Log an error when JWT authentication is configured without jwt_key

author Evgeny Khramtsov <ekhramtsov@process-one.net>

Fri, 19 Jul 2019 09:01:57 +0000 (12:01 +0300)

committer Evgeny Khramtsov <ekhramtsov@process-one.net>

Fri, 19 Jul 2019 09:01:57 +0000 (12:01 +0300)
author Evgeny Khramtsov <ekhramtsov@process-one.net>
Fri, 19 Jul 2019 09:01:57 +0000 (12:01 +0300)
committer Evgeny Khramtsov <ekhramtsov@process-one.net>
Fri, 19 Jul 2019 09:01:57 +0000 (12:01 +0300)
diff --git a/src/ejabberd_auth_jwt.erl b/src/ejabberd_auth_jwt.erl

index 4d52b11d05557e3e728273f6b8cd2f245521f8ea..d8094562821e16a53de1d616498c308f323e370c 100644 (file)
--- a/src/ejabberd_auth_jwt.erl
+++ b/src/ejabberd_auth_jwt.erl
@@ -39,7 +39,14 @@
  %%%----------------------------------------------------------------------
  %%% API
  %%%----------------------------------------------------------------------
-start(_Host) -> ok.
+start(Host) ->
+    case ejabberd_option:jwt_key(Host) of
+       undefined ->
+           ?ERROR_MSG("Option jwt_key is not configured for ~s: "
+                      "JWT authentication won't work", [Host]);
+       _ ->
+           ok
+    end.
  
  stop(_Host) -> ok.
  
diff --git a/src/ejabberd_option.erl b/src/ejabberd_option.erl

index 82a03491c1b432c7a501bd020dd04d1e1393a1c7..88f7ccbeebf4ce5caad0d436860d7836ac2d9cce 100644 (file)
--- a/src/ejabberd_option.erl
+++ b/src/ejabberd_option.erl
@@ -424,10 +424,10 @@ include_config_file() ->
  include_config_file(Host) ->
      ejabberd_config:get_option({include_config_file, Host}).
  
--spec jwt_key() -> jose_jwk:key().
+-spec jwt_key() -> jose_jwk:key() | 'undefined'.
  jwt_key() ->
      jwt_key(global).
--spec jwt_key(global | binary()) -> jose_jwk:key().
+-spec jwt_key(global | binary()) -> jose_jwk:key() | 'undefined'.
  jwt_key(Host) ->
      ejabberd_config:get_option({jwt_key, Host}).
  
diff --git a/src/ejabberd_options.erl b/src/ejabberd_options.erl

index 8ad077edbe6931f4cc36e86f3be98ae342b68b55..e2250a3331aaf8a8672bdf4aed3df37de5f3d19a 100644 (file)
--- a/src/ejabberd_options.erl
+++ b/src/ejabberd_options.erl
@@ -428,7 +428,7 @@ opt_type(jwt_key) ->
                     {shaper, #{atom() => ejabberd_shaper:shaper_rate()}} |
                     {shaper_rules, [{atom(), [ejabberd_shaper:shaper_rule()]}]} |
                     {api_permissions, [ejabberd_access_permissions:permission()]} |
-                   {jwt_key, jose_jwk:key()} |
+                   {jwt_key, jose_jwk:key() | undefined} |
                     {append_host_config, [{binary(), any()}]} |
                     {host_config, [{binary(), any()}]} |
                     {define_macro, any()} |
@@ -635,7 +635,7 @@ options() ->
       {websocket_origin, []},
       {websocket_ping_interval, timer:seconds(60)},
       {websocket_timeout, timer:minutes(5)},
-     {jwt_key, <<"">>}].
+     {jwt_key, undefined}].
  
  -spec globals() -> [atom()].
  globals() ->
author	Evgeny Khramtsov <ekhramtsov@process-one.net>
	Fri, 19 Jul 2019 09:01:57 +0000 (12:01 +0300)
committer	Evgeny Khramtsov <ekhramtsov@process-one.net>
	Fri, 19 Jul 2019 09:01:57 +0000 (12:01 +0300)
src/ejabberd_auth_jwt.erl		patch \| blob \| history
src/ejabberd_option.erl		patch \| blob \| history
src/ejabberd_options.erl		patch \| blob \| history