From b7e0fd86230dea2073e71a9f2f3b8155e94a84ec Mon Sep 17 00:00:00 2001
From: Alexandre Costard <acs@urutau.org>
Date: Sun, 20 Nov 2022 10:48:39 -0300
Subject: [PATCH] handle non binary hs key

---
 lib/joken/error.ex         | 7 +++++++
 lib/joken/signer.ex        | 3 +++
 test/joken_signer_test.exs | 6 ++++++
 3 files changed, 16 insertions(+)

diff --git a/lib/joken/error.ex b/lib/joken/error.ex
index 4eec42e..4bc1249 100644
--- a/lib/joken/error.ex
+++ b/lib/joken/error.ex
@@ -92,6 +92,13 @@ defmodule Joken.Error do
     See `Joken.Config.validate/2` for more information on Context
     """
 
+  def message(%__MODULE__{reason: :algorithm_needs_binary_key}),
+    do: """
+    Couldn't create a signer because key is not binary.
+
+    HMAC SHA algorithms need a binary key.
+    """
+
   def message(%__MODULE__{reason: :wrong_key_parameters}),
     do: """
     Couldn't create a signer because there are missing parameters.
diff --git a/lib/joken/signer.ex b/lib/joken/signer.ex
index 53fd37c..33be6c5 100644
--- a/lib/joken/signer.ex
+++ b/lib/joken/signer.ex
@@ -80,6 +80,9 @@ defmodule Joken.Signer do
     )
   end
 
+  def create(alg, _key, _headers) when alg in @hs_algorithms,
+    do: raise(Joken.Error, :algorithm_needs_binary_key)
+
   def create(alg, %{"pem" => pem}, headers) when alg in @map_key_algorithms do
     raw_create(
       alg,
diff --git a/test/joken_signer_test.exs b/test/joken_signer_test.exs
index 90537df..a762ab2 100644
--- a/test/joken_signer_test.exs
+++ b/test/joken_signer_test.exs
@@ -81,6 +81,12 @@ defmodule Joken.Signer.Test do
     end
   end
 
+  test "raise when key is invalid" do
+    assert_raise Error, Error.message(%Error{reason: :algorithm_needs_binary_key}), fn ->
+      Signer.create("HS256", %{})
+    end
+  end
+
   test "raise when parsing invalid algorithm from configuration" do
     assert_raise Error, Error.message(%Error{reason: :unrecognized_algorithm}), fn ->
       Signer.parse_config(:bad_algorithm)