feat: allow JWKS.asKeyStore to swallow errors

docs/README.md

@@ -692,6 +692,8 @@ Creates a new KeyStore from a JSON Web Key Set.
 
 - `jwks`: `<Object>` JWKS formatted object (`{ keys: [{ kty: '...', ... }, ...] }`)
 - `options`: `<Object>`
+  - `ignoreErrors`: `<boolean>` **Default** 'false'. This will make it so that keys
+    unsupported by your Node.js runtime version (or otherwise faulty keys) get swallowed.
   - `calculateMissingRSAPrimes`: `<boolean>` **Default** 'false'. This option is really only in
     effect when the JWKS contains private RSA JWK keys, by default, keys without the optimization
     private key parameters (p, q, dp, dq, qi) won't imported because their calculation is heavy and

lib/index.d.ts

@@ -208,7 +208,11 @@ export namespace JWKS {
         static fromJWKS(jwks: JSONWebKeySet): KeyStore
     }
 
-    export function asKeyStore(jwks: JSONWebKeySet, options?: ImportOptions): KeyStore
+    interface JWKSImportOptions extends ImportOptions {
+        ignoreErrors?: boolean
+    }
+
+    export function asKeyStore(jwks: JSONWebKeySet, options?: JWKSImportOptions): KeyStore
 }
 
 export namespace JWS {

lib/jwks/keystore.js

@@ -168,12 +168,20 @@ class KeyStore {
   }
 }
 
-function asKeyStore (jwks, { calculateMissingRSAPrimes = false } = {}) {
+function asKeyStore (jwks, { ignoreErrors = false, calculateMissingRSAPrimes = false } = {}) {
   if (!isObject(jwks) || !Array.isArray(jwks.keys) || jwks.keys.some(k => !isObject(k) || !('kty' in k))) {
     throw new TypeError('jwks must be a JSON Web Key Set formatted object')
   }
 
-  const keys = jwks.keys.map((jwk) => importKey(jwk, { calculateMissingRSAPrimes }))
+  const keys = jwks.keys.map((jwk) => {
+    try {
+      return importKey(jwk, { calculateMissingRSAPrimes })
+    } catch (err) {
+      if (!ignoreErrors) {
+        throw err
+      }
+    }
+  }).filter(Boolean)
 
   return new KeyStore(...keys)
 }