From 4be98b5aef8e84c4e65f65baed350b117c642d2d Mon Sep 17 00:00:00 2001
From: Evgeny Khramtsov <ekhramtsov@process-one.net>
Date: Fri, 19 Jul 2019 12:01:57 +0300
Subject: [PATCH] Log an error when JWT authentication is configured without
 jwt_key

---
 src/ejabberd_auth_jwt.erl | 9 ++++++++-
 src/ejabberd_option.erl   | 4 ++--
 src/ejabberd_options.erl  | 4 ++--
 3 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/src/ejabberd_auth_jwt.erl b/src/ejabberd_auth_jwt.erl
index 4d52b11d0..d80945628 100644
--- a/src/ejabberd_auth_jwt.erl
+++ b/src/ejabberd_auth_jwt.erl
@@ -39,7 +39,14 @@
 %%%----------------------------------------------------------------------
 %%% API
 %%%----------------------------------------------------------------------
-start(_Host) -> ok.
+start(Host) ->
+    case ejabberd_option:jwt_key(Host) of
+	undefined ->
+	    ?ERROR_MSG("Option jwt_key is not configured for ~s: "
+		       "JWT authentication won't work", [Host]);
+	_ ->
+	    ok
+    end.
 
 stop(_Host) -> ok.
 
diff --git a/src/ejabberd_option.erl b/src/ejabberd_option.erl
index 82a03491c..88f7ccbee 100644
--- a/src/ejabberd_option.erl
+++ b/src/ejabberd_option.erl
@@ -424,10 +424,10 @@ include_config_file() ->
 include_config_file(Host) ->
     ejabberd_config:get_option({include_config_file, Host}).
 
--spec jwt_key() -> jose_jwk:key().
+-spec jwt_key() -> jose_jwk:key() | 'undefined'.
 jwt_key() ->
     jwt_key(global).
--spec jwt_key(global | binary()) -> jose_jwk:key().
+-spec jwt_key(global | binary()) -> jose_jwk:key() | 'undefined'.
 jwt_key(Host) ->
     ejabberd_config:get_option({jwt_key, Host}).
 
diff --git a/src/ejabberd_options.erl b/src/ejabberd_options.erl
index 8ad077edb..e2250a333 100644
--- a/src/ejabberd_options.erl
+++ b/src/ejabberd_options.erl
@@ -428,7 +428,7 @@ opt_type(jwt_key) ->
 		    {shaper, #{atom() => ejabberd_shaper:shaper_rate()}} |
 		    {shaper_rules, [{atom(), [ejabberd_shaper:shaper_rule()]}]} |
 		    {api_permissions, [ejabberd_access_permissions:permission()]} |
-		    {jwt_key, jose_jwk:key()} |
+		    {jwt_key, jose_jwk:key() | undefined} |
 		    {append_host_config, [{binary(), any()}]} |
 		    {host_config, [{binary(), any()}]} |
 		    {define_macro, any()} |
@@ -635,7 +635,7 @@ options() ->
      {websocket_origin, []},
      {websocket_ping_interval, timer:seconds(60)},
      {websocket_timeout, timer:minutes(5)},
-     {jwt_key, <<"">>}].
+     {jwt_key, undefined}].
 
 -spec globals() -> [atom()].
 globals() ->