fix JWK endpoints returning empty keys#4662
Closed
olamilekan000 wants to merge 1 commit into
Closed
Conversation
Author
|
@sweatybridge kindly review. Thanks |
olamilekan000
force-pushed
the
fix-jwk-endpoint-returning-empty-keys
branch
2 times, most recently
from
6e88d0e to
159381e
Compare
Pull Request Test Coverage Report for Build 20494065924Warning: This coverage report may be inaccurate.This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.
Details
💛 - Coveralls |
olamilekan000
force-pushed
the
fix-jwk-endpoint-returning-empty-keys
branch
from
159381e to
b8cad1c
Compare
sweatybridge
requested changes
Jan 7, 2026
| return errors.Errorf("failed to read signing keys: %w", err) | ||
| } else if c.Auth.SigningKeys, err = fetcher.ParseJSON[[]JWK](f); err != nil { | ||
| return errors.Errorf("failed to decode signing keys: %w", err) | ||
| if err := c.loadSigningKeys(fsys); err != nil { |
Contributor
There was a problem hiding this comment.
this refactor is unnecessary because ParseJSON closes the reader automatically
|
|
||
| func Run(ctx context.Context, fsys afero.Fs, interactive bool, params utils.InitParams) error { | ||
| // 1. Write `config.toml`. | ||
| // 1. Generate default signing key if it doesn't exist. |
Contributor
There was a problem hiding this comment.
Since supabase init is no longer a prerequisite for supabase start, we cannot assume users will always run init before start. Let's handle signing key generation as part of config loading instead.
Author
|
@sweatybridge just to confirm, this PR isn't necessary anymore with the recent merge right? |
Contributor
|
Yea it's no longer needed but thanks for picking up this issue anyway! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What kind of change does this PR introduce?
Bug fix
What is the current behavior?
The JWKS endpoint (
/auth/v1/.well-known/jwks.json) returns an empty keys array ({"keys": []})for local Supabase instances because signing keys are not automatically generated during supabase init. Users must manually generate signing keys using supabase gen signingkeys and configuresigning_keys_pathinconfig.toml.Issue: #4614
What is the new behavior?
Additional context
Add any other context or screenshots.
