diff --git a/lib/azure_jwt_auth/authenticable.rb b/lib/azure_jwt_auth/authenticable.rb index a6bc04d..3a2d29e 100644 --- a/lib/azure_jwt_auth/authenticable.rb +++ b/lib/azure_jwt_auth/authenticable.rb @@ -16,16 +16,16 @@ def authenticate! unauthorize! unless JwtManager.providers JwtManager.providers.each do |_uid, provider| - token = JwtManager.new(request, provider.uid) - - if token.valid? - @current_user = entity_from_token_payload(token.payload) - break + begin + token = JwtManager.new(request, provider.uid) + if token.valid? + @current_user = entity_from_token_payload(token.payload) + break + end + rescue => error + Rails.logger.info(error) if defined? Rails end - rescue => error - Rails.logger.info(error) if defined? Rails end - unauthorize! unless @current_user end diff --git a/lib/azure_jwt_auth/provider.rb b/lib/azure_jwt_auth/provider.rb index ec093a5..0ad847f 100644 --- a/lib/azure_jwt_auth/provider.rb +++ b/lib/azure_jwt_auth/provider.rb @@ -11,8 +11,15 @@ def initialize(uid, config_uri, validations={}) @config_uri = config_uri @validations = validations + http = Net::HTTP.new(URI(config_uri).host, URI(config_uri).port) + begin - @config = JSON.parse(Net::HTTP.get(URI(config_uri))) + uri = URI.parse(config_uri) + http = Net::HTTP.new(uri.host, uri.port) + http.use_ssl = true + request = Net::HTTP::Get.new(uri.request_uri) + response = http.request(request) + @config = JSON.parse(response.body) rescue JSON::ParserError raise InvalidProviderConfig, "config_uri response is not valid for provider: #{uid}" end @@ -22,7 +29,11 @@ def initialize(uid, config_uri, validations={}) def load_keys uri = URI(@config['jwks_uri']) - keys = JSON.parse(Net::HTTP.get(uri))['keys'] + http = Net::HTTP.new(uri.host, uri.port) + http.use_ssl = true + request = Net::HTTP::Get.new(uri.request_uri) + response = http.request(request) + keys = JSON.parse(response.body)['keys'] @keys = {} keys.each do |key|