From b29f7ab02502e63e214f5f5e4389dacf752fdd8e Mon Sep 17 00:00:00 2001
From: aozhiwei <aozhiwei@kingsome.cn>
Date: Mon, 3 Jun 2024 11:35:43 +0800
Subject: [PATCH] 1

---
 server/web3service/controllers/jwt.js | 45 ++++++++++++++++-----------
 1 file changed, 27 insertions(+), 18 deletions(-)

diff --git a/server/web3service/controllers/jwt.js b/server/web3service/controllers/jwt.js
index 4681bbb..3613ee1 100644
--- a/server/web3service/controllers/jwt.js
+++ b/server/web3service/controllers/jwt.js
@@ -4,28 +4,37 @@ const base64url = require('base64url');
 const jwksClient = require('jwks-rsa');
 const jwt = require('jsonwebtoken');
 
+const LOCK_KEY = 'getJwtLock:';
 const jwksKeyHash = {};
-const jwksKeyLockHash = {};
 
 async function asyncGetKey(jkwsUri, header, cb) {
-  if (jwksUri in jwksKeyHash) {
-    const c = jwksKeyHash[jwksUri];
-    cb(null, c['key']);
-    return;
-  }
-  const client = jwksClient({
-    jwksUri: jwksUri
-  });
-  client.getSigningKey(header.kid, function(err, key) {
-    const signingKey = key.publicKey || key.rsaPublicKey;
-    if (!err) {
-      jwksKeyHash[jwksUri] = {
-        'key': key,
-        'lastRefreshTime': utils.getUtcTime()
-      };
+  app.lock(LOCK_KEY + jkwsUri);
+  try {
+    if (jwksUri in jwksKeyHash) {
+      const c = jwksKeyHash[jwksUri];
+      cb(null, c['key']);
+      return;
     }
-    cb(null, signingKey);
-  });
+    const client = jwksClient({
+      jwksUri: jwksUri
+    });
+    client.getSigningKey(header.kid, function(err, key) {
+      try {
+        const signingKey = key.publicKey || key.rsaPublicKey;
+        if (!err) {
+          jwksKeyHash[jwksUri] = {
+            'key': key,
+            'lastRefreshTime': utils.getUtcTime()
+          };
+        }
+        cb(null, signingKey);
+      } finally {
+        app.unLock(LOCK_KEY + jkwsUri);
+      }
+    });
+  } finally {
+    app.unLock(LOCK_KEY + jkwsUri);
+  }
 }
 
 function asyncVerify(jwksUri, data) {