mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-24 19:33:02 +03:00
Added backend JWKS endpoint caching
refs https://github.com/TryGhost/Toolbox/issues/411
refs f58b5984cb
- Backend JWKS endpoint did not have any HTTP caching
- It is recommended to cache JWKS endpoints (ref.: https://docs.apigee.com/api-platform/reference/policies/jwt-policies-overview)
- This change also brings the endpoint up to speed with what members JWKS
endpoint does
- Above point gives another reminder to extract JWKS functionality into a
common module that should be reused
This commit is contained in:
parent
8c47819194
commit
a26689c264
@ -1,5 +1,7 @@
|
||||
const cacheControl = require('@tryghost/mw-cache-control');
|
||||
const express = require('../../shared/express');
|
||||
const settings = require('../../shared/settings-cache');
|
||||
const config = require('../../shared/config');
|
||||
|
||||
module.exports = function setupWellKnownApp() {
|
||||
const wellKnownApp = express('well-known');
|
||||
@ -14,7 +16,9 @@ module.exports = function setupWellKnownApp() {
|
||||
return keyStore.toJSON();
|
||||
};
|
||||
|
||||
wellKnownApp.get('/jwks.json', async (req, res) => {
|
||||
const cache = cacheControl('public', {maxAge: config.get('caching:wellKnown:maxAge')});
|
||||
|
||||
wellKnownApp.get('/jwks.json', cache, async (req, res) => {
|
||||
const jwks = await getSafePublicJWKS();
|
||||
|
||||
// there's only one key in the store atm
|
||||
|
@ -16,6 +16,7 @@ Object {
|
||||
|
||||
exports[`.well-known GET /jwks.json should return a JWKS 2: [headers] 1`] = `
|
||||
Object {
|
||||
"cache-control": "public, max-age=86400",
|
||||
"content-length": "277",
|
||||
"content-type": "application/json; charset=utf-8",
|
||||
"etag": StringMatching /\\(\\?:W\\\\/\\)\\?"\\(\\?:\\[ !#-\\\\x7E\\\\x80-\\\\xFF\\]\\*\\|\\\\r\\\\n\\[\\\\t \\]\\|\\\\\\\\\\.\\)\\*"/,
|
||||
|
Loading…
Reference in New Issue
Block a user