1

server/web3service/controllers/jwt.js

@@ -9,12 +9,45 @@ const jwksKeyHash = {};
 
 async function refreshKey() {
   while (true) {
+    const keyList = [];
+    jwksKeyHash.forEach((key, val) => {
+      if (utils.getUtcTime() - val['lastRefreshTime'] > 60 * 30) {
+        keyList.push(val);
+      }
+    });
+    utils.serial
+    (keyList,
+     async (val) => {
+       const err = await asyncForceGetKey(val['uri'], val['header']);
+       if (!err) {
+       }
+     });
     await utils.sleep(1000 * 60 * 5);
   }
 }
 
-async function asyncGetKey(jkwsUri, header, cb) {
-  await app.lock(LOCK_KEY + jkwsUri);
+async function asyncForceGetKey(jwksUri, header) {
+  return new Promise((resolve) => {
+    const client = jwksClient({
+      jwksUri: jwksUri
+    });
+    client.getSigningKey(header.kid, function(err, key) {
+      const signingKey = key.publicKey || key.rsaPublicKey;
+      if (!err) {
+        jwksKeyHash[jwksUri] = {
+          'key': key,
+          'uri': jwksUri,
+          'header': header,
+          'lastRefreshTime': utils.getUtcTime()
+        };
+      }
+      resolve(err);
+    });
+  });
+}
+
+async function asyncGetKey(jwksUri, header, cb) {
+  await app.lock(LOCK_KEY + jwksUri);
   try {
     if (jwksUri in jwksKeyHash) {
       const c = jwksKeyHash[jwksUri];
@@ -30,17 +63,18 @@ async function asyncGetKey(jkwsUri, header, cb) {
         if (!err) {
           jwksKeyHash[jwksUri] = {
             'key': key,
+            'uri': jwksUri,
             'header': header,
             'lastRefreshTime': utils.getUtcTime()
           };
         }
         cb(null, signingKey);
       } finally {
-        app.unLock(LOCK_KEY + jkwsUri);
+        app.unLock(LOCK_KEY + jwksUri);
       }
     });
   } finally {
-    app.unLock(LOCK_KEY + jkwsUri);
+    app.unLock(LOCK_KEY + jwksUri);
   }
 }
 
@@ -85,6 +119,7 @@ async function verify(session) {
 }
 
 function init() {
+  refreshKey();
   app.registerHandler('Jwt', 'verify', verify);
 }