From 741d35d793eab2a704c6be56c0fd9d15df520644 Mon Sep 17 00:00:00 2001
From: dan-j <5727701+dan-j@users.noreply.github.com>
Date: Sat, 17 Oct 2020 11:29:11 +0100
Subject: [PATCH] feat(GraphQL): add support for all RSA and HMAC algorithms
 supported by github.com/dgrijalva/jwt-go/v4

Signed-off-by: dan-j <5727701+dan-j@users.noreply.github.com>
---
 graphql/authorization/auth.go | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/graphql/authorization/auth.go b/graphql/authorization/auth.go
index efb6bb28589..17ca96c7095 100644
--- a/graphql/authorization/auth.go
+++ b/graphql/authorization/auth.go
@@ -116,11 +116,15 @@ func Parse(schema string) (*AuthMeta, error) {
 
 	err := json.Unmarshal([]byte(authInfo[len(AuthMetaHeader):]), &meta)
 	if err == nil {
+		if err := meta.validate(); err != nil {
+			return nil, err
+		}
+
 		if algoErr := meta.initSigningMethod(); algoErr != nil {
 			return nil, algoErr
 		}
 
-		return &meta, meta.validate()
+		return &meta, nil
 	}
 
 	fmt.Println("Falling back to parsing `Dgraph.Authorization` in old format." +
@@ -508,6 +512,11 @@ func (a *AuthMeta) initSigningMethod() error {
 	a.Lock()
 	defer a.Unlock()
 
+	// configurations using JWK URLs do not use signing methods.
+	if a.jwkURL() != "" {
+		return nil
+	}
+
 	signingMethod, ok := supportedAlgorithms[a.Algo]
 	if !ok {
 		arr := make([]string, 0, len(supportedAlgorithms))