Azure AD B2C has an OpenID Connect metadata endpoint, which allows an application to fetch information at runtime. This endpoint has information about the token signing keys, token contents and endpoints.I need to query this endpoint to get the jwk_uris. the jwk_uri has the uri for the keys used to sign the jwt. I need to cache these keys for no more than 24 hours. Can anyone suggest me how i can do this in Spring? Is there any api which supports this?
HttpsJwks will cache keys for a time period based on the cache directive headers or the http response or setDefaultCacheDuration(long defaultCacheDuration), if the cache directive headers of the response are not present or indicate that the content should not be cached.
An HttpsJwks object can be used in conjunction with a JwtConsumer/JwtConsumerBuilder and HttpsJwksVerificationKeyResolver that will also make a fresh call to the jwk_uri and reeastablitsh the cache, if it encounters a kid (Key ID) in the JWT that isn't in the cached set of keys.