From 61f4394d50b28e43267f335e1acf1360cb041efd Mon Sep 17 00:00:00 2001
From: Sara Golemon <sara.golemon@mongodb.com>
Date: Thu, 8 Dec 2022 10:06:45 -0600
Subject: SERVER-70702 Improve JWKManager APIs

---
 src/mongo/crypto/jwk_manager.cpp | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

(limited to 'src/mongo/crypto/jwk_manager.cpp')

diff --git a/src/mongo/crypto/jwk_manager.cpp b/src/mongo/crypto/jwk_manager.cpp
index 71e2619f33e..29ee470517d 100644
--- a/src/mongo/crypto/jwk_manager.cpp
+++ b/src/mongo/crypto/jwk_manager.cpp
@@ -32,6 +32,7 @@
 #include "mongo/bson/json.h"
 #include "mongo/crypto/jws_validator.h"
 #include "mongo/crypto/jwt_types_gen.h"
+#include "mongo/db/commands/test_commands_enabled.h"
 #include "mongo/logv2/log.h"
 #include "mongo/util/base64.h"
 #include "mongo/util/net/http_client.h"
@@ -58,8 +59,9 @@ StringData reduceInt(StringData value) {
 JWKManager::JWKManager(StringData source) : _keyURI(source) {
     auto httpClient = HttpClient::createWithoutConnectionPool();
     httpClient->setHeaders({"Accept: */*"});
+    httpClient->allowInsecureHTTP(getTestCommandsEnabled());
 
-    DataBuilder getJWKs = httpClient->get(source);
+    auto getJWKs = httpClient->get(source);
 
     ConstDataRange cdr = getJWKs.getCursor();
     StringData str;
@@ -73,11 +75,11 @@ JWKManager::JWKManager(BSONObj keys) {
     _setAndValidateKeys(keys);
 }
 
-const BSONObj& JWKManager::getKey(StringData keyId) const {
+StatusWith<BSONObj> JWKManager::getKey(StringData keyId) const {
     auto it = _keyMaterial.find(keyId.toString());
-    uassert(ErrorCodes::NoSuchKey,
-            str::stream() << "Unknown key '" << keyId << "'",
-            it != _keyMaterial.end());
+    if (it == _keyMaterial.end()) {
+        return {ErrorCodes::NoSuchKey, str::stream() << "Unknown key '" << keyId << "'"};
+    }
     return it->second;
 }
 
@@ -132,7 +134,17 @@ void JWKManager::_setAndValidateKeys(const BSONObj& keys) {
         SharedValidator shValidator = std::move(swValidator.getValue());
 
         _validators->insert({keyId, shValidator});
+        LOGV2_DEBUG(7070202, 3, "Loaded JWK key", "kid"_attr = keyId, "typ"_attr = JWK.getType());
     }
 }
 
+std::vector<std::string> JWKManager::getKeyIds() const {
+    std::vector<std::string> ids;
+    std::transform(_validators->cbegin(),
+                   _validators->cend(),
+                   std::back_inserter(ids),
+                   [](const auto& it) { return it.first; });
+    return ids;
+}
+
 }  // namespace mongo::crypto
-- 
cgit v1.2.1