diff --git a/lib/oidc/endpoints/well-known.ts b/lib/oidc/endpoints/well-known.ts index 09b3f5f7d..790f2de70 100644 --- a/lib/oidc/endpoints/well-known.ts +++ b/lib/oidc/endpoints/well-known.ts @@ -47,7 +47,10 @@ export function getKey(sdk: OktaAuthOAuthInterface, issuer: string, kid: string) // Pull the latest keys if the key wasn't in the cache return get(sdk, jwksUri, { - cacheResponse: true + cacheResponse: true, + headers: { + 'Cache-Control': 'no-cache, no-store, max-age=0' + } }) .then(function(res) { var key = find(res.keys, { diff --git a/test/spec/oidc/endpoints/well-known.ts b/test/spec/oidc/endpoints/well-known.ts index ff15420f8..e8281c3b2 100644 --- a/test/spec/oidc/endpoints/well-known.ts +++ b/test/spec/oidc/endpoints/well-known.ts @@ -371,7 +371,13 @@ describe('getKey', function() { { request: { method: 'get', - uri: '/oauth2/v1/keys' + uri: '/oauth2/v1/keys', + headers: { + 'Cache-Control': 'no-cache, no-store, max-age=0', + 'Accept': 'application/json', + "Content-Type": "application/json", + 'X-Okta-User-Agent-Extended': global['USER_AGENT'], + } }, response: 'keys' } @@ -411,7 +417,13 @@ describe('getKey', function() { { request: { method: 'get', - uri: '/oauth2/v1/keys' + uri: '/oauth2/v1/keys', + headers: { + 'Cache-Control': 'no-cache, no-store, max-age=0', + 'Accept': 'application/json', + "Content-Type": "application/json", + 'X-Okta-User-Agent-Extended': global['USER_AGENT'], + } }, response: 'keys' } @@ -467,7 +479,13 @@ describe('getKey', function() { { request: { method: 'get', - uri: '/oauth2/v1/keys' + uri: '/oauth2/v1/keys', + headers: { + 'Cache-Control': 'no-cache, no-store, max-age=0', + 'Accept': 'application/json', + "Content-Type": "application/json", + 'X-Okta-User-Agent-Extended': global['USER_AGENT'], + } }, response: 'keys' }