I am using the
okta/jwt-verifier NPM package in my back-end app to verify tokens. I’ve got working local code that consumes this package, configures a verifier, and then verifies tokens. Sweet.
Of course, in order to verify token, the package internally needs to pull auth server keys from Okta, which would be absurdly slow if it needed to happen on every request. Okta appears to have anticipated this: the package will cache the keys (presumably someplace in the filesystem), and it does expose some userland params for cache lifetime and max remote requests per hour.
However, my back-end runs on AWS Lambda where there is no default persistent storage - like a filesystem - into which it can cache. It doesn’t seem like the package has any options for specifying the type/location of persistent cache storage.
Does this mean I have to abandon the package, replacing it with my own implementation of token verification which would have to include:
- key retrieval and persistence (easy enough, really)
- a reimplementation all the verification functionality of the package (ugh…)?
Any thoughts/ideas welcome.