chore(api-keys): small fixes (#3499)

* fix(api-keys): better retry for jwks init * chore(api-keys): remove some printouts * chore: remove comment
GaloyMoney · Nov 3, 2023 · 7dbcfb6 · 7dbcfb6
1 parent 907b354
commit 7dbcfb6
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 9 deletions.
diff --git a/core/api-keys/src/cli/mod.rs b/core/api-keys/src/cli/mod.rs
@@ -24,7 +24,6 @@ struct Cli {
 pub async fn run() -> anyhow::Result<()> {
     let cli = Cli::parse();
 
-    println!("config: {:?}", cli.config);
     let config = Config::from_path(cli.config, EnvOverride { db_con: cli.pg_con })?;
 
     run_cmd(config).await?;
@@ -33,7 +32,6 @@ pub async fn run() -> anyhow::Result<()> {
 }
 
 async fn run_cmd(config: Config) -> anyhow::Result<()> {
-    println!("Running server");
     let pool = db::init_pool(&config.db).await?;
     let app = crate::app::ApiKeysApp::new(pool, config.app);
     crate::server::run_server(config.server, app).await

diff --git a/core/api-keys/src/server/jwks/mod.rs b/core/api-keys/src/server/jwks/mod.rs
@@ -83,12 +83,12 @@ impl RemoteJwksDecoder {
     pub fn new(jwks_url: String) -> Self {
         Self {
             jwks_url,
-            cache_duration: std::time::Duration::from_secs(60 * 60),
+            cache_duration: std::time::Duration::from_secs(30 * 60),
             keys_cache: RwLock::new(Vec::new()),
             validation: Validation::new(Algorithm::RS256),
             client: reqwest::Client::new(),
-            retry_count: 3,
-            backoff: std::time::Duration::from_secs(1),
+            retry_count: 10,
+            backoff: std::time::Duration::from_secs(2),
         }
     }
 
@@ -108,7 +108,6 @@ impl RemoteJwksDecoder {
             }
         }
 
-        // Last attempt failed, return the error
         Err(err.unwrap())
     }
 
@@ -143,16 +142,22 @@ impl RemoteJwksDecoder {
     /// succeeds or the universe ends, whichever comes first.
     pub async fn refresh_keys_periodically(&self) {
         loop {
+            let mut err = None;
             match self.refresh_keys().await {
-                Ok(_) => {}
-                Err(err) => {
-                    // log the error and continue with stale keys
+                Ok(_) => {
+                    err = None;
+                }
+                Err(e) => {
                     eprintln!(
                         "Failed to refresh JWKS after {} attempts: {:?}",
                         self.retry_count, err
                     );
+                    err = Some(e);
                 }
             }
+            if err.is_some() {
+                continue;
+            }
             tokio::time::sleep(self.cache_duration).await;
         }
     }