BREAKING CHANGE: remove node-fetch in favour of fetch

package.json

@@ -33,18 +33,16 @@
   "homepage": "https://github.com/nearform/get-jwks#readme",
   "dependencies": {
     "jwk-to-pem": "^2.0.4",
-    "lru-cache": "^11.0.0",
-    "node-fetch": "^2.6.1"
+    "lru-cache": "^11.0.0"
   },
   "devDependencies": {
     "@fastify/jwt": "^8.0.0",
     "@types/node": "^22.0.0",
-    "@types/node-fetch": "^2.6.2",
     "eslint": "^8.6.0",
     "fast-jwt": "^4.0.0",
     "fastify": "^4.0.3",
     "jsonwebtoken": "^9.0.0",
-    "nock": "^13.0.7",
+    "nock": "^v14.0.0-beta.16",
     "prettier": "^3.0.0",
     "sinon": "^19.0.2",
     "tsd": "^0.31.0",

src/error.d.ts

@@ -1,5 +1,3 @@
-import type { Response } from 'node-fetch'
-
 export enum errorCode {
   OPENID_CONFIGURATION_REQUEST_FAILED = 'OPENID_CONFIGURATION_REQUEST_FAILED',
   JWKS_REQUEST_FAILED = 'JWKS_REQUEST_FAILED',

src/get-jwks.d.ts

@@ -1,5 +1,4 @@
 import type { LRUCache } from 'lru-cache'
-import type { Agent } from 'https'
 
 type GetPublicKeyOptions = {
   domain?: string
@@ -24,8 +23,7 @@ type GetJwksOptions = {
   issuersWhitelist?: string[]
   providerDiscovery?: boolean
   jwksPath?: string
-  agent?: Agent
-  timeout?: number
+  fetchOptions?: RequestInit
 }
 
 declare namespace buildGetJwks {

src/get-jwks.js

@@ -1,6 +1,5 @@
 'use strict'
 
-const fetch = require('node-fetch')
 const { LRUCache } = require('lru-cache')
 const jwkToPem = require('jwk-to-pem')
 
@@ -20,14 +19,13 @@ function ensureNoLeadingSlash(path) {
 function buildGetJwks(options = {}) {
   const max = options.max || 100
   const ttl = options.ttl || ONE_MINUTE
-  const timeout = options.timeout || FIVE_SECONDS
   const issuersWhitelist = (options.issuersWhitelist || []).map(ensureTrailingSlash)
   const checkIssuer = options.checkIssuer
   const providerDiscovery = options.providerDiscovery || false
   const jwksPath = options.jwksPath
     ? ensureNoLeadingSlash(options.jwksPath)
     : false
-  const agent = options.agent || null
+  const fetchOptions = { timeout: FIVE_SECONDS, ...options.fetchOptions }
   const staleCache = new LRUCache({ max: max * 2, ttl })
   const cache = new LRUCache({
     max,
@@ -38,10 +36,7 @@ function buildGetJwks(options = {}) {
   async function getJwksUri(normalizedDomain) {
     const response = await fetch(
       `${normalizedDomain}.well-known/openid-configuration`,
-      {
-        agent,
-        timeout,
-      }
+      fetchOptions,
     )
     const body = await response.json()
 
@@ -111,7 +106,7 @@ function buildGetJwks(options = {}) {
       ? await getJwksUri(normalizedDomain)
       : `${normalizedDomain}.well-known/jwks.json`
 
-    const response = await fetch(jwksUri, { agent, timeout })
+    const response = await fetch(jwksUri, fetchOptions)
     const body = await response.json()
 
     if (!response.ok) {

test/getJwk.spec.js

@@ -38,7 +38,7 @@ test('rejects if alg and kid do not match', async t => {
 
   await t.assert.rejects(
     getJwks.getJwk({ domain, alg: 'NOT', kid: 'FOUND' }),
-    'No matching JWK found in the set.',
+    new GetJwksError('JWK_NOT_FOUND', 'No matching JWK found in the set.'),
   )
 })
 
@@ -309,20 +309,20 @@ describe('allowed domains', () => {
   })
 })
 
-test('timeout', async t => {
+describe('timeout', () => {
   const domain = 'https://example.com'
   const [{ alg, kid }] = jwks.keys
 
-  beforeEach(() =>
-    nock(domain).get('/.well-known/jwks.json').reply(200, jwks),
-  )
-
   let timeout
-  const buildGetJwks = t.mock('../src/get-jwks', {
-    'node-fetch': (init, options) => {
+
+  beforeEach(() => {
+    global.fetch = (url, options) => {
       timeout = options.timeout
-      return require('node-fetch')(init, options)
-    },
+      return Promise.resolve({
+        ok: true,
+        json: () => Promise.resolve(jwks)
+      })
+    }
   })
 
   test('timeout defaults to 5 seconds', async t => {
@@ -332,7 +332,7 @@ test('timeout', async t => {
   })
 
   test('ensures that timeout is set to 10 seconds', async t => {
-    const getJwks = buildGetJwks({ timeout: 10000 })
+    const getJwks = buildGetJwks({ fetchOptions: { timeout: 10000 } })
     await getJwks.getJwk({ domain, alg, kid })
     t.assert.equal(timeout, 10000)
   })

test/getJwksUri.spec.js

@@ -49,19 +49,17 @@ test(
   },
 )
 
-describe('timeout', async t => {
-  beforeEach(() =>
-    nock(domain)
-      .get('/.well-known/openid-configuration')
-      .reply(200, { jwks_uri: 'http://localhost' }),
-  )
-
+describe('timeout', () => {
   let timeout
-  const buildGetJwks = t.mock('../src/get-jwks', {
-    'node-fetch': (input, options) => {
+
+  beforeEach(() => {
+    global.fetch = (url, options) => {
       timeout = options.timeout
-      return require('node-fetch')(input, options)
-    },
+      return Promise.resolve({
+        ok: true,
+        json: () => Promise.resolve({ jwks_uri: 'http://localhost' })
+      })
+    }
   })
 
   test('timeout defaults to 5 seconds', async t => {
@@ -71,7 +69,7 @@ describe('timeout', async t => {
   })
 
   test('ensures that timeout is set to 10 seconds', async t => {
-    const getJwks = buildGetJwks({ timeout: 10000 })
+    const getJwks = buildGetJwks({fetchOptions: {timeout: 10000 }})
     await getJwks.getJwksUri(domain)
     t.assert.equal(timeout, 10000)
   })