Ignore crypto errors when creating the auth0 client

primait · Aug 22, 2024 · 28b83b6 · 28b83b6
1 parent 7d4edd7
commit 28b83b6
Showing 1 changed file with 20 additions and 14 deletions.
diff --git a/src/auth0/mod.rs b/src/auth0/mod.rs
@@ -91,13 +91,7 @@ async fn start(
 
                 match Token::fetch(&client, &config).await {
                     Ok(token) => {
-                        let is_signed: bool = jwks_client
-                            .decode::<Claims>(token.as_str(), &[config.audience()])
-                            .await
-                            .is_ok();
-                        tracing::info!("is signed: {}", is_signed);
-
-                        let _ = cache.put_token(&token).await.log_err("Error caching JWT");
+                        let token = fetch_and_update_token(client_ref, cache_ref, config_ref).await;
                         write(&token_lock, token);
                     }
                     Err(error) => tracing::error!("Failed to fetch JWT. Reason: {:?}", error),
@@ -111,17 +105,29 @@ async fn start(
 
 // Try to fetch the token from cache. If it's found return it; fetch from auth0 and put in cache otherwise
 async fn get_token(client_ref: &Client, cache_ref: &Arc<dyn Cache>, config_ref: &Config) -> Result<Token, Auth0Error> {
-    match cache_ref.get_token().await? {
-        Some(token) => Ok(token),
-        None => {
-            let token: Token = Token::fetch(client_ref, config_ref).await?;
-            let _ = cache_ref.put_token(&token).await.log_err("JWT cache set failed");
-
-            Ok(token)
+    match cache_ref.get_token().await {
+        Ok(Some(token)) => Ok(token),
+        Ok(None) => fetch_and_update_token(client_ref, cache_ref, config_ref).await,
+        Err(Auth0Error::CryptoError(e)) => {
+            tracing::warn!("Crypto error({}) when attempting to decrypt cached token. Ignoring", e);
+            fetch_and_update_token(client_ref, cache_ref, config_ref).await
         }
+        Err(e) => Err(e),
     }
 }
 
+// Unconditionally fetch a new token and update the cache
+async fn fetch_and_update_token(
+    client_ref: &Client,
+    cache_ref: &Arc<dyn Cache>,
+    config_ref: &Config,
+) -> Result<Token, Auth0Error> {
+    let token: Token = Token::fetch(client_ref, config_ref).await?;
+    let _ = cache_ref.put_token(&token).await.log_err("JWT cache set failed");
+
+    Ok(token)
+}
+
 fn read<T: Clone>(lock_ref: &Arc<RwLock<T>>) -> T {
     let lock_guard: RwLockReadGuard<T> = lock_ref.read().unwrap_or_else(|poison_error| poison_error.into_inner());
     (*lock_guard).clone()