Joken JWKS v1.6.0

JokenJwks.HttpFetcher (Joken JWKS v1.6.0) View Source

Makes a GET request to an OpenID Connect certificates endpoint.

This must be a standard JWKS URI as per the specification here: https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata

This uses the Tesla library to make it easy to test or change the adapter if wanted.

See our tests for an example of mocking the HTTP fetching.

Link to this section Summary

Functions

fetch_signers(url, opts)

Fetches the JWKS signers from the given url.

Link to this section Functions

Link to this function

fetch_signers(url, opts)

View Source

Specs

fetch_signers(binary(), keyword()) ::
  {:ok, list()} | {:error, atom()} | no_return()

Fetches the JWKS signers from the given url.

This retries up to 10 times with a fixed delay of 500 ms until the server delivers an answer. We only perform a GET request that is idempotent.

We use :hackney as it validates certificates automatically.