Discussion on "Verifying JWTs with JWKS in Ruby" | Hashnode

Discussion

Unathi Chonco

Full Stack Engineer WeTransfer

Mar 28, 2021

Verifying JWTs with JWKS in Ruby

In this post, we will discuss a few issues, and their solutions, when working with asymmetrically signed JWTs (JSON Web Tokens). The post assumes you have a basic working knowledge of JWTs. The Lowdown (Intro) When working with JWTs (JSON Web Tokens)...

blog.unathichonco.com6 min read

#ruby #ruby-on-rails #rails #jwt #security

Responses(1)

Using

force: true, skip_nil: true

does not work the way you described it in:

Our #fetch_jwks method only returns the JSON response if the request was successful, and nil otherwise. Meaning we can cater for any failed response by leaving the current value in the cache, so we always have the latest successful response we've received.

The cache will be cleared even if the response is not successful and fetch_jwks returns nil.

Rails.cache.fetch("JWKS_CACHE_KEY", force: true, skip_nil: true) do
  Time.now.to_s  
end  
=> "2021-08-31 11:22:32 +0200"

Rails.cache.fetch("JWKS_CACHE_KEY", force: true, skip_nil: true) do
  nil  
end  
=> nil

Rails.cache.fetch("JWKS_CACHE_KEY")
=> nil

Search Hashnode

Verifying JWTs with JWKS in Ruby

Responses(1)

Recent in Forum