format_error({bad_pem, Why, Path});
format_error({bad_jwt_key, Path}) ->
format("No valid JWT key found in file: ~ts", [Path]);
+format_error({bad_jwt_key_set, Path}) ->
+ format("JWT key contains JWK set in file: ~ts", [Path]);
format_error({bad_jid, Bad}) ->
format("Invalid XMPP address: ~ts", [Bad]);
format_error({bad_user, Bad}) ->
{ok, Data} ->
try jose_jwk:from_binary(Data) of
{error, _} -> econf:fail({bad_jwt_key, Path});
- Ret -> Ret
+ JWK ->
+ case jose_jwk:to_map(JWK) of
+ {_, #{<<"keys">> := [Key]}} ->
+ jose_jwk:from_map(Key);
+ {_, #{<<"keys">> := _}} ->
+ econf:fail({bad_jwt_key_set, Path});
+ _ ->
+ JWK
+ end
catch _:_ ->
econf:fail({bad_jwt_key, Path})
end;