From ed386ec97274c67b708a9f7fef1ba910def89f0a Mon Sep 17 00:00:00 2001
From: cduvray <c_duvray@proton.me>
Date: Sun, 12 Nov 2023 08:56:13 +0100
Subject: [PATCH] fix: bad jwk  panic

replacinf unwrap by Error (jsonwebtoken.error::Error)
---
 jwt-authorizer/src/jwks/mod.rs | 31 +++++++++++++++++++++++++++++--
 1 file changed, 29 insertions(+), 2 deletions(-)

diff --git a/jwt-authorizer/src/jwks/mod.rs b/jwt-authorizer/src/jwks/mod.rs
index 4d07f06..8553e16 100644
--- a/jwt-authorizer/src/jwks/mod.rs
+++ b/jwt-authorizer/src/jwks/mod.rs
@@ -1,6 +1,6 @@
 use std::{str::FromStr, sync::Arc};
 
-use jsonwebtoken::{jwk::Jwk, Algorithm, DecodingKey, Header};
+use jsonwebtoken::{errors::ErrorKind, jwk::Jwk, Algorithm, DecodingKey, Header};
 
 use crate::error::AuthError;
 
@@ -29,7 +29,13 @@ impl KeyData {
     pub fn from_jwk(key: &Jwk) -> Result<KeyData, jsonwebtoken::errors::Error> {
         Ok(KeyData {
             kid: key.common.key_id.clone(),
-            alg: vec![Algorithm::from_str(key.common.key_algorithm.unwrap().to_string().as_str())?],
+            alg: vec![Algorithm::from_str(
+                key.common
+                    .key_algorithm
+                    .ok_or(jsonwebtoken::errors::Error::from(ErrorKind::MissingAlgorithm))?
+                    .to_string()
+                    .as_str(),
+            )?],
             key: DecodingKey::from_jwk(key)?,
         })
     }
@@ -82,3 +88,24 @@ impl KeySource {
         }
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use jsonwebtoken::{errors::ErrorKind, jwk::Jwk};
+
+    use super::KeyData;
+
+    #[test]
+    fn key_data_no_alg() {
+        // NO ALG should result in ErrorKind::MissingAlgorithm
+        let jwk_ko: Jwk = serde_json::from_str( r#"{
+            "kty": "RSA",
+            "n": "2pQeZdxa7q093K7bj5h6-leIpxfTnuAxzXdhjfGEJHxmt2ekHyCBWWWXCBiDn2RTcEBcy6gZqOW45Uy_tw-5e-Px1xFj1PykGEkRlOpYSAeWsNaAWvvpGB9m4zQ0PgZeMDDXE5IIBrY6YAzmGQxV-fcGGLhJnXl0-5_z7tKC7RvBoT3SGwlc_AmJqpFtTpEBn_fDnyqiZbpcjXYLExFpExm41xDitRKHWIwfc3dV8_vlNntlxCPGy_THkjdXJoHv2IJmlhvmr5_h03iGMLWDKSywxOol_4Wc1BT7Hb6byMxW40GKwSJJ4p7W8eI5mqggRHc8jlwSsTN9LZ2VOvO-XiVShZRVg7JeraGAfWwaIgIJ1D8C1h5Pi0iFpp2suxpHAXHfyLMJXuVotpXbDh4NDX-A4KRMgaxcfAcui_x6gybksq6gF90-9nfQfmVMVJctZ6M-FvRr-itd1Nef5WAtwUp1qyZygAXU3cH3rarscajmurOsP6dE1OHl3grY_eZhQxk33VBK9lavqNKPg6Q_PLiq1ojbYBj3bcYifJrsNeQwxldQP83aWt5rGtgZTehKVJwa40Uy_Grae1iRnsDtdSy5sTJIJ6EiShnWAdMoGejdiI8vpkjrdU8SWH8lv1KXI54DsbyAuke2cYz02zPWc6JEotQqI0HwhzU0KHyoY4s",
+            "e": "AQAB",
+            "kid": "rsa01",
+            "use": "sig"
+          }"#).unwrap();
+        let ks = KeyData::from_jwk(&jwk_ko);
+        assert_eq!(ks.err().unwrap().kind(), &ErrorKind::MissingAlgorithm);
+    }
+}