Module

x/jose/jwks/remote.ts>jwksCache

JWA, JWS, JWE, JWT, JWK, JWKS for Node.js, Browser, Cloudflare Workers, Deno, Bun, and other Web-interoperable runtimes.
Extremely Popular
Latest
variable jwksCache
import { jwksCache } from "https://dotland.deno.dev/x/jose@v5.9.6/jwks/remote.ts";

DANGER ZONE - This option has security implications that must be understood, assessed for applicability, and accepted before use. It is critical that the JSON Web Key Set cache only be writable by your own code.

This option is intended for cloud computing runtimes that cannot keep an in memory cache between their code's invocations. Use in runtimes where an in memory cache between requests is available is not desirable.

When passed to {@link jwks/remote.createRemoteJWKSet | createRemoteJWKSet} this allows the passed in object to:

  • Serve as an initial value for the JSON Web Key Set that the module would otherwise need to trigger an HTTP request for
  • Have the JSON Web Key Set the function optionally ended up triggering an HTTP request for assigned to it as properties

The intended use pattern is:

  • Before verifying with {@link jwks/remote.createRemoteJWKSet | createRemoteJWKSet} you pull the previously cached object from a low-latency key-value store offered by the cloud computing runtime it is executed on;
  • Default to an empty object {} instead when there's no previously cached value;
  • Pass it in as {@link RemoteJWKSetOptions[jwksCache]};
  • Afterwards, update the key-value storage if the {@link ExportedJWKSCache.uat | uat} property of the object has changed.

// Prerequisites let url!: URL let jwt!: string let getPreviouslyCachedJWKS!: () => Promise<jose.ExportedJWKSCache> let storeNewJWKScache!: (cache: jose.ExportedJWKSCache) => Promise

// Load JSON Web Key Set cache const jwksCache: jose.JWKSCacheInput = (await getPreviouslyCachedJWKS()) || {} const { uat } = jwksCache

const JWKS = jose.createRemoteJWKSet(url, { [jose.jwksCache]: jwksCache, })

// Use JSON Web Key Set cache await jose.jwtVerify(jwt, JWKS)

if (uat !== jwksCache.uat) { // Update JSON Web Key Set cache await storeNewJWKScache(jwksCache) }

type

unique symbol