Merge pull request #35 from agilezebra/34-log-output-of-plugin-only-showing-3-jwks-entries-even-when-jkws-endpoint-has-more-than-3-entries

strip padding; add error messages for bad decoding

Author: agilezebra

README.md

@@ -19,15 +19,15 @@ experimental:
   plugins:
     jwt:
       moduleName: github.com/agilezebra/jwt-middleware
-      version: v1.2.6
+      version: v1.2.7
 ```
 1b. or with command-line options:
 
 ```yaml
 command:
   ...
   - "--experimental.plugins.jwt.modulename=github.com/agilezebra/jwt-middleware"
-  - "--experimental.plugins.jwt.version=v1.2.6"
+  - "--experimental.plugins.jwt.version=v1.2.7"
 ```
 
 2) Configure and activate the plugin as a middleware in your dynamic traefik config:

jwks.go

@@ -10,8 +10,10 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
+	"log"
 	"math/big"
 	"net/http"
+	"strings"
 )
 
 // JSONWebKey is a JSON web key returned by the JWKS request.
@@ -63,12 +65,14 @@ func FetchJWKS(url string, client *http.Client) (map[string]interface{}, error)
 		switch jwk.Kty {
 		case "RSA":
 			{
-				nBytes, err := base64.RawURLEncoding.DecodeString(jwk.N)
+				nBytes, err := base64.RawURLEncoding.DecodeString(strings.TrimRight(jwk.N, "="))
 				if err != nil {
+					log.Printf("error decoding N: %v for kid: %v", err, jwk.Kid)
 					break
 				}
-				eBytes, err := base64.RawURLEncoding.DecodeString(jwk.E)
+				eBytes, err := base64.RawURLEncoding.DecodeString(strings.TrimRight(jwk.E, "="))
 				if err != nil {
+					log.Printf("error decoding E: %v for kid: %v", err, jwk.Kid)
 					break
 				}
 				keys[jwk.Kid] = &rsa.PublicKey{