|
func (r *RemoteKeySet) updateKeys() ([]jose.JSONWebKey, error) { |
|
req, err := http.NewRequest("GET", r.jwksURL, nil) |
|
if err != nil { |
|
return nil, fmt.Errorf("oidc: can't create request: %v", err) |
|
} |
|
|
|
resp, err := doRequest(r.ctx, req) |
|
if err != nil { |
|
return nil, fmt.Errorf("oidc: get keys failed %v", err) |
|
} |
|
defer resp.Body.Close() |
|
|
|
body, err := ioutil.ReadAll(resp.Body) |
|
if err != nil { |
|
return nil, fmt.Errorf("unable to read response body: %v", err) |
|
} |
|
|
|
if resp.StatusCode != http.StatusOK { |
|
return nil, fmt.Errorf("oidc: get keys failed: %s %s", resp.Status, body) |
|
} |
|
|
|
var keySet jose.JSONWebKeySet |
|
err = unmarshalResp(resp, body, &keySet) |
|
if err != nil { |
|
return nil, fmt.Errorf("oidc: failed to decode keys: %v %s", err, body) |
|
} |
|
return keySet.Keys, nil |
|
} |
It looks like this function does not attempt to retry on errors. This function performs a GET, so most errors should be retry-friendly. A single retry would significantly[1] help recover from most errors.
[1]: source: none :)
