diff --git a/src/auth0/mod.rs b/src/auth0/mod.rs index cd1b737..2558edb 100644 --- a/src/auth0/mod.rs +++ b/src/auth0/mod.rs @@ -91,13 +91,7 @@ async fn start( match Token::fetch(&client, &config).await { Ok(token) => { - let is_signed: bool = jwks_client - .decode::(token.as_str(), &[config.audience()]) - .await - .is_ok(); - tracing::info!("is signed: {}", is_signed); - - let _ = cache.put_token(&token).await.log_err("Error caching JWT"); + let token = fetch_and_update_token(client_ref, cache_ref, config_ref).await; write(&token_lock, token); } Err(error) => tracing::error!("Failed to fetch JWT. Reason: {:?}", error), @@ -111,17 +105,29 @@ async fn start( // Try to fetch the token from cache. If it's found return it; fetch from auth0 and put in cache otherwise async fn get_token(client_ref: &Client, cache_ref: &Arc, config_ref: &Config) -> Result { - match cache_ref.get_token().await? { - Some(token) => Ok(token), - None => { - let token: Token = Token::fetch(client_ref, config_ref).await?; - let _ = cache_ref.put_token(&token).await.log_err("JWT cache set failed"); - - Ok(token) + match cache_ref.get_token().await { + Ok(Some(token)) => Ok(token), + Ok(None) => fetch_and_update_token(client_ref, cache_ref, config_ref).await, + Err(Auth0Error::CryptoError(e)) => { + tracing::warn!("Crypto error({}) when attempting to decrypt cached token. Ignoring", e); + fetch_and_update_token(client_ref, cache_ref, config_ref).await } + Err(e) => Err(e), } } +// Unconditionally fetch a new token and update the cache +async fn fetch_and_update_token( + client_ref: &Client, + cache_ref: &Arc, + config_ref: &Config, +) -> Result { + let token: Token = Token::fetch(client_ref, config_ref).await?; + let _ = cache_ref.put_token(&token).await.log_err("JWT cache set failed"); + + Ok(token) +} + fn read(lock_ref: &Arc>) -> T { let lock_guard: RwLockReadGuard = lock_ref.read().unwrap_or_else(|poison_error| poison_error.into_inner()); (*lock_guard).clone()