test('will fail using callback for jwtPublicKey that errors', async () => { await expectHttpError( withPostGraphileContext( { pgPool, jwtToken: jwt.sign({ aud: 'postgraphile' }, 'public key', { noTimestamp: true, }), jwtPublicKey: function loadKey(header, callback) { callback(new Error('could not load key')); }, }, () => {}, ), 403, // 500 might be more appropriate, but jwt.verify does not distinguish errors 'error in secret or public key callback: could not load key', ); });