refactor: improve JWKS file handling in validation function

Author: infezek

lib/resty/libjwt.lua

@@ -22,18 +22,19 @@ function _M.validate( params)
         return false, err
     end
     for i, jwks_file in ipairs(params.jwks_files) do
-        local jwks = _M.read_file(jwks_file)
-        if jwks == nil then
-            return false, "jwks file not found"
+        local file = _M.read_file(jwks_file)
+        if file == nil then
+            goto continue
         end
-        local jwks_set = jwks_c.jwks_create(jwks);
+        local jwks_set = jwks_c.jwks_create(file);
         local jwks_item = jwks_c.jwks_item_get(jwks_set, 0);
         local checker = jwks_c.jwt_checker_new();
         jwks_c.jwt_checker_setkey(checker, jwks_c.JWT_ALG_RS256, jwks_item);
         local result = jwks_c.jwt_checker_verify(checker, token);
         if result == 0 then
             return true, ""
         end
+         ::continue::
     end
     return false, "token not valid"
 end

nginx.conf

@@ -14,7 +14,7 @@ http {
                 local libjwt = require("resty.libjwt")
                 local valid, err = libjwt.validate({
                         ["header_token"] = "Authorization",
-                        ["jwks_files"] = {"/usr/share/tokens/jwks.json"},
+                        ["jwks_files"] = { "/usr/share/tokens/jwks.json"},
                 })
                 if err ~= "" then
                     return ngx.say(err)