如何定期获取远程公钥并存储在 Apollo graphql 服务器中？

Question

I have run an Apollo graphql server. I want to verify JWT sent by Firebase client. According to this document we can fetch public keys to verify. It also gives max-age until which we can store the key. I use Auth0-nodejs for JWT verification. My problem is how do I periodically fetch this public key and store in nodejs variable in Apollo server so that I don't have to fetch keys from firebase for every request in the apollo server.

const server = new ApolloServer({
schema, context: ({ req }) => {
const token = req.headers.authorization;
const user = getAuthorizedUser(token);
return { user };
}
});

server.listen();

Here getAuthorizedUser(token) needs to grab the public keys from remote server every time on new request. This may slow down my app. I am not sure how can I periodically fetch data from remote server and use it for every request on my server.

Answer 1

You could just fetch them lazily. Something like:

let keys
let expiresAt = 0

async function getPublicKeys () {
  if (expiresAt < Date.now()) {
    try {
      const { maxAge, publicKeys } = await getKeysFromFirebase()
    catch (e) {
      // Handle being unable to fetch the keys from Google -- either retry or throw
    }
    expiresAt = (maxAge * 1000) + Date.now() - arbitraryPadding
    keys = publicKeys
  }
  return keys
}

Barring that, you could have your application refetch them before they expire using setTimeout -- you would just need to ensure that your timer is cleared when the process exits. You could also set up a cron job that would just periodically write the keys to file.