I had some issues while trying to use JWKMatcher. I have a failing unit test at https://github.com/axtsnee/scala-jwk/blob/main/library/src/test/scala/com/chatwork/scala/jwk/JWKMatcherSpec.scala that illustrates the problem. If I create a JWKMatcher with a set of one ID, it's matches method will return true even for JWKs with different IDs.
The problem seems to be on lines 43-44 of JWKMatcher.scala.
else if (ids.nonEmpty && ids.exists(v => key.keyId.contains(v)))
Right(false)
v is of type String, and key.keyId is of type Option[com.chatwork.scala.jwk.KeyId]. Since a String can never be equal to a KeyId, key.keyId.contains(v) is always false, so this check is effectively always skipped. Maybe those lines should look more like this:
else if (hasId && ids.forall(v => !key.keyId.exists(_.value == v)))
Right(false)
Just looking at the JWKMatcher code, I see some other potential problems. For instance, if line 38 evaluates to true, matches returns true immediately, without making any of the checks on lines 41 - 58.
I had some issues while trying to use JWKMatcher. I have a failing unit test at https://github.com/axtsnee/scala-jwk/blob/main/library/src/test/scala/com/chatwork/scala/jwk/JWKMatcherSpec.scala that illustrates the problem. If I create a JWKMatcher with a set of one ID, it's
matchesmethod will return true even for JWKs with different IDs.The problem seems to be on lines 43-44 of JWKMatcher.scala.
vis of type String, andkey.keyIdis of type Option[com.chatwork.scala.jwk.KeyId]. Since a String can never be equal to a KeyId,key.keyId.contains(v)is always false, so this check is effectively always skipped. Maybe those lines should look more like this:Just looking at the JWKMatcher code, I see some other potential problems. For instance, if line 38 evaluates to true,
matchesreturns true immediately, without making any of the checks on lines 41 - 58.