jwt: add updateKeys method and call in constructor

Fixes #225.
This commit is contained in:
Jimmy Zelinskie 2016-09-25 15:51:58 -04:00
parent 3d8fc63df3
commit 7f7f2726b4

View file

@ -57,37 +57,14 @@ func NewHook(cfg Config) middleware.Hook {
closing: make(chan struct{}),
}
h.updateKeys()
go func() {
for {
select {
case <-h.closing:
return
case <-time.After(cfg.JWKUpdateInterval):
resp, err := http.Get(cfg.JWKSetURL)
if err != nil {
log.Errorln("failed to fetch JWK Set: " + err.Error())
continue
}
parsedJWKs := map[string]gojwk.Key{}
err = json.NewDecoder(resp.Body).Decode(&parsedJWKs)
if err != nil {
resp.Body.Close()
log.Errorln("failed to decode JWK JSON: " + err.Error())
continue
}
resp.Body.Close()
keys := map[string]crypto.PublicKey{}
for kid, parsedJWK := range parsedJWKs {
publicKey, err := parsedJWK.DecodePublicKey()
if err != nil {
log.Errorln("failed to decode JWK into public key: " + err.Error())
continue
}
keys[kid] = publicKey
}
h.publicKeys = keys
h.updateKeys()
}
}
}()
@ -95,6 +72,34 @@ func NewHook(cfg Config) middleware.Hook {
return h
}
func (h *hook) updateKeys() {
resp, err := http.Get(h.cfg.JWKSetURL)
if err != nil {
log.Errorln("failed to fetch JWK Set: " + err.Error())
return
}
parsedJWKs := map[string]gojwk.Key{}
err = json.NewDecoder(resp.Body).Decode(&parsedJWKs)
if err != nil {
resp.Body.Close()
log.Errorln("failed to decode JWK JSON: " + err.Error())
return
}
resp.Body.Close()
keys := map[string]crypto.PublicKey{}
for kid, parsedJWK := range parsedJWKs {
publicKey, err := parsedJWK.DecodePublicKey()
if err != nil {
log.Errorln("failed to decode JWK into public key: " + err.Error())
return
}
keys[kid] = publicKey
}
h.publicKeys = keys
}
func (h *hook) Stop() <-chan error {
select {
case <-h.closing: