Fix PostgREST#1016

CHANGELOG.md

@@ -25,6 +25,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 - #974, Fix RPC error when function has single OUT param - @steve-chavez
 - #1021, Reduce join size in allColumns for faster program start - @nextstopsun
 - #411, Remove the need for pk in &select for parent embed - @steve-chavez
+- #1016, Fix anonymous requests when configured with jwt-aud - @ruslantalpa
 
 ## [0.4.3.0] - 2017-09-06
 

src/PostgREST/Auth.hs

@@ -39,7 +39,7 @@ data JWTAttempt = JWTInvalid JWTError
   of JWT claims.
 -}
 jwtClaims :: Maybe JWK -> Maybe StringOrURI -> LByteString  -> IO JWTAttempt
-jwtClaims _ Nothing "" = return $ JWTClaims M.empty
+jwtClaims _ _ "" = return $ JWTClaims M.empty
 jwtClaims secret audience payload =
   case secret of
     Nothing -> return JWTMissingSecret

src/PostgREST/Config.hs

@@ -151,6 +151,7 @@ readOptions = do
         Nothing -> pure Nothing -- no audience in config file
         Just aud -> case preview stringOrUri (aud :: String) of
           Nothing -> fail "Invalid Jwt audience. Check your configuration."
+          (Just "") -> pure Nothing
           aud' -> pure aud'
 
     coerceInt :: (Read i, Integral i) => Value -> Maybe i

test/Feature/AudienceJwtSecretSpec.hs

@@ -41,4 +41,7 @@ spec = describe "test handling of aud claims in JWT" $ do
     -}
     let auth = authHeaderJWT "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjk5OTk5OTk5OTksInJvbGUiOiJwb3N0Z3Jlc3RfdGVzdF9hdXRob3IiLCJpZCI6Impkb2UifQ.Dpss-QoLYjec5OTsOaAc3FNVsSjA89wACoV-0ra3ClA"
     request methodGet "/authors_only" [auth] ""
-      `shouldRespondWith` 200
+      `shouldRespondWith` 200
+
+  it "requests without JWT token should work" $
+    get "/has_count_column" `shouldRespondWith` 200