From 1938db708ec7fd14971abce3ee42bb5048794b6d Mon Sep 17 00:00:00 2001 From: Ahmed Tarek Date: Wed, 6 Nov 2024 12:48:17 -0800 Subject: [PATCH] =?UTF-8?q?=E2=9A=A1=EF=B8=8F=20add=20resilience=20to=20er?= =?UTF-8?q?rors=20(#183)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * ⚡️ add resilience to errors * 🔖 1.7.8 * Update index.js * Update index.js --- package.json | 2 +- src/index.js | 14 +++++++++++--- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/package.json b/package.json index d852cf8..1f0c55f 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "apple-signin-auth", - "version": "1.7.7", + "version": "1.7.8", "description": " Apple signin for node.", "author": { "name": "Ahmed Tarek", diff --git a/src/index.js b/src/index.js index 5944451..49dce45 100644 --- a/src/index.js +++ b/src/index.js @@ -349,18 +349,26 @@ const _getIdTokenApplePublicKey = async ( header: string, cb: (?Error, ?string) => any, ): Function => { + /** error if found */ + let error; // attempt fetching from cache if (APPLE_KEYS_CACHE[header.kid]) { return cb(null, APPLE_KEYS_CACHE[header.kid]); } - // fetch and cache current Apple public keys - await _getApplePublicKeys(); + try { + // fetch and cache current Apple public keys + await _getApplePublicKeys(); + } catch (err) { + // key was not fetched - highly unlikely, means apple is having issues or somebody faked the JSON + // we will still try to get the key from the cache + error = err; + } // attempt fetching from cache if (APPLE_KEYS_CACHE[header.kid]) { return cb(null, APPLE_KEYS_CACHE[header.kid]); } // key was not fetched - highly unlikely, means apple is having issues or somebody faked the JSON - return cb(new Error('input error: Invalid id token public key id')); + return cb(error || new Error('input error: Invalid id token public key id')); }; /** Verifies an Apple id token */