jwks — Code View¶
← Back to Container | ← Back to System
Component Information¶
| Field | Value |
|---|---|
| Component | jwks |
| Container | @chrislyons-dev/flarelette-jwt |
| Type | module |
| Description | JSON Web Key Set (JWKS) utilities. This module provides functions to fetch and manage JWKS, including caching and key lookup by key ID (kid). It supports integration with external JWKS services. |
| --- |
Code Structure¶
Class Diagram¶
Code Elements¶
7 code element(s)
#### Functions ##### `clearJwksCache()` Clear the JWKS cache (for testing purposes) | Field | Value | | --- | --- | | **Type** | `function` | | **Visibility** | `public` | | **Returns** | `void` || **Location** | `C:/Users/chris/git/flarelette-jwt-kit/packages/flarelette-jwt-ts/src/jwks.ts:49` | --- ##### `clearHttpJwksCache()` Clear the HTTP JWKS cache (for testing purposes) | Field | Value | | --- | --- | | **Type** | `function` | | **Visibility** | `public` | | **Returns** | `void` || **Location** | `C:/Users/chris/git/flarelette-jwt-kit/packages/flarelette-jwt-ts/src/jwks.ts:57` | --- ##### `fetchJwksFromService()` Fetch JWKS from a service binding Implements 5-minute caching to reduce load on JWKS service | Field | Value | | --- | --- | | **Type** | `function` | | **Visibility** | `public` | | **Async** | Yes || **Returns** | `Promiseimport("C:/Users/chris/git/flarelette-jwt-kit/packages/flarelette-jwt-ts/src/types").Fetcher --- ##### `validateJwksUrl()` Validate JWKS URL for security requirements Requirements: - Must be valid URL format - Must use HTTPS (except localhost/127.0.0.1/[::1] for testing) | Field | Value | | --- | --- | | **Type** | `function` | | **Visibility** | `private` | | **Returns** | `URL` - Parsed URL object || **Location** | `C:/Users/chris/git/flarelette-jwt-kit/packages/flarelette-jwt-ts/src/jwks.ts:103` | **Parameters:** - `url`: string — - JWKS URL to validate --- ##### `fetchJwksFromUrl()` Fetch JWKS from HTTP URL with caching Implements configurable TTL caching (default 5 minutes) Security: HTTPS-only (except localhost), 5-second timeout, 100KB size limit | Field | Value | | --- | --- | | **Type** | `function` | | **Visibility** | `public` | | **Async** | Yes || **Returns** | `Promisestring — - HTTP(S) URL to JWKS endpoint- `ttlSeconds`: number — - Cache TTL in seconds (default: 300) --- ##### `getKeyFromJwks()` Find and import a specific key from JWKS by kid Supports both EdDSA (Ed25519) and RSA (RS256/RS384/RS512) keys Algorithm is auto-detected from key type (kty) and curve (crv) | Field | Value | | --- | --- | | **Type** | `function` | | **Visibility** | `public` | | **Async** | Yes || **Returns** | `Promisestring — - Key ID from JWT header- `jwks`: JWKWithKid[] — - Array of JWK objects --- ##### `allowedThumbprints()` Get allowed thumbprints for key pinning (optional security measure) | Field | Value | | --- | --- | | **Type** | `function` | | **Visibility** | `public` | | **Returns** | `Set