joken icon indicating copy to clipboard operation
joken copied to clipboard
verified publisher icon joken-elixir

restrict unrecognized algorithm error to unknown algorithms

Open alecostard opened this issue 3 years ago • 0 comments

Hi! Did not know whether I should have opened an issue first, so feel free to close this if not applicable.

I've recently observed the following situation:

iex> Joken.Signer.create("HS256", nil, nil)

** (Joken.Error) Couldn't recognize the signer algorithm.

Possible values are:

["HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512", "Ed25519", "Ed25519ph", "Ed448", "Ed448ph"]

which is confusing since the "HS256" is the first one in the list of possible values. The cause seems to be that when the algorithm is one of the HSXXX and the secret is not binary the only clause that matches is the unrecognized algorithm one.

The changes in this PR ensures that an unrecognized algorithm error only happens if the algorithm is indeed unrecognized. The offending code now raises a FunctionClauseError.

I thought about adding a test for this but since I saw no test for other malformed inputs (such as create("HS256", "", nil) raising a BadMapError), I decided to leave it as it is.

Thanks for the library!

alecostard avatar Sep 14 '22 00:09 alecostard