openidconnect-rs icon indicating copy to clipboard operation
openidconnect-rs copied to clipboard

Published 20 hours ago verified publisher icon ramosbugs

Decouple fetching of openid-configuration and JWKS

Open lmm-git opened this issue 1 year ago • 1 comments

Currently, when discovering a Provider, both openid-configuration and JWKS get fetched.

I have a specific use case where I do not need the JWKs, so I propose to decouple fetching JWKs and the default configuration to save one round trip and traffic.

For me, it would make sense to implicitly load the keys when requesting them from the provider object, but this would probably require some caching like discussed in #25

lmm-git avatar Apr 15 '24 21:04 lmm-git

I think the current behavior is a sensible default for most use cases. For special use cases, I'd suggest fetching the openid-configuration manually (since it's a simple HTTP GET request) and then using serde_json to deserialize the ProviderMetadata from the response.

ramosbugs avatar Apr 23 '24 20:04 ramosbugs