer)
+            clearInterval(this._updateTimer);
+    }
+    /**
+     * @deprecated the new init already prefetches and starts the automatic update timer
+     */
     async preFetch() {
-        // do an initial request to test it works and cache it
-        const keys = await this._jwksClient.getSigningKeys();
-        for (const k of keys) {
-            k.getPublicKey();
-        }
-        // TODO setup timer
+        return this._preFetch();
     }
@@ -99,5 +125,11 @@ /**
         }
-        const key = await this._jwksClient.getSigningKey(token.header.kid);
+        let key = await this._getSigningKey(token.header.kid);
+        // if not found, let's re-fetch the keys and try once more
         if (!key) {
-            this._logger.warn(`public signing key not found for kid: ${token.header.kid}`);
+            await this._preFetch();
+            key = await this._getSigningKey(token.header.kid);
+        }
+        if (!key) {
+            // still not found... we give up
+            this._logger.warn(`Public signing key not found for kid: ${token.header.kid}`);
             return false;
@@ -104,0 +136,0 @@ }

package.json

 {
   "name": "@mojaloop/security-bc-client-lib",
-  "version": "0.3.8",
+  "version": "0.3.9",
   "description": "Mojaloop security authentication and authorization client library",
@@ -5,0 +5,0 @@ "license": "Apache-2.0",

No alert changes

Improved metrics

Total package byte prevSize

123656

increased by1.55%

Lines of code

1910

increased by2.08%

No dependency changes