From 333f170a30587915d97963f6c630819b17ed435a Mon Sep 17 00:00:00 2001
From: JianBo He <heeejianbo@gmail.com>
Date: Thu, 10 Mar 2022 13:30:25 +0800
Subject: [PATCH] fix(authn-jwt): accept the pem conntet to create jwk
 authenticator

---
 apps/emqx_authn/src/simple_authn/emqx_authn_jwt.erl | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_jwt.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_jwt.erl
index 931040379..ecbe599d7 100644
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_jwt.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_jwt.erl
@@ -215,7 +215,7 @@ create2(#{use_jwks := false,
           algorithm := 'public-key',
           certificate := Certificate,
           verify_claims := VerifyClaims}) ->
-    JWK = jose_jwk:from_pem_file(Certificate),
+    JWK = create_jwk_from_pem_or_file(Certificate),
     {ok, #{jwk => JWK,
            verify_claims => VerifyClaims}};
 
@@ -229,6 +229,16 @@ create2(#{use_jwks := true,
             {error, Reason}
     end.
 
+create_jwk_from_pem_or_file(CertfileOrFilePath)
+  when is_binary(CertfileOrFilePath);
+       is_list(CertfileOrFilePath) ->
+    case filelib:is_file(CertfileOrFilePath) of
+        true ->
+            jose_jwk:from_pem_file(CertfileOrFilePath);
+        false ->
+            jose_jwk:from_pem(iolist_to_binary(CertfileOrFilePath))
+    end.
+
 connector_opts(#{ssl := #{enable := Enable} = SSL} = Config) ->
     SSLOpts = case Enable of
                   true -> maps:without([enable], SSL);