fix: prevent panic when signing keys (#4812)

sweatybridge · web-flow · commit 9b211642fc02 · 2026-02-07T17:01:43.000+08:00
diff --git a/pkg/config/apikeys.go b/pkg/config/apikeys.go
@@ -74,7 +74,7 @@ func (a *auth) generateAPIKeys() error {
 
 func (a auth) generateJWT(role string) (string, error) {
 	claims := CustomClaims{Issuer: "supabase-demo", Role: role}
-	if len(a.SigningKeysPath) > 0 {
+	if len(a.SigningKeysPath) > 0 && len(a.SigningKeys) > 0 {
 		claims.ExpiresAt = jwt.NewNumericDate(time.Now().Add(time.Hour * 24 * 365 * 10)) // 10 years
 		return GenerateAsymmetricJWT(a.SigningKeys[0], claims)
 	}

Original file line number	Diff line number	Diff line change
`@@ -74,7 +74,7 @@ func (a *auth) generateAPIKeys() error {`
`74`	`74`
`75`	`75`	`func (a auth) generateJWT(role string) (string, error) {`
`76`	`76`	`claims := CustomClaims{Issuer: "supabase-demo", Role: role}`
`77`		`- if len(a.SigningKeysPath) > 0 {`
	`77`	`+ if len(a.SigningKeysPath) > 0 && len(a.SigningKeys) > 0 {`
`78`	`78`	`claims.ExpiresAt = jwt.NewNumericDate(time.Now().Add(time.Hour * 24 * 365 * 10)) // 10 years`
`79`	`79`	`return GenerateAsymmetricJWT(a.SigningKeys[0], claims)`
`80`	`80`	`}`