From 78398d3cdfe9e18d132f990036dffdc93dfd1d8d Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Sat, 24 Aug 2019 22:03:37 +0200
Subject: [PATCH] feat: allow JWKS.asKeyStore to swallow errors

---
 docs/README.md       |  2 ++
 lib/index.d.ts       |  6 +++++-
 lib/jwks/keystore.js | 12 ++++++++++--
 3 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/docs/README.md b/docs/README.md
index 50767dc3..545dba64 100644
--- a/docs/README.md
+++ b/docs/README.md
@@ -692,6 +692,8 @@ Creates a new KeyStore from a JSON Web Key Set.
 
 - `jwks`: `<Object>` JWKS formatted object (`{ keys: [{ kty: '...', ... }, ...] }`)
 - `options`: `<Object>`
+  - `ignoreErrors`: `<boolean>` **Default** 'false'. This will make it so that keys
+    unsupported by your Node.js runtime version (or otherwise faulty keys) get swallowed.
   - `calculateMissingRSAPrimes`: `<boolean>` **Default** 'false'. This option is really only in
     effect when the JWKS contains private RSA JWK keys, by default, keys without the optimization
     private key parameters (p, q, dp, dq, qi) won't imported because their calculation is heavy and
diff --git a/lib/index.d.ts b/lib/index.d.ts
index b19d7540..0a0e2b19 100644
--- a/lib/index.d.ts
+++ b/lib/index.d.ts
@@ -208,7 +208,11 @@ export namespace JWKS {
         static fromJWKS(jwks: JSONWebKeySet): KeyStore
     }
 
-    export function asKeyStore(jwks: JSONWebKeySet, options?: ImportOptions): KeyStore
+    interface JWKSImportOptions extends ImportOptions {
+        ignoreErrors?: boolean
+    }
+
+    export function asKeyStore(jwks: JSONWebKeySet, options?: JWKSImportOptions): KeyStore
 }
 
 export namespace JWS {
diff --git a/lib/jwks/keystore.js b/lib/jwks/keystore.js
index 7b03f16f..07acc70d 100644
--- a/lib/jwks/keystore.js
+++ b/lib/jwks/keystore.js
@@ -168,12 +168,20 @@ class KeyStore {
   }
 }
 
-function asKeyStore (jwks, { calculateMissingRSAPrimes = false } = {}) {
+function asKeyStore (jwks, { ignoreErrors = false, calculateMissingRSAPrimes = false } = {}) {
   if (!isObject(jwks) || !Array.isArray(jwks.keys) || jwks.keys.some(k => !isObject(k) || !('kty' in k))) {
     throw new TypeError('jwks must be a JSON Web Key Set formatted object')
   }
 
-  const keys = jwks.keys.map((jwk) => importKey(jwk, { calculateMissingRSAPrimes }))
+  const keys = jwks.keys.map((jwk) => {
+    try {
+      return importKey(jwk, { calculateMissingRSAPrimes })
+    } catch (err) {
+      if (!ignoreErrors) {
+        throw err
+      }
+    }
+  }).filter(Boolean)
 
   return new KeyStore(...keys)
 }