From 907b27593c30016dc8cdcea16758162d61a7eede Mon Sep 17 00:00:00 2001
From: Frank Roth <Frank_Roth@swissre.com>
Date: Tue, 24 Sep 2019 10:01:37 +0200
Subject: [PATCH 1/8] added information

---
 lib/azure_jwt_auth/provider.rb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/azure_jwt_auth/provider.rb b/lib/azure_jwt_auth/provider.rb
index ec093a5..385f1f0 100644
--- a/lib/azure_jwt_auth/provider.rb
+++ b/lib/azure_jwt_auth/provider.rb
@@ -12,7 +12,8 @@ def initialize(uid, config_uri, validations={})
       @validations = validations
 
       begin
-        @config = JSON.parse(Net::HTTP.get(URI(config_uri)))
+	request = Net:HTTP::Get.new(URI(config_uri).request_uri)
+	@config = JSON.parse(http.request(request))
       rescue JSON::ParserError
         raise InvalidProviderConfig, "config_uri response is not valid for provider: #{uid}"
       end
@@ -22,7 +23,8 @@ def initialize(uid, config_uri, validations={})
 
     def load_keys
       uri = URI(@config['jwks_uri'])
-      keys = JSON.parse(Net::HTTP.get(uri))['keys']
+      request = Net:HTTP::Get.new(URI(uri).request_uri)
+      keys = JSON.parse(http.request(request))['keys']
 
       @keys = {}
       keys.each do |key|

From c654cc287d914a3a8ade4ecb5de7a8aad82ce0d3 Mon Sep 17 00:00:00 2001
From: Frank Roth <Frank_Roth@swissre.com>
Date: Tue, 24 Sep 2019 13:31:27 +0200
Subject: [PATCH 2/8] fixed typo

---
 lib/azure_jwt_auth/provider.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/azure_jwt_auth/provider.rb b/lib/azure_jwt_auth/provider.rb
index 385f1f0..9613498 100644
--- a/lib/azure_jwt_auth/provider.rb
+++ b/lib/azure_jwt_auth/provider.rb
@@ -12,7 +12,7 @@ def initialize(uid, config_uri, validations={})
       @validations = validations
 
       begin
-	request = Net:HTTP::Get.new(URI(config_uri).request_uri)
+	request = Net::HTTP::Get.new(URI(config_uri).request_uri)
 	@config = JSON.parse(http.request(request))
       rescue JSON::ParserError
         raise InvalidProviderConfig, "config_uri response is not valid for provider: #{uid}"
@@ -23,7 +23,7 @@ def initialize(uid, config_uri, validations={})
 
     def load_keys
       uri = URI(@config['jwks_uri'])
-      request = Net:HTTP::Get.new(URI(uri).request_uri)
+      request = Net::HTTP::Get.new(URI(uri).request_uri)
       keys = JSON.parse(http.request(request))['keys']
 
       @keys = {}

From 38a5bb68e75012757e97f0a95d71c9df0a47bc69 Mon Sep 17 00:00:00 2001
From: Frank Roth <Frank_Roth@swissre.com>
Date: Tue, 24 Sep 2019 21:36:33 +0200
Subject: [PATCH 3/8] switch to https

---
 lib/azure_jwt_auth/provider.rb | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/lib/azure_jwt_auth/provider.rb b/lib/azure_jwt_auth/provider.rb
index 9613498..2fbe6c7 100644
--- a/lib/azure_jwt_auth/provider.rb
+++ b/lib/azure_jwt_auth/provider.rb
@@ -1,4 +1,4 @@
-require 'net/http'
+require 'net/https'
 require 'rsa_pem'
 
 module AzureJwtAuth
@@ -11,9 +11,15 @@ def initialize(uid, config_uri, validations={})
       @config_uri = config_uri
       @validations = validations
 
+      http = Net::HTTP.new(URI(config_uri).host, URI(config_uri).port)
+
       begin
-	request = Net::HTTP::Get.new(URI(config_uri).request_uri)
-	@config = JSON.parse(http.request(request))
+	uri = URI.parse(config_uri)
+	http = Net::HTTP.new(uri.host, uri.port)
+	http.use_ssl = true
+	request = Net::HTTP::Get.new(uri.request_uri)
+	response = http.request(request)
+	@config = JSON.parse(response.body)
       rescue JSON::ParserError
         raise InvalidProviderConfig, "config_uri response is not valid for provider: #{uid}"
       end
@@ -23,8 +29,11 @@ def initialize(uid, config_uri, validations={})
 
     def load_keys
       uri = URI(@config['jwks_uri'])
-      request = Net::HTTP::Get.new(URI(uri).request_uri)
-      keys = JSON.parse(http.request(request))['keys']
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = true
+      request = Net::HTTP::Get.new(uri.request_uri)
+      response = http.request(request)
+      keys = JSON.parse(response.body)['keys']
 
       @keys = {}
       keys.each do |key|

From 717448ff70b38a24be8fedf9a92c69ea941cf286 Mon Sep 17 00:00:00 2001
From: Frank Roth <Frank_Roth@swissre.com>
Date: Tue, 24 Sep 2019 23:46:31 +0200
Subject: [PATCH 4/8] changed spec

---
 Gemfile.lock           | 2 +-
 azure_jwt_auth.gemspec | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index f395b35..59a5cdf 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -16,7 +16,7 @@ GEM
       safe_yaml (~> 1.0.0)
     diff-lcs (1.3)
     hashdiff (0.3.7)
-    jwt (1.5.6)
+    jwt (2.2.1)
     public_suffix (3.0.2)
     rack (2.0.4)
     rake (12.3.1)
diff --git a/azure_jwt_auth.gemspec b/azure_jwt_auth.gemspec
index 6e4dd84..508d063 100644
--- a/azure_jwt_auth.gemspec
+++ b/azure_jwt_auth.gemspec
@@ -17,6 +17,6 @@ Gem::Specification.new do |s|
   s.files = Dir['{app,config,db,lib}/**/*', 'MIT-LICENSE', 'Rakefile', 'README.md']
 
   s.add_dependency 'bcrypt',                '~> 3.1'
-  s.add_dependency 'jwt',                   '~> 1.5'
+  s.add_dependency 'jwt',                   '~> 2.2'
   s.add_dependency 'rsa-pem-from-mod-exp',  '~> 0.1'
 end

From 6718cf9f753ca20764f2a1a439955136ce2123db Mon Sep 17 00:00:00 2001
From: Frank Roth <Frank_Roth@swissre.com>
Date: Thu, 26 Sep 2019 16:49:39 +0200
Subject: [PATCH 5/8] fixed rescue

---
 lib/azure_jwt_auth/authenticable.rb | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/lib/azure_jwt_auth/authenticable.rb b/lib/azure_jwt_auth/authenticable.rb
index a6bc04d..563e443 100644
--- a/lib/azure_jwt_auth/authenticable.rb
+++ b/lib/azure_jwt_auth/authenticable.rb
@@ -4,6 +4,7 @@ module AzureJwtAuth
   AzureJwtAuth::NotAuthorized = Class.new(StandardError)
 
   module Authenticable
+
     def current_user
       @current_user
     end
@@ -16,16 +17,16 @@ def authenticate!
       unauthorize! unless JwtManager.providers
 
       JwtManager.providers.each do |_uid, provider|
-        token = JwtManager.new(request, provider.uid)
-
-        if token.valid?
-          @current_user = entity_from_token_payload(token.payload)
-          break
+	begin
+          token = JwtManager.new(request, provider.uid)
+          if token.valid?
+            @current_user = entity_from_token_payload(token.payload)
+            break
+          end
+	rescue => error
+	  Rails.logger.info(error) if defined? Rails
         end
-      rescue => error
-        Rails.logger.info(error) if defined? Rails
       end
-
       unauthorize! unless @current_user
     end
 

From 918f9c40e28b66aec5620504f4cd1b18386fee8a Mon Sep 17 00:00:00 2001
From: Frank Roth <Frank_Roth@swissre.com>
Date: Thu, 26 Sep 2019 16:52:46 +0200
Subject: [PATCH 6/8] fixed rescure

---
 Gemfile.lock           | 2 +-
 azure_jwt_auth.gemspec | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 59a5cdf..f395b35 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -16,7 +16,7 @@ GEM
       safe_yaml (~> 1.0.0)
     diff-lcs (1.3)
     hashdiff (0.3.7)
-    jwt (2.2.1)
+    jwt (1.5.6)
     public_suffix (3.0.2)
     rack (2.0.4)
     rake (12.3.1)
diff --git a/azure_jwt_auth.gemspec b/azure_jwt_auth.gemspec
index 508d063..6e4dd84 100644
--- a/azure_jwt_auth.gemspec
+++ b/azure_jwt_auth.gemspec
@@ -17,6 +17,6 @@ Gem::Specification.new do |s|
   s.files = Dir['{app,config,db,lib}/**/*', 'MIT-LICENSE', 'Rakefile', 'README.md']
 
   s.add_dependency 'bcrypt',                '~> 3.1'
-  s.add_dependency 'jwt',                   '~> 2.2'
+  s.add_dependency 'jwt',                   '~> 1.5'
   s.add_dependency 'rsa-pem-from-mod-exp',  '~> 0.1'
 end

From cbbe8432585ceea0030a72c97edd7826232019cd Mon Sep 17 00:00:00 2001
From: Frank Roth <Frank_Roth@swissre.com>
Date: Thu, 10 Oct 2019 11:07:03 +0200
Subject: [PATCH 7/8] removed https as it also works with http

---
 lib/azure_jwt_auth/provider.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/azure_jwt_auth/provider.rb b/lib/azure_jwt_auth/provider.rb
index 2fbe6c7..0ad847f 100644
--- a/lib/azure_jwt_auth/provider.rb
+++ b/lib/azure_jwt_auth/provider.rb
@@ -1,4 +1,4 @@
-require 'net/https'
+require 'net/http'
 require 'rsa_pem'
 
 module AzureJwtAuth

From 6e178804728932eb47452c09901f80ec1d112e8c Mon Sep 17 00:00:00 2001
From: Frank Roth <Frank_Roth@swissre.com>
Date: Thu, 10 Oct 2019 11:12:51 +0200
Subject: [PATCH 8/8] add changes

---
 lib/azure_jwt_auth/authenticable.rb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lib/azure_jwt_auth/authenticable.rb b/lib/azure_jwt_auth/authenticable.rb
index 563e443..3a2d29e 100644
--- a/lib/azure_jwt_auth/authenticable.rb
+++ b/lib/azure_jwt_auth/authenticable.rb
@@ -4,7 +4,6 @@ module AzureJwtAuth
   AzureJwtAuth::NotAuthorized = Class.new(StandardError)
 
   module Authenticable
-
     def current_user
       @current_user
     end